RE: encrypted user/passwd connection

Rajesh . Rao Tue, 07 Jan 2003 07:25:00 -0800

"All oracle passwords are encrypted" is not a true statement. Failed login
attempts, are retried by sending the password in an unencrypted format.
Atleast, until 8.1.7. To avoid which, ORA_ENCRYPT_LOGIN variable and
DBLINK_ENCRYPT_LOGIN parameter (for retried attempts across database link)
should be set to TRUE.


I could stand corrected though.

Raj




                                                                                       
                               
                    Sony kristanto                                                     
                               
                    <Sony@polyfinca        To:     Multiple recipients of list 
ORACLE-L <[EMAIL PROTECTED]>        
                    nggih.com>             cc:                                         
                               
                    Sent by:               Subject:     RE: encrypted user/passwd 
connection                          
                    [EMAIL PROTECTED]                                                    
                               
                    m                                                                  
                               
                                                                                       
                               
                                                                                       
                               
                    January 07,                                                        
                               
                    2003 01:53 AM                                                      
                               
                    Please respond                                                     
                               
                    to ORACLE-L                                                        
                               
                                                                                       
                               
                                                                                       
                               




You're right Jared, all oracle password is encrypted. Btw Andrey if it is
possible how to do it ?

> -----Original Message-----
> From:         Jared Still [SMTP:[EMAIL PROTECTED]]
> Sent:         Tuesday, January 07, 2003 11:04 AM
> To:           Multiple recipients of list ORACLE-L
> Subject:           Re: encrypted user/passwd connection
>
>
> Andre,
>
> Oracle does not send passwords across the network
> in clear text, they are encrypted by default.
>
> Jared
>
> On Monday 06 January 2003 05:43, Andrey Bronfin wrote:
> > Dear list !
> > I have just been asked the following question:
> > is it possible to make a connection from an Oracle client to an Oracle
> > instance (both are 8.1.7) in an "encrypted" way.
> > I.e. if someone is sitting with a sniffer between the server and the
> > client, then i don't want him to be able to see the user/passwd i'm
> > connecting with. Again , i am NOT asking how store the data in the DB
in
> an
> > "encrypted" way, but how to connect to an instance without showing my
> > passwd.
> > Thanks a lot!
> > Andrey.


-- 
Please see the official ORACLE-L FAQ: http://www.orafaq.net
-- 
Author: 
  INET: [EMAIL PROTECTED]

Fat City Network Services    -- 858-538-5051 http://www.fatcity.com
San Diego, California        -- Mailing list and web hosting services
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).

RE: encrypted user/passwd connection

Reply via email to