日韩性视频-久久久蜜桃-www中文字幕-在线中文字幕av-亚洲欧美一区二区三区四区-撸久久-香蕉视频一区-久久无码精品丰满人妻-国产高潮av-激情福利社-日韩av网址大全-国产精品久久999-日本五十路在线-性欧美在线-久久99精品波多结衣一区-男女午夜免费视频-黑人极品ⅴideos精品欧美棵-人人妻人人澡人人爽精品欧美一区-日韩一区在线看-欧美a级在线免费观看

歡迎訪問 生活随笔!

生活随笔

當前位置: 首頁 > 编程资源 > 编程问答 >内容正文

编程问答

Oracle 加密配置,Oracle sqlnet设置网络传输加密

發布時間:2023/12/4 编程问答 32 豆豆
生活随笔 收集整理的這篇文章主要介紹了 Oracle 加密配置,Oracle sqlnet设置网络传输加密 小編覺得挺不錯的,現在分享給大家,幫大家做個參考.

1、查看加密組件

[oracle@yuntestdb ~]$ adapters

Installed Oracle Net transport protocols are:

IPC

BEQ

TCP/IP

SSL

RAW

SDP/IB

Installed Oracle Net naming methods are:

Local Naming (tnsnames.ora)

Oracle Directory Naming

Oracle Host Naming

Oracle Names Server Naming

Installed Oracle Advanced Security options are:

RC4 40-bit encryption

RC4 56-bit encryption

RC4 128-bit encryption

RC4 256-bit encryption

DES40 40-bit encryption

DES 56-bit encryption

3DES 112-bit encryption

3DES 168-bit encryption

AES 128-bit encryption

AES 192-bit encryption

AES 256-bit encryption

MD5 crypto-checksumming

SHA-1 crypto-checksumming

Kerberos v5 authentication

RADIUS authentication

2、設置網絡加密,只對服務端進行設置,客戶端默認設置是ACCEPTED

SQLNET.ENCRYPTION_SERVER = requested

SQLNET.ENCRYPTION_TYPES_SERVER= (RC4_256)

3加密設置是否生效參考官網

https://docs.oracle.com/cd/E11882_01/network.112/e40393/asoconfg.htm#ASOAG9599

Client SettingServer SettingEncryption and Data NegotiationREJECTEDREJECTEDOFFACCEPTEDREJECTEDOFFREQUESTEDREJECTEDOFFREQUIREDREJECTEDConnection failsREJECTEDACCEPTEDOFFACCEPTEDACCEPTEDOFFFoot?1?REQUESTEDACCEPTEDONREQUIREDACCEPTEDONREJECTEDREQUESTEDOFFACCEPTEDREQUESTEDONREQUESTEDREQUESTEDONREQUIREDREQUESTEDONREJECTEDREQUIREDConnection failsACCEPTEDREQUIREDONREQUESTEDREQUIREDONREQUIREDREQUIREDON

設置完sqlnet以后不用重啟監聽

驗證是否加密可以trace sqlnet,操作前在sqlnet.ora內增加如下行,做完后刪除。

#Trace file setup

trace_level_server=16

trace_level_client=16

trace_directory_server=/oracle/app/oracle/product/11.2.0/db_1/network/admin

trace_directory_client=/oracle/app/oracle/product/11.2.0/db_1/network/admin

trace_file_client=cli

trace_file_server=srv

trace_unique_client=true

diag_adr_enabled = off

驗證

[oracle@yuntestdb admin]$ cat srv_24360.trc |grep "encryption is active"

[29-JUL-2020 16:26:23:709] na_tns: encryption is active, using RC4_256

加密以后包變大拉

加密解密性能影響,參考http://www.orafaq.com/wiki/Network_Encryption

AlgorithmNoneMD5SHA-1

Time%NoneTime%NoneTime%None

None79.6 s80.5 s101%82.4 s104%

DES104.7 s132%107.1 s135%108.2 s136%

3DES168151.8 s191%153.9 s193%155.6 s196%

AES12888.8 s112%90.5 s114%92.1 s116%

AES25691.8 s115%93.5 s117%94.2 s118%

RC4_12881.6 s103%82.5 s104%85.0 s107%

RC4_25681.7 s103%82.8 s104%85.0 s107%

分享到:

總結

以上是生活随笔為你收集整理的Oracle 加密配置,Oracle sqlnet设置网络传输加密的全部內容,希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯,歡迎將生活随笔推薦給好友。