Cryptoseed Testing Analysis George Milliken DB

You might also like

Download as pdf or txt
Download as pdf or txt
You are on page 1of 10

Oracle SQL NET Encrpytion

Analysis
of
CryptoSeed Error ORA-12645
10/02/09
George P. Milliken, DBA
gpmilliken@clarkforkdata.com
415-652-2105

The following table shows that when testing with client


9.2.0.1.0 we can connect with or without a cryptoseed parameter
in the SQLNET.ORA to the following version of Oracle Database on
Solaris

10.2.0.2.0
8.1.7.4.0
9.2.0.8.0

We CANNOT connect to

10.2.0.1.0
10.2.0.3.0

TEST.SQL

select
user from
dual;
exit

Log of
Connection Attempts With CryptoSeed
Various Oracle Database versions
SQL*Plus: Release 9.2.0.1.0 - Production on Fri Nov 2 02:29:47
2007

# SQLNET.ORA Network Configuration File:


c:\u01\product\Ora92\network\admin\sqlnet.ora
# Generated by Oracle configuration tools.

NAMES.INITIAL_RETRY_TIMEOUT = 10
NAMES.DEFAULT_DOMAIN = rwc.nomax.com
NAMES.PREFERRED_SERVERS =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr2.nomax.com)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr1.nomax.com)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr0.nomax.com)(PORT = 1575))
)
NAMES.DIRECTORY_PATH= (LDAP, ONAMES, TNSNAMES)
SQLNET.EXPIRE_TIME = 30
SQLNET.CRYPTO_SEED = "208271-GEORGE_MILLIKEN-985762548"

SQL*Plus: Release 9.2.0.1.0 - Production on Fri Nov 2 02:29:47 2007

Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.

Connected to:
Oracle8i Enterprise Edition Release 8.1.7.4.0 - 64bit Production
With the Partitioning option
JServer Release 8.1.7.4.0 - 64bit Production

USER
------------------------------
SCOTT

Disconnected from Oracle8i Enterprise Edition Release 8.1.7.4.0 - 64bit


Production
With the Partitioning option
JServer Release 8.1.7.4.0 - 64bit Production

SQL*Plus: Release 9.2.0.1.0 - Production on Fri Nov 2 02:30:59 2007


Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.

Connected to:
Oracle9i Enterprise Edition Release 9.2.0.8.0 - 64bit Production
With the Partitioning, OLAP and Oracle Data Mining options
JServer Release 9.2.0.8.0 - Production

USER
------------------------------
SCOTT

Disconnected from Oracle9i Enterprise Edition Release 9.2.0.8.0 - 64bit


Production
With the Partitioning, OLAP and Oracle Data Mining options
JServer Release 9.2.0.8.0 - Production

SQL*Plus: Release 9.2.0.1.0 - Production on Fri Nov 2 02:34:41 2007

Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.

Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - 64bit Production
With the Partitioning, OLAP and Data Mining options

USER
------------------------------
SCOTT

Disconnected from Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 -


64bit Production
With the Partitioning, OLAP and Data Mining options

SQL*Plus: Release 9.2.0.1.0 - Production on Fri Nov 2 02:35:34 2007

Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.

Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.3.0 - 64bit Production
With the Partitioning, OLAP and Data Mining options

USER
------------------------------
SCOTT

Disconnected from Oracle Database 10g Enterprise Edition Release 10.2.0.3.0 -


64bit Production
With the Partitioning, OLAP and Data Mining options

SQL*Plus: Release 9.2.0.1.0 - Production on Fri Nov 2 02:41:18 2007

Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.

Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - 64bit Production
With the Partitioning, OLAP and Data Mining options

USER
------------------------------
SCOTT

Disconnected from Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 -


64bit Production
With the Partitioning, OLAP and Data Mining options

SQL*Plus: Release 9.2.0.1.0 - Production on Fri Nov 2 02:43:11 2007

Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.

Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.2.0 - 64bit Production
With the Partitioning, OLAP and Data Mining options

USER
------------------------------
SCOTT
Disconnected from Oracle Database 10g Enterprise Edition Release 10.2.0.2.0 -
64bit Production
With the Partitioning, OLAP and Data Mining options

Log of Connection Attempts Without CryptoSeed


Various Oracle Database versions
SQL*Plus: Release 9.2.0.1.0 - Production on Fri Nov 2 02:29:47
2007

# SQLNET.ORA Network Configuration File:


c:\u01\product\Ora92\network\admin\sqlnet.ora
# Generated by Oracle configuration tools.

NAMES.INITIAL_RETRY_TIMEOUT = 10
NAMES.DEFAULT_DOMAIN = rwc.nomax.com
NAMES.PREFERRED_SERVERS =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr2.nomax.com)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr1.nomax.com)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr0.nomax.com)(PORT = 1575))
)
NAMES.DIRECTORY_PATH= (LDAP, ONAMES, TNSNAMES)
SQLNET.EXPIRE_TIME = 30

# SQLNET.CRYPTO_SEED = "208271-GEORGE_MILLIKEN-985762548"

SQL*Plus: Release 9.2.0.1.0 - Production on Fri Nov 2 02:47:42 2007

Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.

Connected to:
Oracle8i Enterprise Edition Release 8.1.7.4.0 - 64bit Production
With the Partitioning option
JServer Release 8.1.7.4.0 - 64bit Production

USER
------------------------------
SCOTT

Disconnected from Oracle8i Enterprise Edition Release 8.1.7.4.0 - 64bit


Production
With the Partitioning option
JServer Release 8.1.7.4.0 - 64bit Production

SQL*Plus: Release 9.2.0.1.0 - Production on Fri Nov 2 02:48:16 2007

Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.

Connected to:
Oracle9i Enterprise Edition Release 9.2.0.8.0 - 64bit Production
With the Partitioning, OLAP and Oracle Data Mining options
JServer Release 9.2.0.8.0 - Production

USER
------------------------------
SCOTT

Disconnected from Oracle9i Enterprise Edition Release 9.2.0.8.0 - 64bit


Production
With the Partitioning, OLAP and Oracle Data Mining options
JServer Release 9.2.0.8.0 - Production

SQL*Plus: Release 9.2.0.1.0 - Production on Fri Nov 2 02:49:47 2007

Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.

ERROR:
ORA-12645: Parameter does not exist.

Enter user-name: ERROR:


ORA-12560: TNS:protocol adapter error

Enter user-name: ERROR:


ORA-12560: TNS:protocol adapter error

SP2-0157: unable to CONNECT to ORACLE after 3 attempts, exiting SQL*Plus

SQL*Plus: Release 9.2.0.1.0 - Production on Fri Nov 2 02:50:06 2007


Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.

ERROR:
ORA-12645: Parameter does not exist.

Enter user-name: ERROR:


ORA-12560: TNS:protocol adapter error

Enter user-name: ERROR:


ORA-12560: TNS:protocol adapter error

SP2-0157: unable to CONNECT to ORACLE after 3 attempts, exiting SQL*Plus

SQL*Plus: Release 9.2.0.1.0 - Production on Fri Nov 2 02:50:35 2007

Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.

ERROR:
ORA-12645: Parameter does not exist.

Enter user-name: ERROR:


ORA-12560: TNS:protocol adapter error

Enter user-name: ERROR:


ORA-12560: TNS:protocol adapter error

SP2-0157: unable to CONNECT to ORACLE after 3 attempts, exiting SQL*Plus


SERVER SIDE SQLNET.ORA depr02 (dena)

# SQLNET.ORA Network Configuration File: c:\ora816\NETWORK\ADMIN\sqlnet.ora


# Generated by Oracle configuration tools.

NAMES.INITIAL_RETRY_TIMEOUT = 10
NAMES.DEFAULT_DOMAIN = rwc.nomax.com
NAMES.PREFERRED_SERVERS =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr0.nomax.com)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr1.nomax.com)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr2.nomax.com)(PORT = 1575))
)
NAMES.DIRECTORY_PATH=(LDAP, ONAMES, tnsnames)
#SQLNET.EXPIRE_TIME = 30
SQLNET.EXPIRE_TIME = 0
SQLNET.CRYPTO_SEED = "2082711464305360055"
#
SQLNET.ENCRYPTION_SERVER = requested
SQLNET.ENCRYPTION_CLIENT = requested
#
############# End of Sqlnet.ora ###################################
# SQLNET.CRYPTO_SEED = "20827114641985762548"
~

SERVER SIDE SQLNET.ORA gempr1 (gemini)

NAMES.INITIAL_RETRY_TIMEOUT = 10
NAMES.DEFAULT_DOMAIN = rwc.nomax.com
#NAMES.DEFAULT_DOMAIN = global.corp.nomax.com
NAMES.PREFERRED_SERVERS =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr0.nomax.com)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr1.nomax.com)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr2.nomax.com)(PORT = 1575))
)
NAMES.DIRECTORY_PATH=(LDAP, ONAMES, tnsnames)
#SQLNET.EXPIRE_TIME = 30
SQLNET.EXPIRE_TIME = 0
SQLNET.CRYPTO_SEED = "2082711464305360055"
#
SQLNET.ENCRYPTION_SERVER = requested
SQLNET.ENCRYPTION_CLIENT = requested

SERVER SIDE SQLNET.ORA lkts09 (loki)

##################################################################
# Filename......: sqlnet.ora ***** ROGER ONLY ********
# Name..........: TCP.rwc.nomax.com
##################################################################
AUTOMATIC_IPC = OFF #Obsolete in 8.1.6
#trace_level_client = user
#sqlnet.trace_level=user
#names.trace_level=user

sqlnet.connect_timeout=60
TRACE_DIRECTORY_CLIENT=/ora/network/admin
SQLNET.EXPIRE_TIME = 120
NAMES.DEFAULT_DOMAIN = rwc.nomax.com

NAMES.DIRECTORY_PATH = (ldap,tnsnames,onames)
# NAMES.DIRECTORY_PATH = (onames,tnsnames,ldap)

SQLNET.CRYPTO_SEED = "2082711464305360055"

###SQLNET.ENCRYPTION_SERVER = requested
###SQLNET.ENCRYPTION_CLIENT = requested

#SQLNET.ENCRYPTION_SERVER = accepted
#SQLNET.ENCRYPTION_CLIENT = accepted
#

NAMES.PREFERRED_SERVERS =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = loki)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr1)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr2)(PORT = 1575))
)
#################### End of Sqlnet.ora #########################
SERVER SIDE SQLNET.ORA gemdv1 (gemini)

NAMES.INITIAL_RETRY_TIMEOUT = 10
NAMES.DEFAULT_DOMAIN = rwc.nomax.com
#NAMES.DEFAULT_DOMAIN = global.corp.nomax.com
NAMES.PREFERRED_SERVERS =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr0.nomax.com)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr1.nomax.com)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr2.nomax.com)(PORT = 1575))
)
NAMES.DIRECTORY_PATH=(LDAP, ONAMES, tnsnames)
#SQLNET.EXPIRE_TIME = 30
SQLNET.EXPIRE_TIME = 0
SQLNET.CRYPTO_SEED = "2082711464305360055"
#
SQLNET.ENCRYPTION_SERVER = requested
SQLNET.ENCRYPTION_CLIENT = requested
SERVER SIDE SQLNET.ORA argdv1 (yama)

# SQLNET.ORA Network Configuration


NAMES.INITIAL_RETRY_TIMEOUT = 10
NAMES.DEFAULT_DOMAIN = rwc.nomax.com
NAMES.PREFERRED_SERVERS =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr0.nomax.com)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr1.nomax.com)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr2.nomax.com)(PORT = 1575))
)
NAMES.DIRECTORY_PATH=(LDAP, ONAMES, tnsnames)
SQLNET.EXPIRE_TIME = 0
SQLNET.CRYPTO_SEED = "2082711464305360055"
############# End of Sqlnet.ora ###################################

SERVER SIDE SQLNET.ORA argdv4 (yama)

# SQLNET.ORA Network Configuration


NAMES.INITIAL_RETRY_TIMEOUT = 10
NAMES.DEFAULT_DOMAIN = rwc.nomax.com
NAMES.PREFERRED_SERVERS =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr0.nomax.com)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr1.nomax.com)(PORT = 1575))
(ADDRESS = (PROTOCOL = TCP)(HOST = oranamesrvr2.nomax.com)(PORT = 1575))
)
NAMES.DIRECTORY_PATH=(LDAP, ONAMES, tnsnames)
SQLNET.EXPIRE_TIME = 0
SQLNET.CRYPTO_SEED = "2082711464305360055"
############# End of Sqlnet.ora ###################################

You might also like