[20170111]設定無需口令登入資料庫.txt
[20170111]設定無需口令登入資料庫.txt
--以前連結提到的http://blog.itpub.net/267265/viewspace-2124815/,必須考慮一種方式登入避免口令的暴露。
--想到設定Oracle Wallets,自己從來沒有做過,測試看看。
1.環境:
SCOTT@book> @ &r/ver1
PORT_STRING VERSION BANNER
------------------------------ -------------- --------------------------------------------------------------------------------
x86_64/Linux 2.4.xx 11.2.0.4.0 Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
2.建立wallets:
$ mkdir /u01/app/oracle/admin/wallets
$ mkstore -wrl /u01/app/oracle11g/admin/wallet -create
--//注意輸入密碼要複雜一點點,不然提示出錯,另外以後必須記住此密碼,便於管理wallets。
PKI-01002: Invalid password:Passwords must have a minimum length of eight characters and contain alphabetic characters
combined with numbers or special characters
$ mkstore -wrl /u01/app/oracle/admin/wallets -createCredential book SYS oracle
$ mkstore -wrl /u01/app/oracle/admin/wallets -createCredential book SYS oracle
Oracle Secret Store Tool : Version 11.2.0.4.0 - Production
Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
Enter wallet password:
Create credential oracle.security.client.connect_string1
--引數createCredential的格式如下,可以看幫助:
[-createCredential connect_string username password]
3.修改sqlnet.ora檔案,加入:
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA = (DIRECTORY = /u01/app/oracle/admin/wallets))
)
SQLNET.WALLET_OVERRIDE=true
--//注:我的測試必須需要後面1行,否者無法透過。
4.測試:
$ sqlplus /@book as sysdba
SQL*Plus: Release 11.2.0.4.0 Production on Wed Jan 11 09:25:33 2017
Copyright (c) 1982, 2013, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SYS@book> show user
USER is "SYS"
--//使用rman測試:
$ rman target /@book
Recovery Manager: Release 11.2.0.4.0 - Production on Wed Jan 11 09:39:58 2017
Copyright (c) 1982, 2011, Oracle and/or its affiliates. All rights reserved.
connected to target database: BOOK (DBID=1337401710)
RMAN>
5.相關命令學習:
$ mkstore -wrl /u01/app/oracle/admin/wallets -list
Oracle Secret Store Tool : Version 11.2.0.4.0 - Production
Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
Enter wallet password:
Oracle Secret Store entries:
oracle.security.client.connect_string1
oracle.security.client.password1
oracle.security.client.username1
--不知道什麼意思。
$ mkstore -wrl /u01/app/oracle/admin/wallets -viewEntry oracle.security.client.password1
Oracle Secret Store Tool : Version 11.2.0.4.0 - Production
Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
Enter wallet password:
oracle.security.client.password1 = oracle
$ mkstore -wrl /u01/app/oracle/admin/wallets -listCredential
Oracle Secret Store Tool : Version 11.2.0.4.0 - Production
Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
Enter wallet password:
List credential (index: connect_string username)
1: book SYS
$ mkstore -wrl /u01/app/oracle/admin/wallets -viewEntry oracle.security.client.password1
Oracle Secret Store Tool : Version 11.2.0.4.0 - Production
Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
Enter wallet password:
oracle.security.client.password1 = oracle
--//可以發現密碼,還可以增加專案,比如我在tnsnames.ora建立連線串:78S
$ mkstore -wrl /u01/app/oracle/admin/wallets -createCredential 78S scott book
Oracle Secret Store Tool : Version 11.2.0.4.0 - Production
Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
Enter wallet password:
Create credential oracle.security.client.connect_string2
$ mkstore -wrl /u01/app/oracle/admin/wallets -listCredential
Oracle Secret Store Tool : Version 11.2.0.4.0 - Production
Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
Enter wallet password:
List credential (index: connect_string username)
2: 78S scott
1: book SYS
$ sqlplus /@78s
SQL*Plus: Release 11.2.0.4.0 Production on Wed Jan 11 09:35:43 2017
Copyright (c) 1982, 2013, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SCOTT@78s> show user
USER is "SCOTT"
--//登入的是scott使用者。
--//刪除1項
$ mkstore -wrl /u01/app/oracle/admin/wallets -deleteCredential 78S
Oracle Secret Store Tool : Version 11.2.0.4.0 - Production
Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
Enter wallet password:
Delete credential
Delete 2
--但是你不能再建立這樣的項,提示存在:
$ mkstore -wrl /u01/app/oracle/admin/wallets -createCredential book scott book
Oracle Secret Store Tool : Version 11.2.0.4.0 - Production
Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
Enter wallet password:
Create credential Secret Store error occured: oracle.security.pki.OracleSecretStoreException: Credential already exists
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/267265/viewspace-2132220/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- 分享電信定製版wps--無廣告無需登入
- 無法開啟登入所請求的資料庫,登入失敗資料庫
- Mac設定使用者自動登入無需輸入密碼的方法Mac密碼
- 登入失敗,提示“資料庫目錄許可權寫入不足”,可以操作設定資料庫目錄許可權為 777。資料庫
- Android檢視資料庫工具推薦,無需rootAndroid資料庫
- django—資料庫設定Django資料庫
- 無需輸入密碼,macOS 設定開機直接免密碼進入桌面密碼Mac
- Linux設定口令複雜度和口令定期更換策略Linux複雜度
- 在登入資料庫的使用!sql資料庫SQL
- CAS 5.3使用MySQL資料庫登入MySql資料庫
- 資料庫登入留痕功能新增資料庫
- IntelliJ IDEA 2022.1.4最新中文版「無需登入賬號」IntelliJIdea
- git gitinore設定失效,執行口令!Git
- WebForm登入頁面(連線資料庫)WebORM資料庫
- [20211108]sqlplus資料寬度顯示設定.txtSQL
- ssh-copy-id登陸無需重複輸入密碼密碼
- 無需設定路由器,無需公網ip 實現永久免費內網穿透路由器內網穿透
- MYSQL資料庫常用基本設定MySql資料庫
- openGauss 設定資料庫審計資料庫
- 2.5.10.1 設定資料庫時區資料庫
- SQLPlus無法登入資料庫提示密碼不對或許可權不足SQL資料庫密碼
- [20220623]linux 口令expire問題.txtLinux
- mercury(水星)路由器設定登入入口 MERCURY(水星)無線路由器怎麼設定路由器
- linux 設定ssh 免密登入Linux
- win10如何設定自動登入 win10設定自動登入的方法Win10
- 後臺登入提示:”登入失敗:資料庫目錄寫入許可權不足!“資料庫
- PostgreSQL資料庫連線保持設定SQL資料庫
- MySQL設定資料庫為只讀MySql資料庫
- win10 自動登入如何設定_windows10自動登入的設定步驟Win10Windows
- Apeaksoft iOS Unlocker - 無需密碼即可進入鎖定的 iPhoneiOS密碼iPhone
- 程式無任何報錯但是無法寫入資料庫資料庫
- virtual box中ubuntu ssh 登入設定Ubuntu
- centos自動登入帳號設定CentOS
- PbootCMS後臺登入提示:”登入失敗:資料庫目錄寫入許可權不足!“boot資料庫
- PbootCMS後臺登入提示:“登入失敗:資料庫目錄寫入許可權不足!”boot資料庫
- 怎麼設定資料庫的報警資料庫
- 10.註冊和登入功能實現(3)—— 註冊資料寫入資料庫資料庫
- win10遠端登入設定如何操作_win10遠端登入電腦怎麼設定Win10
- [20181024]修改awr收集資訊設定.txt