How to Install and Secure PostgreSQL Server on RockyLinux 10

PostgreSQL is a popular open-source relational database management system. Known for its reliability, it is gaining popularity due to its robustness, flexibility, and performance. PostgreSQL is used for managing databases and numerous web and analytical applications. At the time of writing this article, PostgreSQL 18 is the latest version. This version comes with significant improvements to the indexing and lookup system that benefit large databases.

In this post, we will show you how to install and secure PostgreSQL on Rocky Linux 10.

Step 1 – Add PostgreSQL 18 Repository

By default, the latest version of PostgreSQL is not included in the Rocky Linux default repository. You can check the default available version in the AppStream repository using the following command:

dnf install https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm

Once the repo is created, you can proceed to the next step.

Step 2 – Install PostgreSQL 18 on Rocky Linux 10

Now, update your repository using the following command:

dnf update -y

Next, install the latest version of PostgreSQL by running the following command:

dnf install postgresql18 postgresql18-server

Once PostgreSQL 18 is installed, you will get the following output:

Last metadata expiration check: 0:38:45 ago on Sun 19 Oct 2025 12:53:52 AM EDT.
Dependencies resolved.
========================================================================================================================================================================================
 Package                                            Architecture                          Version                                           Repository                             Size
========================================================================================================================================================================================
Installing:
 postgresql18                                       x86_64                                18.0-1PGDG.rhel10                                 pgdg18                                2.0 M
 postgresql18-server                                x86_64                                18.0-1PGDG.rhel10                                 pgdg18                                7.3 M
Installing dependencies:
 postgresql18-libs                                  x86_64                                18.0-1PGDG.rhel10                                 pgdg18                                296 k

Transaction Summary
========================================================================================================================================================================================
Install  3 Packages

Total download size: 7.4 M
Installed size: 31 M
Is this ok [y/N]: y

Next, initialize the PostgreSQL database with the following command:

/usr/pgsql-18/bin/postgresql-18-setup initdb

Sample output:

Initializing database ... OK

Next, start the PostgreSQL service and enable it to start at system reboot with the following command:

systemctl start postgresql-18
systemctl enable postgresql-18

You can check the status of PostgreSQL with the following command:

systemctl status postgresql-18

You should get the following output:

● postgresql-18.service - PostgreSQL 18 database server
     Loaded: loaded (/usr/lib/systemd/system/postgresql-18.service; disabled; preset: disabled)
     Active: active (running) since Sun 2025-10-19 01:33:48 EDT; 1s ago
 Invocation: ef82fd9873da4303b7454ffcf40b2226
       Docs: https://www.postgresql.org/docs/18/static/
    Process: 12263 ExecStartPre=/usr/pgsql-18/bin/postgresql-18-check-db-dir ${PGDATA} (code=exited, status=0/SUCCESS)
   Main PID: 12270 (postgres)
      Tasks: 10 (limit: 24809)
     Memory: 21.9M (peak: 22.1M)
        CPU: 62ms
     CGroup: /system.slice/postgresql-18.service
             ├─12270 /usr/pgsql-18/bin/postgres -D /var/lib/pgsql/18/data/
             ├─12271 "postgres: logger "
             ├─12272 "postgres: io worker 0"
             ├─12273 "postgres: io worker 2"
             ├─12274 "postgres: io worker 1"
             ├─12275 "postgres: checkpointer "
             ├─12276 "postgres: background writer "
             ├─12278 "postgres: walwriter "
             ├─12279 "postgres: autovacuum launcher "
             └─12280 "postgres: logical replication launcher " 

By default, PostgreSQL listens on port 5432. You can check it with the following command:

ss -antpl | grep 5432

You will get the following output:

LISTEN 0      128        127.0.0.1:5432       0.0.0.0:*    users:(("postmaster",pid=36417,fd=7))
LISTEN 0      128            [::1]:5432          [::]:*    users:(("postmaster",pid=36417,fd=6))

Step 3 – Set a Password for Postgres User

By default, the password of the Postgres user is not set, so it is recommended to set a password for security reasons.

To set a password, log in to PostgreSQL with the following command:

su - postgres

Next, set a secure password with the following command:

psql -c "alter user postgres with password 'securepassword'"

Next, exit from the PostgreSQL shell using the following command:

exit

Step 4 – Change PostgreSQL Authentication Method

By default, PostgreSQL is configured to use the peer method to connect to PostgreSQL locally. but this method is not recommended for the production environment. It is recommended to change the authentication method from peer to scram-sha-256.

You can change it by editing the PostgreSQL main configuration file:

nano /var/lib/pgsql/18/data/pg_hba.conf

Find the following line:

local   all             all                                     peer

And, replace it with the following line:

local   all             all                                     scram-sha-256

Save and close the file, then restart the PostgreSQL service to apply the changes.

systemctl restart postgresql-18

Step 5 – Create a Database and User in PostgreSQL

First, log in to the PostgreSQL shell with the following command:

sudo -u postgres psql

You will get the following output:

could not change directory to "/root": Permission denied
psql (18.4)
Type "help" for help.

postgres=# 

Next, create a new PostgreSQL user named user1 using the following command:

CREATE USER user1 WITH CREATEDB CREATEROLE PASSWORD 'passoword';

To verify the PostgreSQL users, run:

\du

You will get the following output:

                                   List of roles
 Role name |                         Attributes                         | Member of 
-----------+------------------------------------------------------------+-----------
 postgres  | Superuser, Create role, Create DB, Replication, Bypass RLS | {}
 user1     | Create role, Create DB                                     | {}

To create a new PostgreSQL database named user1db, run:

CREATE DATABASE user1db OWNER user1;

To verify the PostgreSQL databases, run:

\l

You will get the following output:

                                  List of databases
   Name    |  Owner   | Encoding |   Collate   |    Ctype    |   Access privileges   
-----------+----------+----------+-------------+-------------+-----------------------
 postgres  | postgres | UTF8     | en_US.UTF-8 | en_US.UTF-8 | 
 template0 | postgres | UTF8     | en_US.UTF-8 | en_US.UTF-8 | =c/postgres          +
           |          |          |             |             | postgres=CTc/postgres
 template1 | postgres | UTF8     | en_US.UTF-8 | en_US.UTF-8 | =c/postgres          +
           |          |          |             |             | postgres=CTc/postgres
 user1db   | user1    | UTF8     | en_US.UTF-8 | en_US.UTF-8 | 

Conclusion

Congratulations! You have successfully installed and secured PostgreSQL on Rocky Linux 10. For security reasons, it is always recommended to install the latest version of PostgreSQL in the production environment. Give it a try on VPS hosting from Atlantic.Net!