Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Oracle Advanced Security on Server - Mandatory encryption

Oracle Advanced Security on Server - Mandatory encryption

From: Martin, Alan <amartin_at_dlis.dla.mil>
Date: Tue, 12 Feb 2002 14:52:38 -0800
Message-ID: <F001.0040D5D2.20020212142823@fatcity.com> 









I am primarily interested in encryption, not authentication.
I understand that placing the following lines in a client's sqlnet.ora file to REQUIRE encryption to/from the server is:



SQLNET_CRYPTO_CHECKSUM_TYPE_SERVER = MD5


SQLNET.AUTHENTICATION_SERVICES= (NTS)
SQLNET.CRYPTO_CHECKSUM_CLIENT = requested
SQLNET.ENCRYPTION_TYPES_SERVER= (RC4_40, DES40)
SQLNET.ENCRYPTION_TYPES_CLIENT= (RC4_40, DES40)


SQLNET_CRYPTO_CHECKSUM_TYPE_CLIENT = MD5


SQLNET.EXPIRE_TIME = 0
SQLNET.ENCRYPTION_SERVER = REQUIRED
SQLNET.ENCRYPTION_CLIENT = REQUIRED
SQLNET.CRYPTO_CHECKSUM_SERVER = requested
SQLNET.CRYPTO_SEED = qwertyuiopasdfghjkl;zxcvbnm






If encryption can not be enforced by either the client or the server (due to the REQUIRED values), the connection won't be made.



This seems kind of arbitrary that the client can dictate how the server is to conduct business. What (and where) on the server do I set such that encryption is mandatory to/from ANY client? Am I correct that the server's sqlnet.ora file has nothing to do with a remote client's sqlnet.ora file?



Thanx,




Alan Martin


Principal Consultant


Defense Logistics Information Service


Battle Creek, Michigan
Received on Tue Feb 12 2002 - 16:52:38 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US