Postgresql – Disable / bypass authentication in PostgreSQL

authenticationpostgresql

I need to run benchmarks (pgbench) in different environments on different versions of PostgreSQL. Authentication works inconsistently and is a generally huge headache / adds a lot of fragile workarounds around the code that has no reason to care about access to the database.

Is there any way I could do something similar to MySQL:

update user set authentication_string=password(''),
    plugin='mysql_native_password'
    where user='root';

and be done with it forever?

I would also be interested in being able to run the database and utilities as super-user (root). Again, I have no interest in all the security dance, there's nothing to protect, but the price for authentication is too high (weeks of work in order to make scripts work reliably, while they aren't even the main focus of my work).

Best Answer

Normally, the entries in the pg_hba.conf file demand a password from the client.

But if you change the authentication method (in the last column) from the usual password/md5/scram-sha-256 to trust, then

PostgreSQL assumes that anyone who can connect to the server is authorized to access the database with whatever database user name they specify (even superuser names).

... and does not even ask for a password.

Of course, restrictions made in the database and user columns still apply. This method should only be used when there is adequate operating-system-level protection on connections to the server.
[…]
trust authentication is appropriate and very convenient for local connections on a single-user workstation. […] It is seldom reasonable to use trust for any TCP/IP connections other than those from localhost (127.0.0.1).

Best Answer

Related Solutions

Postgresql – postgres and passwordless authentication

PostgreSQL – using password/md5 authentication with empty password

Related Question