对ogg用户进行加密_error (-11) retrieving key for ting in file enckey

-- 使用默认生成key的方法 

encrypt password oracle,ENCRYPTKEY default     ## 在ggsci命令行上生成加密后的密码 
 
GGSCI (redhat762100 as ogg@orcl) 3> encrypt password oracle,ENCRYPTKEY default
Using Blowfish encryption with DEFAULT key.
Encrypted password:  AACAAAAAAAAAAAGAIFAAUDVHCFUGFIYF
Algorithm used:  BLOWFISH
 
 
GGSCI (redhat762100 as ogg@orcl) 4>
 
dblogin userid ogg,password AACAAAAAAAAAAAGAIFAAUDVHCFUGFIYF,ENCRYPTKEY default   ## 使用加密后的密码，在GGSCI命令行上登录数据库
 
GGSCI (redhat762100) 5> dblogin userid ogg,password AACAAAAAAAAAAAGAIFAAUDVHCFUGFIYF,ENCRYPTKEY default
Successfully logged into database.
 
GGSCI (redhat762100 as ogg@orcl) 6>
 
userid ogg,password AACAAAAAAAAAAAGAIFAAUDVHCFUGFIYF,ENCRYPTKEY default     ## 在进程的参数文件中，添加这些内容，替换掉userid ogg,password oracle 

-- 使用key的方法进行加密  

### 256位加密 
cd /u01/ogg19c 
./keygen 256 1   -- 256位加密，生成1个密码     成功，注意，要在登陆的时候，指定加密方式AES256 
 
[oracle@redhat762100 ogg19c]$ ./keygen 256 1
0x608EB330DCDD3E6197500E707D70467C4BBCBE2A11780A2F3C78DE4F0BD2ED05 
 
[oracle@redhat762100 ogg19c]$

编辑ENCKEYS文件，将上面生成的加密key填入，方式如下：

vi ENCKEYS
## KEY NAME      KEY VALUE
ogg_key  0x608EB330DCDD3E6197500E707D70467C4BBCBE2A11780A2F3C78DE4F0BD2ED05
 
ENCRYPT PASSWORD oracle AES256  ENCRYPTKEY ogg_key      ##  在GGSCI命令行上生成加密的密码，指定加密方式是AES256 
 
GGSCI (redhat762100) 1> ENCRYPT PASSWORD oracle AES256  ENCRYPTKEY ogg_key
Encrypted password:  AADAAAAAAAAAAAGABDCEKCYIGFOAIFJAAJQBHCBHBAREKCGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Algorithm used:  AES256
 
 
GGSCI (redhat762100) 2>

使用生成的加密后的密码登录，指定加密方式为AES256 ，加密key是ogg_key ，登录成功

dblogin userid ogg,password AADAAAAAAAAAAAGABDCEKCYIGFOAIFJAAJQBHCBHBAREKCGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA  AES256,encryptkey ogg_key
 
GGSCI (redhat762100) 2> dblogin userid ogg,password AADAAAAAAAAAAAGABDCEKCYIGFOAIFJAAJQBHCBHBAREKCGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA  AES256,encryptkey ogg_key
Successfully logged into database.
 
GGSCI (redhat762100 as ogg@orcl) 3>

-- 在测试的过程中，使用了AES156加密，但是在登录的时候，没有指定AES256，导致错误 ，上面的指定了AES156 ，登录成功，不指定，默认是AES128加密方式 

GGSCI (redhat762100) 2> dblogin userid ogg,password AADAAAAAAAAAAAGABDCEKCYIGFOAIFJAAJQBHCBHBAREKCGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA                           AA,encryptkey ogg_key
ERROR: Error (-12) Error (-11) retrieving key for OGG_KEY in file ENCKEYS: The length of the key specified in KEYNAME does not match the encryption method. AES256  

#### 128位加密

./keygen 128 1   -- 128位加密，缺省是128位，生成1个密码
 
[oracle@redhat762100 ogg19c]$ ./keygen 128 1          ## 生成128位的加密key 
0x174C852123CCC100699D4A4BB0703412
 
[oracle@redhat762100 ogg19c]$
 
将生成的密码写在ENCKEYS文件中，格式如下
[oracle@redhat762100 ogg19c]$ cat ENCKEYS
ogg_key 0x174C852123CCC100699D4A4BB0703412
[oracle@redhat762100 ogg19c]$

在GGSCI上生成加密的密码，没有指定加密方式，使用默认的128位

ENCRYPT PASSWORD oracle ENCRYPTKEY ogg_key     
 
 
GGSCI (redhat762100) 1> ENCRYPT PASSWORD oracle ENCRYPTKEY ogg_key
Encrypted password:  AADAAAAAAAAAAAGAZIUEICADYHPHXIMHBEDHNIXGTFMFZHAHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Algorithm used:  AES128
 
 
GGSCI (redhat762100) 2>

登录测试 ，登录成功

dblogin userid ogg,password AADAAAAAAAAAAAGAZIUEICADYHPHXIMHBEDHNIXGTFMFZHAHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA,encryptkey ogg_key
 
GGSCI (redhat762100) 4> dblogin userid ogg,password AADAAAAAAAAAAAGAZIUEICADYHPHXIMHBEDHNIXGTFMFZHAHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA,encryptkey ogg_key
Successfully logged into database.
 
GGSCI (redhat762100 as ogg@orcl) 5>

后面的tail文件，tcpip加密，有时间再测试 。

END