Skip to main content
Host Based Authentication (HBA)
Cerebro Support avatar
Written by Cerebro Support
Updated over a week ago

HBA is another way to restrict undesirable access to Cargador facilities.

HBA is a list of entries. Each entry has the following format:

<host>
    <from type="ipmask" /> — IP mask of the form <B1.B2.B3.B4/masked>
    <access type="string"> — access type. Possible values are
        deny, plain, ssl, any (*)
</host>
  • If HBA list is empty, access will be implicitly granted;

  • When HBA list is not empty, IP address of incoming peer will be consecutively compared to the mask set in from field. If IP address matches connection will be either accepted or denied based on access parameter;

  • If IP address does not match any HBA entries, access will be implicitly denied.

Did this answer your question?