Re: TDE - Lost Password

From: Andy Klock <andy_at_oracledepot.com>
Date: Fri, 2 Jun 2017 16:06:00 -0400
Message-ID: <CADo_RaPHrjvaCtPkwqgSRv+AXVNOY9jtGNmQFfo0uKS7yOkojw_at_mail.gmail.com>

On Fri, Jun 2, 2017 at 3:30 PM, David Barbour <david.barbour1_at_gmail.com> wrote:

>
> Since we don't have the password, can I create a new auto_login keystore
> for which the password will be retained, export or merge the contents
> (which shouldn't require a password) into the new keystore, close the old
> keystore which again should not require a password, change the sqlnet.ora
> to point to the new keystore and breathe a sigh of relief?
>
>
Hi David, I'm not sure how you would export your wallet without the password, so if you know of a way please share! I've seen some hacks to get passwords from wallets, for example: http://checkyourlogsblog.com/index.php/2016/06/19/recovering-tde-encryption-keys/

But the API is different for encryption keys (I would think)

I've written up something for extracting keys from shared memory, using shmcat for situations like you are describing, but I'd be a little reluctant to do this in PROD. We all have different comfort zones though.

http://checkyourlogsblog.com/index.php/2016/06/19/recovering-tde-encryption-keys/

Good luck!

Andy K

--
http://www.freelists.org/webpage/oracle-l

Received on Fri Jun 02 2017 - 22:06:00 CEST

This message: [ Message body ]
Next message: Andy Klock: "Re: TDE - Lost Password"
In reply to David Barbour: "TDE - Lost Password"
Next in thread: Andy Klock: "Re: TDE - Lost Password"
Reply: Andy Klock: "Re: TDE - Lost Password"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message