Scribd Logo
Upload

Welcome to Scribd!

  • Encrypted RMAN Backup Tips

    Uploaded by

    theahmadkhan
    144 views4 pages
    Encrypted RMAN Backup Tips

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Encrypted RMAN Backup Tips

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    144 views4 pages

    Encrypted RMAN Backup Tips

    Uploaded by

    theahmadkhan
    Encrypted RMAN Backup Tips

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    SearchBCOracleSites

    Search
    Home

    OracleTips
    GotQuestions?
    KEEPpooldeprecatedin
    12c
    12cPosterAvailable!

    EncryptedRMANBackupTips
    ExpertOracleTipsbyBurlesonConsulting

    FreeAWRReport
    Analysis
    BEWAREof11gR2
    UpgradeGotchas!

    March25,2012

    EmailUs
    OracleArticles

    OracleTraining
    OracleTips

    OracleForum
    ClassCatalog

    RemoteDBA
    OracleTuning
    Emergency911
    RACSupport
    AppsSupport
    Analysis
    Design
    Implementation
    OracleSupport

    SQLTuning
    Security
    OracleUNIX
    OracleLinux
    Monitoring
    Remotesupport
    Remoteplans
    Remoteservices
    ApplicationServer
    Applications
    OracleForms

    CreatingEncryptedRMANBackupsandRecovery

    ItisverysimpletorestorethedatabasecreatedbyRMANusingsimple
    commands.Ifsomeonehasstolenthebackupofthedatabase,theycaneasily
    restoreitandstealallourdata,too.Topreventthatfromhappening,encryptthe
    backupthathasbeenmade.Byqueryingthev$rman_encryption_algorithms
    view,alistofRMANencryptionalgorithmscanbeobtained:
    SQL>
    select
    algorithm_id,algorithm_name,algorithm_description,is_default
    from
    v$rman_encryption_algorithms
    ALGORITHM_IDALGORITHM_NAMEALGORITHM_DESCRIPTIONIS_DEFAULT

    1AES128AES128bitkeyYES
    2AES192AES192bitkeyNO
    3AES256AES256bitkeyNO
    SQL>

    TherearethreeformsofencryptioninOracle10g:transparent,passwordanddual
    mode.
    Tousetransparentmodeencryption,OracleEncryptionWalletshouldbe
    used.
    Tousepasswordmode,apasswordshouldbeprovidebytheDBAwhich
    willbeusedinencryption.
    Byusingdualmodeencryption,bothabovementionedmodeswillbeused.

    Inthefollowingexample,wewillshowhowtousepasswordmodetoencryptour
    backup.Usethesetencryptiononcommandandthepasswordusingtheidentified
    bycommand,andencryptthebackupthatistakeninthissession.Usetheonly
    keywordattheendtouseonlypasswordencryption.Ifthekeywordonlyis
    missed,RMANusesdualmodeencryptionanddemandsthepresenceofOracle
    EncryptionWallet,too.

    OraclePortal
    AppUpgrades

    RMAN>setencryptiononidentifiedby'test'only

    SQLServer
    OracleConcepts
    SoftwareSupport

    Backuptheuserstablespace:

    RemoteSupport
    Development

    RMAN>backuptablespaceusers

    Implementation

    Nowtrytorestoreit:
    ConsultingStaff
    ConsultingPrices
    HelpWanted!

    OraclePosters

    RMAN>restoretablespaceusers
    ORA19913:unabletodecryptbackup
    ORA28365:walletisnotopen

    Asthisshows,itisimpossibletorestorealreadyencryptedbackupwithoutusing
    thepassword.Inthissituation,ifsomeonehasstolenourbackup,theywillnotbe
    abletorestoreitandstealourdata,too,withoutprovidingthecorrectpassword.
    Nowprovidethepasswordandrestorethebackup:

    RMAN>setdecryptionidentifiedby'test'
    RMAN>restoretablespaceusers

    OracleBooks
    OracleScripts
    Ion
    ExcelDB

    Usingthepassword,tablespaceisrestoredsuccessfully.Ifweprovideawrong
    password,itwillnotrestorethebackup:

    DonBurlesonBlog

    RMAN>setdecryptionidentifiedby'wrong'#wrongpassword
    RMAN>restoretablespaceusers
    ORA19913:unabletodecryptbackup
    ORA28365:walletisnotopen
    RMAN>

    Bydefault,RMANusestheAES128bitkeyalgorithmforencryption.The
    algorithmcanbeeasilychangedusingtheconfigureencryptionalgorithm
    commandasfollows:

    RMAN>showencryptionalgorithm
    RMANconfigurationparametersare:
    configureencryptionalgorithm'AES128'#default
    RMAN>configureencryptionalgorithm'AES256'
    newRMANconfigurationparameters:
    configureencryptionalgorithm'AES256'
    newRMANconfigurationparametersaresuccessfullystored

    RMAN>showencryptionalgorithm
    RMANconfigurationparametersare:
    configureencryptionalgorithm'AES256'

    Again,anytimethisconfigurationiscleared,theencryptionalgorithmcanbe
    returnedtoitsdefaultvalueasfollows:

    RMAN>configureencryptionalgorithmclear
    oldRMANconfigurationparameters:
    configureencryptionalgorithm'AES256'
    RMANconfigurationparametersaresuccessfullyresettodefaultvalue

    RMAN>showencryptionalgorithm
    RMANconfigurationparametersare:
    configureencryptionalgorithm'AES128'#default
    RMAN>

    TouseOracleEncryptionWallet,weneedtoconfigureRMANtoperforman
    encryptedbackupofanytablespaceorwholedatabaseautomatically.Forthis,
    usetheconfigureencryptionforcommand.Inthefollowingexample,we
    configureRMANtocreateanencryptedbackupofthedatabase,andexclude
    userstablespacefromencryption:
    RMAN>showall
    RMANconfigurationparametersare:
    configureencryptionfordatabaseoff#default
    configureencryptionalgorithm'AES128'#default
    RMAN>configureencryptionfordatabaseon
    newRMANconfigurationparameters:
    configureencryptionfordatabaseon
    newRMANconfigurationparametersaresuccessfullystored

    RMAN>configureencryptionfortablespaceusersoff
    tablespaceuserswillnotbeencryptedinfuturebackupsets
    newRMANconfigurationparametersaresuccessfullystored
    RMAN>showall
    RMANconfigurationparametersare:
    configureencryptionfordatabaseon
    configureencryptionalgorithm'AES128'#default
    configureencryptionfortablespace'users'off

    Toreturnbacktodefaultvalue,cleartheencryptionconfigurationparameter:
    RMAN>configureencryptionfordatabaseclear

    oldRMANconfigurationparameters:
    configureencryptionfordatabaseon
    RMANconfigurationparametersaresuccessfullyresettodefaultvalue
    RMAN>configureencryptionfortablespaceusersclear
    tablespaceuserswilldefaulttodatabaseencryptionconfiguration
    oldRMANconfigurationparametersaresuccessfullydeleted
    RMAN>showall
    RMANconfigurationparametersare:
    configureencryptionfordatabaseoff#default

    GettheComplete
    OracleBackup&RecoveryDetails

    Thelandmarkbook"OracleBackup&Recovery:
    ExpertsecretsforusingRMANandDataPump"
    providesrealworldadviceforresolvingthemost
    difficultOracleperformanceandrecoveryissues.Buy
    itfor40%offdirectlyfromthepublisher.

    BurlesonistheAmericanTeam

    Note:ThisOracledocumentationwascreatedasasupportandOracletraining
    referenceforusebyourDBAperformancetuningconsultingprofessionals.Feel
    freetoaskquestionsonourOracleforum.
    Verifyexperience!AnyoneconsideringusingtheservicesofanOraclesupport
    expertshouldindependentlyinvestigatetheircredentialsandexperience,andnot
    relyonadvertisementsandselfproclaimedexpertise.AlllegitimateOracle
    expertspublishtheirOraclequalifications.

    Errata?OracletechnologyischangingandwestrivetoupdateourBCOracle
    supportinformation.Ifyoufindanerrororhaveasuggestionforimprovingour
    content,wewouldappreciateyourfeedback.Justemail:
    andincludetheURLforthepage.

    BurlesonConsulting
    TheOracleofDatabaseSupport
    OraclePerformanceTuning

    RemoteDBAServices

    Copyright?19962014
    AllrightsreservedbyBurleson
    Oracle?istheregisteredtrademarkofOracleCorporation.

    You might also like