un-crackable encryption? There is such a thing?
rot13 is certainly easily crackable.
On Apr 26, 2016, at 1:43 PM, Mladen Gogala <gogala.mladen@xxxxxxxxx> wrote:
Another trick would be to store password using un-crackable encryption, like
rot13, and decrypt the password within the script.
On 4/26/2016 4:01 PM, Gus Spier wrote:
In the Bad Old Days, the workaround was to store the plain text password as
the only contents of a file that owned only by root with permissions set to
000. When the password was needed, su - to root, chmod the file to 400, read
the contents of the file into a local variable. Then reset the permissions
on root's file back to 000.
Use the value of that local variable to accomplish work and then set the
value of the variable to NULL.
It wasn't perfect. It was torturous, but it seemed to keep us out of
trouble. The value was vulnerable for a limited time, under the supervision
of someone who was trustworthy enough to have root password.
Regards,
Gus
On Tue, Apr 26, 2016 at 12:52 PM, Mladen Gogala <gogala.mladen@xxxxxxxxx
<mailto:gogala.mladen@xxxxxxxxx>> wrote:
On 04/26/2016 12:48 PM, Shastry(DBA) wrote:
Hi Gurus,
We have automated cloning tool which runs mainly as shell script. Our
passwords are stored on a file which is required while cloning is in
progress, the logic is to have both PROD and NONPROD credentials are stored
in the flat file which will be read by the shell script. I want to know if
there is a way to decrypt and encrypt back again once the clone process is
done or is there is a better way to manage the script in storing passwords?
Kindly share your advice.
Thanks,
Shankar
You can use wallets. Wallet will enable you to do sqlplus /@tnsdesc as
sysdba, as long as you have the proper certificate installed on the server.
Oracle has actually done an excellent thing with wallets: they are secure,
convenient and easy to use.
Regards
--
Mladen Gogala
Oracle DBA
http://mgogala.freehostia.com ;<http://mgogala.freehostia.com/>
--
//www.freelists.org/webpage/oracle-l ;
<//www.freelists.org/webpage/oracle-l>
--
--
Mladen Gogala
Oracle Consultant
http://mgogala.freehostia.com ;<http://mgogala.freehostia.com/>
DISCLAIMER: I am solely responsible for any opinion expressed in this email