Thanks Raj.
I would think that the default being set to 'always encrypt' would be
more reasonable,
In checking the parameters via
select
a.KSPPINM NAME,
a.KSPPDESC DESCRIPTION,
b.KSPPSTVL VALUE,
b.KSPPSTDF ISDEFAULT
from X$KSPPI a, X$KSPPCV b
where a.indx = b.indx
and a.KSPPINM like '%crypt%'
order by name;
.. I found that only the dblink_encrypt_login parm was available.
This is on 7.3.4, 8.0.6, 8.1.7 and 9.2.0.
Where does ORA_ENCRYPT_LOGIN get applied?
Jared
[EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
01/07/2003 07:03 AM
Please respond to ORACLE-L
To: Multiple recipients of list ORACLE-L <[EMAIL PROTECTED]>
cc:
Subject: RE: encrypted user/passwd connection
"All oracle passwords are encrypted" is not a true statement. Failed login
attempts, are retried by sending the password in an unencrypted format.
Atleast, until 8.1.7. To avoid which, ORA_ENCRYPT_LOGIN variable and
DBLINK_ENCRYPT_LOGIN parameter (for retried attempts across database link)
should be set to TRUE.
I could stand corrected though.
Raj
Sony kristanto
<Sony@polyfinca To: Multiple recipients of
list ORACLE-L <[EMAIL PROTECTED]>
nggih.com> cc:
Sent by: Subject: RE: encrypted
user/passwd connection
[EMAIL PROTECTED]
m
January 07,
2003 01:53 AM
Please respond
to ORACLE-L
You're right Jared, all oracle password is encrypted. Btw Andrey if it is
possible how to do it ?
> -----Original Message-----
> From: Jared Still [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, January 07, 2003 11:04 AM
> To: Multiple recipients of list ORACLE-L
> Subject: Re: encrypted user/passwd connection
>
>
> Andre,
>
> Oracle does not send passwords across the network
> in clear text, they are encrypted by default.
>
> Jared
>
> On Monday 06 January 2003 05:43, Andrey Bronfin wrote:
> > Dear list !
> > I have just been asked the following question:
> > is it possible to make a connection from an Oracle client to an Oracle
> > instance (both are 8.1.7) in an "encrypted" way.
> > I.e. if someone is sitting with a sniffer between the server and the
> > client, then i don't want him to be able to see the user/passwd i'm
> > connecting with. Again , i am NOT asking how store the data in the DB
in
> an
> > "encrypted" way, but how to connect to an instance without showing my
> > passwd.
> > Thanks a lot!
> > Andrey.
--
Please see the official ORACLE-L FAQ: http://www.orafaq.net
--
Author:
INET: [EMAIL PROTECTED]
Fat City Network Services -- 858-538-5051 http://www.fatcity.com
San Diego, California -- Mailing list and web hosting services
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
--
Please see the official ORACLE-L FAQ: http://www.orafaq.net
--
Author:
INET: [EMAIL PROTECTED]
Fat City Network Services -- 858-538-5051 http://www.fatcity.com
San Diego, California -- Mailing list and web hosting services
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
