RE: Passwords in Scripts

• From: <Joel.Patterson@xxxxxxxxxxx>
• To: <fmhabash@xxxxxxxxx>, <ian@xxxxxxxxxxxxxxxxx>
• Date: Wed, 20 Jun 2007 13:45:10 -0400

I do basically the same thing, my korn-shell scripts will call another
script that gets and returns the password from a particular file.

What is missing however is encryption which I have no experience with.
Is there a way you could pass along how you encrypt/decrypt your
file.... tools, code, books, examples... etc. to get me going.

It isn't a big hurry now because presently practically every script I
presently have can log in as / as sysdba, but there are a couple still
out there.




Joel Patterson
Database Administrator
joel.patterson@xxxxxxxxxxx
x72546
904  727-2546

-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of fmhabash
Sent: Wednesday, June 20, 2007 12:46 PM
To: ian@xxxxxxxxxxxxxxxxx
Cc: oracle-l@xxxxxxxxxxxxx
Subject: Re: Passwords in Scripts

I personally developed all my DBA management tools using PERL for 
monitoring, backups, and OS based jobs. I save passwords in flat files 
encrypted 128-bit. These tools decrypt them at run time only. DBAs have 
their interfaces to these files using their own individual keys. You can

also put them in some database of your liking and the major players have

packages to en/decrypt data.

Fred Habash (OCP 8i,9i)
ACS Healthcare
Off: 248-226-8778
http://www.acs-inc.com/index.html

MacGregor, Ian A. wrote:
> How are people handling the presence of  database passwords in scripts
on client machines? I'm talking about Perl, Java, .NET, SQL*Plus and
other programs running on Solaris, Linux, and Windows clients which have
an Oracle password inside the program or reference a file which has one.

>
>
> I tried Oracle's password safe problem to see if would fix the problem
of having the rman catalog password in backup scripts.  The client here
is different as it is also another database server.  Two things
happened,  the account under which the Oracle software was installed w
could not log on to Oracle is a also an externally identified Oracle
without a password.  This was due to the authentication being switched
from the operating system to the password safe.  Not what was wanted.
The other thing that happened was that the Context option broke.  I
could understand that if the indexes were on binary data where an
external procedure call needs to be made;  however this was on character
data, and it happened on two different systems.  Is it possible to have
both OS and password authentication active simultaneously?
>
> The RMAN connections did work.  However the connect sting is simply /.
If there are multiple accounts which need this ability on any one
instance of Oracle, this does not seem  a workable solution.  
>
> What are others using as a password escrow system. 
>
> Ian 
> --
> //www.freelists.org/webpage/oracle-l
>
>
>
>   
--
//www.freelists.org/webpage/oracle-l


--
//www.freelists.org/webpage/oracle-l

• References:
  • Re: Passwords in Scripts
    • From: fmhabash

Other related posts:

• » Passwords in Scripts
• » Re: Passwords in Scripts
• » Re: Passwords in Scripts
• » RE: Passwords in Scripts
• » RE: Passwords in Scripts
• » RE: Passwords in Scripts
• » RE: Passwords in Scripts

1. Home
2. oracle-l
3. Archive
4. 06-2007

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---