Re: TDE - Lost Password

• From: Andy Klock <andy@xxxxxxxxxxxxxxx>
• To: David Barbour <david.barbour1@xxxxxxxxx>
• Date: Fri, 2 Jun 2017 16:06:00 -0400

On Fri, Jun 2, 2017 at 3:30 PM, David Barbour <david.barbour1@xxxxxxxxx>
wrote:

Since we don't have the password, can I create a new auto_login keystore
for which the password will be retained, export or merge the contents
(which shouldn't require a password) into the new keystore, close the old
keystore which again should not require a password, change the sqlnet.ora
to point to the new keystore and breathe a sigh of relief?

Hi David, I'm not sure how you would export your wallet without the
password, so if you know of a way please share!  I've seen some hacks to
get passwords from wallets, for example:
http://checkyourlogsblog.com/index.php/2016/06/19/recovering-tde-encryption-keys/

But the API is different for encryption keys (I would think)

I've written up something for extracting keys from shared memory, using
shmcat for situations like you are describing, but I'd be a little
reluctant to do this in PROD. We all have different comfort zones though.

http://checkyourlogsblog.com/index.php/2016/06/19/recovering-tde-encryption-keys/

Good luck!

Andy K

• Follow-Ups:
  • Re: TDE - Lost Password
    • From: Andy Klock
  • Re: TDE - Lost Password
    • From: David Barbour

• References:
  • TDE - Lost Password
    • From: David Barbour

Other related posts:

• » TDE - Lost Password- David Barbour
• » Re: TDE - Lost Password - Andy Klock
• » Re: TDE - Lost Password- Andy Klock
• » Re: TDE - Lost Password- David Barbour
• » Re: TDE - Lost Password- Andy Klock

1. Home
2. oracle-l
3. Archive
4. 06-2017

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---