I don't know how others do it, but I use a password server. Usernames/passwords are kept in an encrypted file. The server sends the passwords out encrypted via RC5. The passwords for authenticating to the server are alas, stored in plain text. I have not yet been sufficiently motivated ( auditors have not complained ) about changing that bit. Probably would not be too difficult to convert to using SSH keys. Details may be found in "Perl for Oracle DBA's". What, you think I would write that in Python? ;) Jared On 5/13/05, Hemant K Chitale <hkchital@xxxxxxxxxxxxxx> wrote: > > > How do you run CRON jobs {Online Backups, DB Monitoring} on Database > Servers > when IT Security / SOX requirements state that > a) No userid-password pairs are to be kept in plain-text in any files > b) connect / as sysdba is not to be used > > I can handle a) with CRON jobs running under the "oracle" account with > "connect / as sysdba" > at the beginning of SQL scripts. I can handle b) if I hard code a > userid/password with the > appropriate privileges. How do I handle both requirements ? > > > > Hemant K Chitale > http://web.singnet.com.sg/~hkchital > > > -- > //www.freelists.org/webpage/oracle-l > -- Jared Still Certifiable Oracle DBA and Part Time Perl Evangelist -- //www.freelists.org/webpage/oracle-l