When implementing GoldenGate, security is often ignored. However, as a complete GoldenGate system, basic security settings are still necessary.
When implementing GoldenGate, security is often ignored. However, as a complete GoldenGate system, basic security settings are still necessary.
Password Encryption
3. Network Transmission encryption is not available
Therefore, you usually need to generate your own key file. Two steps are required to generate a key file:
The procedure is as follows:
[Ggate @ ogg_s current] $./keygen 128 3
0x345ceb2da1_dc2f75b0514484fcab42
0xD8A1B350AF392A75C52EE540B169B267
0x7CE77B73BD5F783A15AD783DDFD6B80C
# Store the key in a file, with one key per line
[Ggate @ ogg_s current] $ cat ENCKEYS
# Key-name Key-value
PASSWDKEY 0x345ceb2da1_dc2f75b0514484fcab42
TRAILKEY 0xD8A1B350AF392A75C52EE540B169B267
TCPIPKEY 0x7CE77B73BD5F783A15AD783DDFD6B80C
After the key file is configured, We can encrypt the password of the database account.
GGSCI (ogg_s) 1> encrypt password OGG123 ENCRYPTKEY PASSWDKEY
Encrypted password: Encrypted
Algorithm used: AES128
GGSCI (ogg_s) 2> encrypt password OGG123 ENCRYPTKEY DEFAULT
Using default key...
Encrypted password: aacaaaaaaaaagacarardmendjhiifg
Algorithm used: BLOWFISH
GGSCI (ogg_s) 3> dblogin userid ogg, PASSWORD encrypted, ENCRYPTKEY PASSWDKEY
Successfully logged into database.
...
SETENV (Oracle_HOME =/u01/app/oracle/product/11.2.0/db_1)
SETENV (ORACLE_SID = ggtest)
-- Userid ogg, PASSWORD OGG123
Userid ogg, PASSWORD secret, ENCRYPTKEY PASSWDKEY
EXTTRAIL/data/ggate/dirext/ggtest/ea
...
Trail file encryption
If it is encrypted, the data is garbled:
...
SETENV (ORACLE_SID = ggtest)
Userid ogg, PASSWORD secret, ENCRYPTKEY PASSWDKEY
ENCRYPTTRAIL AES128 KEYNAME TRAILKEY
EXTTRAIL/data/ggate/dirext/jet2/ea
DISCARDFILE/u01/app/oracle/product/ggate/current/dirrpt/EJET2.dsc, APPEND, MEGABYTES 500
FETCHOPTIONS FETCHPKUPDATECOLS
...
...
SHOWSYNTAX
DYNSQL
DBOPTIONS DEFERREFCONST
DECRYPTTRAIL AES128 KEYNAME TRAILKEY
MAP JET2. *, TARGET JET2 .*;
...
...
DECRYPTTRAIL AES128 KEYNAME TRAILKEY
RMTHOST ogg_t, MGRPORT 7809.
ENCRYPTTRAIL AES128 KEYNAME TRAILKEY
RMTTRAIL/data/ggate/dirrep/jet2/
...
Network Transmission Encryption
...
Userid ogg, PASSWORD secret, ENCRYPTKEY PASSWDKEY
RMTHOST ogg_t, MGRPORT 7809, ENCRYPT AES128 KEYNAME TCPIPKEY
RMTTRAIL/data/ggate/dirrep/jet1/
...
ERROR OGG-01453 Oracle GoldenGate Capture for Oracle, pjet1.prm: Database login information not specified in parameter file.
GoldenGate update loss
GoldenGate unidirectional table DML Synchronization
Oracle GoldenGate series: restoration principles of Extract processes
Oracle GoldenGate installation Configuration
OGG-01004 OGG-1296 error for Oracle goldengate
Oracle GoldenGate Quick Start Tutorial: Basic Concepts and configurations
Build a GoldenGate bidirectional replication environment from Oracle to Oracle
This article permanently updates the link address: