Fonte: http://www.postgresql.org/docs/9.3/static/auth-pg-hba-conf.html
auth-method: Specifies the authentication method to use when a connection matches this record. The possible choices are summarized here;
trust: Allow the connection unconditionally. This method allows anyone that can connect to the PostgreSQL database server to login as any PostgreSQL user they wish, without the need for a password or any other authentication.
reject: Reject the connection unconditionally. This is useful for "filtering out" certain hosts from a group, for example a reject line could block a specific host from connecting, while a later line allows the remaining hosts in a specific network to connect.
md5: Require the client to supply an MD5-encrypted password for authentication.
password: Require the client to supply an unencrypted password for authentication. Since the password is sent in clear text over the network, this should not be used on untrusted networks.
gss: Use GSSAPI to authenticate the user. This is only available for TCP/IP connections.
sspi: Use SSPI to authenticate the user. This is only available on Windows.
krb5: Use Kerberos V5 to authenticate the user. This is only available for TCP/IP connections.
ident: Obtain the operating system user name of the client by contacting the ident server on the client and check if it matches the requested database user name. Ident authentication can only be used on TCP/IP connections. When specified for local connections, peer authentication will be used instead.
peer: Obtain the client's operating system user name from the operating system and check if it matches the requested database user name. This is only available for local connections.
ldap: Authenticate using an LDAP server.
radius: Authenticate using a RADIUS server.
cert: Authenticate using SSL client certificates.
pam: Authenticate using the Pluggable Authentication Modules (PAM) service provided by the operating system.