Oracle RMAN 口令加密测试

已于 2023-02-27 19:15:00 修改
阅读量1.3k 收藏
点赞数
分类专栏: Oracle 备份还原 安全 文章标签: oracle rman 加密备份 数据恢复 备份还原
于 2022-11-08 15:46:38 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/Hehuyi_In/article/details/127752006
版权
Oracle 同时被 3 个专栏收录
189 篇文章 36 订阅
订阅专栏
备份还原
31 篇文章 4 订阅
订阅专栏
安全
20 篇文章 1 订阅
订阅专栏

一、 测试背景

业务希望对一些不由DBA运维的数据库配置备份设置加密,密码仅由业务同事保存,必须输入密码才能进行数据恢复。

二、 RMAN加密方法

rman对备份提供3种常见的加密方法:

  • 仅口令加密
  • 基于wallet的加密
  • 混合加密(口令加密+wallet加密)

考虑业务同事需要保存密码,而基于wallet的加密配置较复杂、DBA又难以接触到相关服务器,仅口令加密方式较为合适

设置方法

SET ENCRYPTION IDENTIFIED BY '密码' ONLY;

注意事项:

  • 口令务必要记得,否则后续无法会恢复数据
  • 由于set命令在单个rman会话中生效,不能作为全局设置,因此需要在rman备份脚本中加入加密设置(When used outside a RUN block, attributes changed by SET remain in effect until you exit the RMAN client.)
  • 如果不加引号,密码只能设置为字符串,不能设置为纯数字,例如 SET ENCRYPTION IDENTIFIED BY 6666666 ONLY;

  • 如果不加引号,密码中的字母均会被Oracle转为大写,因此以下3个密码实际是一样的,都被转为 SOMEPWD
IDENTIFIED BY somepwd
IDENTIFIED BY Somepwd
IDENTIFIED BY sOmEpWd

三、 口令加密测试

1. 构造测试数据

SQL> create table test(a varchar2(30));
SQL> insert into test values('encrypted');

SQL> select * from test;
A
------------------------------
encrypted

2. 备份测试

在备份脚本中加入口令设置,其余脚本设置项按实际修改即可(完整脚本在最后)

...
$ORACLE_HOME/bin/rman target ${MY_CONNECT} msglog ${RMAN_LOG_FILE} append << EOF
SET ENCRYPTION ON ALGORITHM 'AES128' IDENTIFIED BY 'W6666666' ONLY;
RUN {
...

发起备份

./rmanbackup.sh

查看备份集

[oracle@T01 Tue]$ pwd
/data/rmanbackup/Tue
[oracle@T01 Tue]$ ll -h
total 291M
-rw-r----- 1 oracle oinstall 1.5M Nov  8 14:24 arch_orcl_fk1cakhe_1_1_20221108.bkp
-rw-r----- 1 oracle oinstall 9.9M Nov  8 14:24 c-1647672351-20221108-02
-rw-r----- 1 oracle oinstall 9.9M Nov  8 14:24 c-1647672351-20221108-03
-rw-r----- 1 oracle oinstall 1.2M Nov  8 14:24 ControlFile_orcl_fl1cakhh_1_1_20221108.bkp
-rw-r----- 1 oracle oinstall 183M Nov  8 14:24 db_orcl_level_1_ff1caked_1_1_20221108.bkp
-rw-r----- 1 oracle oinstall  74M Nov  8 14:23 db_orcl_level_1_fg1caked_1_1_20221108.bkp
-rw-r----- 1 oracle oinstall 1.2M Nov  8 14:23 db_orcl_level_1_fh1caked_1_1_20221108.bkp
-rw-r----- 1 oracle oinstall 1.1M Nov  8 14:23 db_orcl_level_1_fi1caked_1_1_20221108.bkp
-rw-r----- 1 oracle oinstall 9.8M Nov  8 14:24 snapcf_orcl.f

3. 模拟宕机

停库

SQL> shutdown immediate
Database closed.
Database dismounted.
ORACLE instance shut down.

移走数据文件

[oracle@T01 datafile]$ mv o1_mf_users_kpkw71x8_.dbf o1_mf_users_kpkw71x8_.dbf.bak
[oracle@T01 datafile]$ pwd
/data/prd/oracle/database/oradata/ORCL/datafile

启动数据库

SQL> startup
ORACLE instance started.

Total System Global Area 3023110144 bytes
Fixed Size                  2232192 bytes
Variable Size             637534336 bytes
Database Buffers         2365587456 bytes
Redo Buffers               17756160 bytes
Database mounted.
ORA-01157: cannot identify/lock data file 4 - see DBWR trace file
ORA-01110: data file 4:
'/data/prd/oracle/database/oradata/ORCL/datafile/o1_mf_users_kpkw71x8_.dbf'

SQL> select status from v$instance;

STATUS
------------
MOUNTED

4. 恢复测试

注册恢复目录

# 这里要mv一下,否则catalog 会认不到文件
[oracle@T01 rmanbackup]$ mv Tue/ Tue1108

RMAN> catalog start with '/data/rmanbackup/Tue1108';

using target database control file instead of recovery catalog
searching for all files that match the pattern /data/rmanbackup/Tue1108
List of Files Unknown to the Database
=====================================
File Name: /data/rmanbackup/Tue1108/db_orcl_level_1_ff1caked_1_1_20221108.bkp
File Name: /data/rmanbackup/Tue1108/db_orcl_level_1_fg1caked_1_1_20221108.bkp
File Name: /data/rmanbackup/Tue1108/db_orcl_level_1_fh1caked_1_1_20221108.bkp
File Name: /data/rmanbackup/Tue1108/db_orcl_level_1_fi1caked_1_1_20221108.bkp
File Name: /data/rmanbackup/Tue1108/snapcf_orcl.f
File Name: /data/rmanbackup/Tue1108/c-1647672351-20221108-02
File Name: /data/rmanbackup/Tue1108/arch_orcl_fk1cakhe_1_1_20221108.bkp
File Name: /data/rmanbackup/Tue1108/ControlFile_orcl_fl1cakhh_1_1_20221108.bkp
File Name: /data/rmanbackup/Tue1108/c-1647672351-20221108-03

Do you really want to catalog the above files (enter YES or NO)? YES
cataloging files...
cataloging done

List of Cataloged Files
=======================
File Name: /data/rmanbackup/Tue1108/db_orcl_level_1_ff1caked_1_1_20221108.bkp
File Name: /data/rmanbackup/Tue1108/db_orcl_level_1_fg1caked_1_1_20221108.bkp
File Name: /data/rmanbackup/Tue1108/db_orcl_level_1_fh1caked_1_1_20221108.bkp
File Name: /data/rmanbackup/Tue1108/db_orcl_level_1_fi1caked_1_1_20221108.bkp
File Name: /data/rmanbackup/Tue1108/snapcf_orcl.f
File Name: /data/rmanbackup/Tue1108/c-1647672351-20221108-02
File Name: /data/rmanbackup/Tue1108/arch_orcl_fk1cakhe_1_1_20221108.bkp
File Name: /data/rmanbackup/Tue1108/ControlFile_orcl_fl1cakhh_1_1_20221108.bkp
File Name: /data/rmanbackup/Tue1108/c-1647672351-20221108-03

恢复数据

① 不使用密码

报错,符合预期

RMAN> restore database;

Starting restore at 08-NOV-22
allocated channel: ORA_DISK_1
channel ORA_DISK_1: SID=63 device type=DISK

channel ORA_DISK_1: starting datafile backup set restore
channel ORA_DISK_1: specifying datafile(s) to restore from backup set
channel ORA_DISK_1: restoring datafile 00003 to /data/prd/oracle/database/oradata/orcl/undotbs01.dbf
channel ORA_DISK_1: reading from backup piece /data/rmanbackup/Tue/db_orcl_level_1_fh1caked_1_1_20221108.bkp
RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
RMAN-03002: failure of restore command at 11/08/2022 14:27:45
ORA-19870: error while restoring backup piece /data/rmanbackup/Tue1108/db_orcl_level_1_fh1caked_1_1_20221108.bkp
ORA-19913: unable to decrypt backup
ORA-28365: wallet is not open

② 使用错误密码

RMAN> set decryption identified by 'oracle';   

executing command: SET decryption
using target database control file instead of recovery catalog

RMAN> restore database;

Starting restore at 08-NOV-22
allocated channel: ORA_DISK_1
channel ORA_DISK_1: SID=63 device type=DISK
channel ORA_DISK_1: starting datafile backup set restore
channel ORA_DISK_1: specifying datafile(s) to restore from backup set
channel ORA_DISK_1: restoring datafile 00003 to /data/prd/oracle/database/oradata/orcl/undotbs01.dbf
channel ORA_DISK_1: reading from backup piece /data/rmanbackup/Tue/db_orcl_level_1_fh1caked_1_1_20221108.bkp
RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
RMAN-03002: failure of restore command at 11/08/2022 14:31:10
ORA-19870: error while restoring backup piece /data/rmanbackup/Tue1108/db_orcl_level_1_fh1caked_1_1_20221108.bkp
ORA-19913: unable to decrypt backup
ORA-28365: wallet is not open

③ 使用正确密码

RMAN> set decryption identified by 'W6666666';
executing command: SET decryption

RMAN> restore database;

Starting restore at 08-NOV-22
using channel ORA_DISK_1
channel ORA_DISK_1: starting datafile backup set restore
channel ORA_DISK_1: specifying datafile(s) to restore from backup set
channel ORA_DISK_1: restoring datafile 00003 to /data/prd/oracle/database/oradata/orcl/undotbs01.dbf
channel ORA_DISK_1: reading from backup piece /data/rmanbackup/Tue/db_orcl_level_1_fh1caked_1_1_20221108.bkp
channel ORA_DISK_1: errors found reading piece handle=/data/rmanbackup/Tue/db_orcl_level_1_fh1caked_1_1_20221108.bkp
channel ORA_DISK_1: failover to piece handle=/data/rmanbackup/Tue1108/db_orcl_level_1_fh1caked_1_1_20221108.bkp tag=LEVEL_1_DB_2022_1108_1423
channel ORA_DISK_1: restored backup piece 1
channel ORA_DISK_1: restore complete, elapsed time: 00:00:01
channel ORA_DISK_1: starting datafile backup set restore
channel ORA_DISK_1: specifying datafile(s) to restore from backup set
channel ORA_DISK_1: restoring datafile 00004 to /data/prd/oracle/database/oradata/ORCL/datafile/o1_mf_users_kpkw71x8_.dbf
channel ORA_DISK_1: reading from backup piece /data/rmanbackup/Tue/db_orcl_level_1_fi1caked_1_1_20221108.bkp
channel ORA_DISK_1: errors found reading piece handle=/data/rmanbackup/Tue/db_orcl_level_1_fi1caked_1_1_20221108.bkp
channel ORA_DISK_1: failover to piece handle=/data/rmanbackup/Tue1108/db_orcl_level_1_fi1caked_1_1_20221108.bkp tag=LEVEL_1_DB_2022_1108_1423
channel ORA_DISK_1: restored backup piece 1
channel ORA_DISK_1: restore complete, elapsed time: 00:00:01
channel ORA_DISK_1: starting datafile backup set restore
channel ORA_DISK_1: specifying datafile(s) to restore from backup set
channel ORA_DISK_1: restoring datafile 00002 to /data/prd/oracle/database/oradata/orcl/sysaux01.dbf
channel ORA_DISK_1: reading from backup piece /data/rmanbackup/Tue/db_orcl_level_1_fg1caked_1_1_20221108.bkp
channel ORA_DISK_1: errors found reading piece handle=/data/rmanbackup/Tue/db_orcl_level_1_fg1caked_1_1_20221108.bkp
channel ORA_DISK_1: failover to piece handle=/data/rmanbackup/Tue1108/db_orcl_level_1_fg1caked_1_1_20221108.bkp tag=LEVEL_1_DB_2022_1108_1423
channel ORA_DISK_1: restored backup piece 1
channel ORA_DISK_1: restore complete, elapsed time: 00:00:15
channel ORA_DISK_1: starting datafile backup set restore
channel ORA_DISK_1: specifying datafile(s) to restore from backup set
channel ORA_DISK_1: restoring datafile 00001 to /data/prd/oracle/database/oradata/orcl/system01.dbf
channel ORA_DISK_1: reading from backup piece /data/rmanbackup/Tue/db_orcl_level_1_ff1caked_1_1_20221108.bkp
channel ORA_DISK_1: errors found reading piece handle=/data/rmanbackup/Tue/db_orcl_level_1_ff1caked_1_1_20221108.bkp
channel ORA_DISK_1: failover to piece handle=/data/rmanbackup/Tue1108/db_orcl_level_1_ff1caked_1_1_20221108.bkp tag=LEVEL_1_DB_2022_1108_1423
channel ORA_DISK_1: restored backup piece 1
channel ORA_DISK_1: restore complete, elapsed time: 00:00:45
Finished restore at 08-NOV-22

RMAN> recover database;

Starting recover at 08-NOV-22
using channel ORA_DISK_1
starting media recovery
media recovery complete, elapsed time: 00:00:01
Finished recover at 08-NOV-22

RMAN> alter database open;
database opened

RMAN> 
Recovery Manager complete.

⑤ 验证数据

SQL> select * from test;

A
------------------------------
encrypted

四、 备份脚本

默认口令加密那行是注释的,需要用取消掉即可

export ORACLE_SID=mydb
export MY_CONNECT='/'
export ORACLE_HOME=/u01/app/oracle/product/11.2.0/db_1
export MY_BACKUP_DIR=/rmanbackup
export MY_OBSOLETE_DAYS=30
export MY_KEEP_DAYS=8
# 限制备份速度
#export MY_RATE=100M
###############################################
export MY_DATE=`date +%Y_%m%d_%H%M`
export HOST_NAME=`hostname`
export NLS_DATE_FORMAT="YYYY-MM-DD HH24:MI:SS"
if [ ! -d ${MY_BACKUP_DIR} ]
        then
        mkdir -p ${MY_BACKUP_DIR}
fi
os=`uname`
echo $os
export TEST_FILE=${MY_BACKUP_DIR}/test.file
echo 'test' > ${TEST_FILE}
# 日期转为英文格式
export MY_WEEK=`env LANG=en_US.UTF-8 date | awk '{print $1}'`
case ${MY_WEEK} in
        Sat)
        export BACKUP_TYPE="INCREMENTAL LEVEL=2 CUMULATIVE "
                ;;
        Sun)
        export BACKUP_TYPE="INCREMENTAL LEVEL=0"
                ;;
        Mon)
        export BACKUP_TYPE="INCREMENTAL LEVEL=1 CUMULATIVE"
                ;;
        Tue)
        export BACKUP_TYPE="INCREMENTAL LEVEL=1 CUMULATIVE"
                ;;
        Wed)
        export BACKUP_TYPE="INCREMENTAL LEVEL=2 CUMULATIVE"
                ;;
        Thu)
        export BACKUP_TYPE="INCREMENTAL LEVEL=1 CUMULATIVE"
                ;;
        Fri)
        export BACKUP_TYPE="INCREMENTAL LEVEL=1 CUMULATIVE"
                ;;
        *)
        echo 'RMAN-MY_WEEK IS ERROR' > /dev/null
        exit
                ;;
esac
export MY_LEVEL=`echo ${BACKUP_TYPE} |  awk -F"=" '{print $2}'`
export MY_LEVEL_NUMBER=`echo ${MY_LEVEL} |awk '{print $1}'`
export RMAN_LOG_FILE=${MY_BACKUP_DIR}/rman_log/rman_${MY_DATE}_level_${MY_LEVEL_NUMBER}.log
if [ ! -d ${MY_BACKUP_DIR}/rman_log ]
        then
        mkdir -p ${MY_BACKUP_DIR}/rman_log
fi
if [ ! -d ${MY_BACKUP_DIR}/${MY_WEEK} ]
        then
        mkdir -p ${MY_BACKUP_DIR}/${MY_WEEK}
fi


# Starting
echo 'I Started' > ${RMAN_LOG_FILE}
chmod 666 ${RMAN_LOG_FILE}
echo ==== started on `date` ==== >> ${RMAN_LOG_FILE}
echo ==== '                '==== >> ${RMAN_LOG_FILE}
echo ==== BACKUP_TYPE IS ${BACKUP_TYPE} ==== >> ${RMAN_LOG_FILE}
env >> ${RMAN_LOG_FILE}
$ORACLE_HOME/bin/rman target ${MY_CONNECT} msglog ${RMAN_LOG_FILE} append << EOF
# 口令加密
# SET ENCRYPTION ON ALGORITHM 'AES128' IDENTIFIED BY 'W6666666' ONLY;
RUN {
CONFIGURE RETENTION POLICY TO RECOVERY WINDOW OF ${MY_OBSOLETE_DAYS} DAYS ;
CONFIGURE BACKUP OPTIMIZATION ON;
CONFIGURE DEFAULT DEVICE TYPE TO DISK;
CONFIGURE CONTROLFILE AUTOBACKUP ON;
CONFIGURE CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE DISK TO '${MY_BACKUP_DIR}/${MY_WEEK}/%F';
CONFIGURE SNAPSHOT CONTROLFILE NAME TO '${MY_BACKUP_DIR}/${MY_WEEK}/snapcf_${ORACLE_SID}.f';
CONFIGURE DEVICE TYPE DISK PARALLELISM 1 BACKUP TYPE TO COMPRESSED BACKUPSET;
CONFIGURE DATAFILE BACKUP COPIES FOR DEVICE TYPE DISK TO 1;
CONFIGURE ARCHIVELOG BACKUP COPIES FOR DEVICE TYPE DISK TO 1;
CONFIGURE CHANNEL DEVICE TYPE DISK FORMAT '${MY_BACKUP_DIR}/${MY_WEEK}/%U';
CONFIGURE MAXSETSIZE TO UNLIMITED;
CONFIGURE ARCHIVELOG DELETION POLICY TO NONE;
# 限制备份速度
#ALLOCATE CHANNEL ch00 DEVICE TYPE DISK RATE=${MY_RATE};
#ALLOCATE CHANNEL ch01 DEVICE TYPE DISK RATE=${MY_RATE};
#ALLOCATE CHANNEL ch02 DEVICE TYPE DISK RATE=${MY_RATE};
#ALLOCATE CHANNEL ch03 DEVICE TYPE DISK RATE=${MY_RATE};
ALLOCATE CHANNEL ch00 DEVICE TYPE DISK;
ALLOCATE CHANNEL ch01 DEVICE TYPE DISK;
ALLOCATE CHANNEL ch02 DEVICE TYPE DISK;
ALLOCATE CHANNEL ch03 DEVICE TYPE DISK;
        BACKUP AS COMPRESSED BACKUPSET
                $BACKUP_TYPE
                #SKIP INACCESSIBLE
                TAG level_${MY_LEVEL_NUMBER}_db_${MY_DATE}
                FILESPERSET 10
                FORMAT '${MY_BACKUP_DIR}/${MY_WEEK}/db_${ORACLE_SID}_level_${MY_LEVEL_NUMBER}_%U_%T'
        DATABASE
        ;
        SQL 'ALTER SYSTEM CHECKPOINT';
        SQL 'ALTER SYSTEM ARCHIVE LOG CURRENT';
RELEASE CHANNEL ch00;
RELEASE CHANNEL ch01;
RELEASE CHANNEL ch02;
RELEASE CHANNEL ch03;
#ALLOCATE CHANNEL ch00 DEVICE TYPE DISK RATE=${MY_RATE};
ALLOCATE CHANNEL ch00 DEVICE TYPE DISK;
        BACKUP
                TAG arch_${MY_DATE}
                FORMAT '${MY_BACKUP_DIR}/${MY_WEEK}/arch_${ORACLE_SID}_%U_%T'
        ARCHIVELOG  ALL;
        BACKUP
                TAG controlfile_${MY_DATE}
                FORMAT '${MY_BACKUP_DIR}/${MY_WEEK}/ControlFile_${ORACLE_SID}_%U_%T'
        CURRENT CONTROLFILE;
RELEASE CHANNEL ch00;
}
CONFIGURE RETENTION POLICY TO RECOVERY WINDOW OF ${MY_OBSOLETE_DAYS} DAYS ;
ALLOCATE CHANNEL FOR MAINTENANCE DEVICE TYPE DISK;
CROSSCHECK BACKUP;
CROSSCHECK ARCHIVELOG ALL;
DELETE NOPROMPT BACKUP COMPLETED BEFORE 'SYSDATE-${MY_KEEP_DAYS}';
DELETE NOPROMPT OBSOLETE;
DELETE NOPROMPT EXPIRED BACKUP;
DELETE NOPROMPT EXPIRED BACKUPSET;
DELETE NOPROMPT EXPIRED ARCHIVELOG ALL;
DELETE NOPROMPT ARCHIVELOG ALL COMPLETED BEFORE 'SYSDATE-8';
LIST BACKUP SUMMARY;
LIST BACKUP TAG 'level_${MY_LEVEL_NUMBER}_db_${MY_DATE}';
LIST BACKUP TAG 'arch_${MY_DATE}';
LIST BACKUP TAG 'controlfile_${MY_DATE}';
EOF
echo ==== $LOGMSG stop on `date` ==== >> ${RMAN_LOG_FILE}
#finish
exit

参考

SET

Configuring the RMAN Environment: Advanced Topics - 11g Release 2 (11.2)

Hehuyi_In
关注
专栏目录
rman加密算法
Linucle的专栏
04-08 1997
一,rman备份加密概述 为了保证备份集的安全,oracle提供了rman加密技术 (1)利用configure启用加密模式 RMAN> configure encryption for database on; 禁止加密模式 RMAN> configure encryption for database off; configure不仅能指定到databa
第2部分: Oracle RMAN备份与恢复-高级篇
qq_41141058的博客
09-11 395
一、课程内容: 01-课程概述 02-配置备份集-备份片-压缩 03-配置备份加密 04-执行数据库恢复-情形1 05-执行数据库恢复-情形1补充 06-执行数据库恢复-情形2 07-使用Recovery Advisor进行数据恢复 08-使用块跟踪加速备份 09-增量备份-差异增量备份 10-增量备份-累积增量备份 11-增量备份-增量更新备份 12-基于增量备份数据恢复 13-使用Catal...
RMAN进行Oracle加密备份
Yuzhanquan的专栏
05-04 600
由于最近发生很多偷盗备份资料的事件,这使得越来越多的人更加关注保护数据备份的重要性了。从银行、经济行业、零售商店甚至是IRS中偷出载有数百万用户资料的导出数据磁盘,它所造成的损失是无法预测的(资料来源:数据缺口的年表)。一旦数据离开了Oracle数据库的安全机制,它就极容易被偷取。在Oracle 10g Release 2(Oracle 10gR2)中,你可以对导出的备份文件进行加密,而不需要
backup加密
cuicheng2535的博客
06-14 197
Oracle 从10gR2开始,提供备份加密,也就是说,对备份出来的文件采用一定的加密算法,防止备份文件被拷贝到别的地方可以随意恢复。采用加密方法的备份,如果在异地还原(Restore)的话,需要提供正确的密码才能做到。   ...
RMAN备份加密
最新发布
loveLAxin的博客
08-22 243
备份文件的传输过程中,出于安全性的考虑,就会使用备份文件加密的功能。Oracle提供了三种加密方式:(1)透明模式:此为默认加密方式,需要Oracle密钥管理设施可用并且已配置,即Oracle钱包功能的使用。(2)混合模式:支持钱包管理和密码管理两种方式,本地恢复时使用钱包,远程主机恢复时使用密码。(3)密码模式:不需要Oracle钱包管理器的介入,只需要备份或恢复时,指定加解密的密码即可。操作相对简单方便快捷。本文章仅讨论密码模式的实现步骤及操作。
三种Oracle RMAN备份加密策略(上)
ciqu9915的博客
06-15 189
说明:本篇参考eygle老师的作品《Oracle DBA手记4:数据安全警示录》,特此表示感谢。 数据安全,特别是企业核心业务数据的安全问题,是当今全社会共同关注的问题。从前几天...
口令加密
dtor的专栏
07-11 1697
每当我们要建立数据库驱动的个人化的web站点时,都必须要保护用户的数据。尽管黑客可以盗取个人的口令,然而更严重的问题是有人能够盗走整个数据库,然后立刻就是所有的口令。 原理    有一个好的做法是不将实际的口令存储在数据库中,而是存储它们加密后的版本。当我们需要对用户进行鉴定时,只是对用户的口令再进行加密,然后将它与系统中的加密口令进行比较即可。     在ASP中,我们不得不借助外部对象来加密
Oracle RMAN 异机 复制数据库
04-22
在异机复制数据库的场景中,RMAN允许我们将一个数据库的完整副本复制到另一台机器上,这对于灾难恢复、测试环境的构建或数据迁移等任务非常有用。以下是如何使用RMAN进行异机复制数据库的详细步骤: 1. **构建辅助...
Oracle加密Model
07-02
Oracle数据库加密主要涉及到两种模式,即Oracle Wallet加密RMAN口令模式加密。下面,我们将详细解析这两种加密方式,并对Oracle加密知识点进行深入探讨。 1. Oracle Wallet加密 Oracle Wallet加密是一种数据库...
RMAN备份与恢复之加密备份
weixin_44524950的博客
01-21 509
ORACLE从10g R2开始为备份提供加密功能,通过加密获得的备份,可以保护备份文件,防止备份泄露带来的安全问题。 显示当前数据库的加密算法: SQL&gt; select * from v$rman_encryption_algorithms; ALGORITHM_ID ALGORITHM_NAME ALGORITHM_DESCRIPTION IS_ RES ...
ORACLErman 备份加密
Rhys learn oracle!
04-03 1102
ORACLErman 备份加密   oracle@oracle:~> rman target / 恢复管理器: Release 11.1.0.6.0 - Production on 星期四 3月 28 20:33:52 2013 Copyright (c) 1982, 2007, Oracle. All rights reserved. 连接到目标数据库: ORCL (DBID=
ORACLE_OCP之RMAN备份进行加密
XiaoHG_CSDN的博客
01-03 404
ORACLE_OCP之RMAN备份进行加密 文章目标: 描述并创建RMAN加密备份 区分并使用以下加密模式: 透明模式加密 密码模式加密 双模式加密 一、RMAN-Encrypted Backups-RMAN加密备份 二、Comparing OSB and RMAN Encryption 对比OSB和RMAN加密 三、创建RMAN加密备份 RMAN支持三种加密模式: 透明模式: 使用透明数据加密(TDE)密钥 要求您首先配置密钥库 密码模式:需要在RMAN脚本中使用SET
rman备份加密概述
zll4859291的博客
03-30 329
这种方法不需要设置密码,很适合在本地的备份与恢复,如果备份不需要传到其他的机器上,建议采用这样的加密方法。这个关键字,这种情况下,如果在本地备份与恢复,是不需要密码的,如果是在异地恢复(如在别的机器上恢复该备份),只需要设置解密的密码即可。默认的加密方式,比较适合于同一服务器进行的备份和恢复,换台服务器就无法识别了,因为缺少必备的密钥。这是最简单的模式,备份的时候通过以下语句设置备份密码,然后备份数据库或对应的表空间、数据文件等。在创建备份前设置密码,任何需要恢复的机器上执行恢复操作前指定密码即可。
加密口令命令
weixin_72843193的博客
08-30 188
这个加密口令是不会以文本方式展现,因为违反安全规定。如果你使用命令窗口,你可以使用set encryption on… identified by password only命令在你的RMAN脚本中启用口令加密。 三种方式你可以返回到orcl主页: 点击history > orcl targets > databases > orcl all targets > orcl ...
ORACLE口令文件及密码认证
ITer-Tony
06-17 1714
Oracle口令文件中存放sysdba/sysoper用户的用户名及口令,允许用户通过口令文件验证。 本文包括以下四部分: 1、使用orapwd创建口令文件 2、介绍口令文件的三种状态 3、在口令文件中添加用户 4、维护口令文件 5、密码认证 1.使用orapwd创建口令文件 什么时候需要创建口令文件?:口令文件损坏、口令文件丢失、需要修改超级用户口令时 orapwd的语
RMAN加密方式
2301_76957510的博客
04-17 391
这种方法不需要设置密码,很适合在本地的备份与恢复,如果备份不需要传到其他的机器上,建议采用这样的加密方法。这个关键字,这种情况下,如果在本地备份与恢复,是不需要密码的,如果是在异地恢复(如在别的机器上恢复该备份),只需要设置解密的密码即可。默认的加密方式,比较适合于同一服务器进行的备份和恢复,换台服务器就无法识别了,因为缺少必备的密钥。这是最简单的模式,备份的时候通过以下语句设置备份密码,然后备份数据库或对应的表空间、数据文件等。在创建备份前设置密码,任何需要恢复的机器上执行恢复操作前指定密码即可。
简单加密口令(chr()、ord())
m0_57158496的博客
08-26 716
简单加密口令 我练习优秀学生管理系统时,给加个口令。但明文存储又相当于树枝插门,于是就做了简单的ord(s)加减运算,直接以国ord(s)列表存储口令文本。留了后门——直接找到口令文本存储文件删除,登录就不向您要口令了。???????? 敬请大佬和与我一样的同级指正错漏和提出宝贵建议。???????????? ☆程序调试环境☆ python 3.6.6 安卓版(手机) 知识点: json函数之 技巧: 口令文本用加密的用户键入字符直接比对校验。 代码运行效果 存储的口令文本"Chongqing"
pdf口令加密
热门推荐
pdfMaker的专栏
11-09 1万+
       PDF(portable document format), 通用文档格式,可以在UNIX, apple, windows,linux任何一个平台上阅读,ADOBE公司开发的Acrobat 和PDF Reader阅读PDF文件和阅读传统书本非常接近,这让阅读非常愉悦。近年来,PDF被越来越多的人认识,越来越多的人通过PDF在互联网上发布信息,很多电子书也是PDF格式的
rman加密备份
08-04 230
Oracle数据库备份加密,通过加密,可以保护备份文件,防止备份泄漏资料。 oracle备份加密主要是指RMAN加密,EXP/EXPDP加密是没有的。 RMAN加密主要有以下几种方式: 1.口令模...
Oracle Wallet Encryption: RMAN密码模式与透明加密详解
`命令启用RMAN口令加密,只允许那些知道指定口令的用户进行加密备份操作。这样可以防止未经授权的访问,提高了数据保护级别。 - **执行备份**: 在执行备份前,需要先关闭加密(`SET ENCRYPTION OFF;`),完成备份后...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

Hehuyi_In

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值