On Thu, Dec 1, 2022 at 11:36 AM Rizwan Shaukat <rizwan.shaukat@xxxxxxxxxxx> wrote:
we hv requiremnt from security to secure pg_hba.conf file was encryption or password protected on server to protect ip visibilty because these server access by application n thy can amend as well. how we can achive it pls
You cannot with the present implementation of the system - pg_hba.conf is read by the PostgreSQL process as a file. I do not think the server is prepared for that file to be some kind of program whose stdout is the contents and you could arrange for that program to do whatever it is you'd like.
That said, it isn't clear to me what you mean by "these server access by application n thy can amend as well". You are welcome to make the file read-only except by root if amending it is a concern. I don't understand what exposure knowing ip addresses gives - I suppose knowledge is helpful but security by obscurity isn't real security.
David J.
