[Solved] You want to enforce SCRAM authentication only for users connecting from the local network (192.168.0.... Which two lines in pg_hba.conf achieve this correctly? | PostgreSQL

PostgreSQL - Roles and Security

You want to enforce SCRAM authentication only for users connecting from the local network (192.168.0.0/16) and allow password authentication (md5) for others. Which two lines in pg_hba.conf achieve this correctly?

Ahost all all 192.168.0.0/16 scram-sha-256 host all all 0.0.0.0/0 md5

Bhost all all 0.0.0.0/0 scram-sha-256 host all all 192.168.0.0/16 md5

Chost all all 192.168.0.0/16 md5 host all all 0.0.0.0/0 scram-sha-256

Dhost all all 0.0.0.0/0 trust host all all 192.168.0.0/16 scram-sha-256

Step-by-Step Solution

Solution:

Step 1: Understand pg_hba.conf line order and matching
PostgreSQL checks lines top to bottom and uses the first matching rule.
Step 2: Set SCRAM for local network first, then md5 for others
Line 1: local network with scram-sha-256; Line 2: all others with md5.
Final Answer:
host all all 192.168.0.0/16 scram-sha-256 host all all 0.0.0.0/0 md5 -> Option A
Quick Check:
Specific local network first, then general others [OK]

Quick Trick: Put specific IP range first, general last in pg_hba.conf [OK]

Common Mistakes:

Reversing line order causing wrong method to apply
Using 'trust' which disables password
Assigning md5 to local network instead of SCRAM

Master "Roles and Security" in PostgreSQL

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Visual Try Challenge Project Recall Time

Which two lines in pg_hba.conf achieve this correctly?

Step 1: Understand pg_hba.conf line order and matching

Step 2: Set SCRAM for local network first, then md5 for others

Final Answer:

Quick Check:

Want More Practice?