Three Oracle RMAN backup encryption strategies 04/09 Update SLTechnology News&Howtos

Three Oracle RMAN backup encryption strategies

2025-04-09 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >

Shulou(Shulou.com)06/01 Report--

CONFIGURE ENCRYPTION FOR DATABASE OFF; # default

CONFIGURE ENCRYPTION ALGORITHM 'AES128'; # default

The three strategies of RMAN backup security are password security, Oracle Wallet security and mixed encryption security.

RMAN > show encryption for database

The RMAN configuration parameters of the database for which db_unique_name is NEWTEST are:

CONFIGURE ENCRYPTION FOR DATABASE OFF; # default

RMAN > show encryption algorithm

The RMAN configuration parameters of the database for which db_unique_name is NEWTEST are:

CONFIGURE ENCRYPTION ALGORITHM 'AES128'; # default

The default RMAN does not enable encryption. The encryption problem must follow the encryption algorithm, and the default encryption algorithm is AES128. Looking at the view v$RMAN_ENCRYPTION_ALGORITHMS, you can see the encryption algorithms that are currently available.

RMAN > select * from v$rman_encryption_algorithms

ALGORITHM_ID ALGORITHM_NAME

ALGORITHMDESCRIPTION IS RES

CON_ID 1 AES128

AES 128-bit key YES NO

2 AES192

AES 192-bit key NO NO

3 AES256

AES 256-bit key NO NO

To use password encryption, first use the set encryption command to set the upper password.

RMAN > set encryption on identified by 'test' only

2 >

Executing command: SET encryption

RMAN > show encryption for database

The RMAN configuration parameters of the database for which db_unique_name is NEWTEST are:

CONFIGURE ENCRYPTION FOR DATABASE OFF; # default

RMAN > backup database plus archivelog

Starting with backup, which is located in 2005-February-18

The current log is archived

Starting with backup, which is located in 2005-February-18

The current log is archived

Use channel ORA_DISK_1

Channel ORA_DISK_1: starting archive log backup set

Channel ORA_DISK_1: specifying archive logs in backup set

Enter archive log thread = 1 sequence = 15 RECID=155 STAMP=967284487

Channel ORA_DISK_1: starting segment 1 in 05-February-18

Channel ORA_DISK_1: completed startup segment 1 from 05-February-18

Fragment handle = E:\ RECOVERYFLASH\ NEWTEST\ BACKUPSET\ 2018'02'05\ O1_MF_ANNNN_TAG20180205T100807F7HH47FM.BKP tag = TAG20180205T100807 comment = NONE

Channel ORA_DISK_1: backup set completed, time: 00:00:01

Completed backup in 05-February-18

Starting with Control File and SPFILE Autobackup, which is located in 2005-February-18

Fragment handle = E:\ CONTROLBACKUP\ CF-C-1779551310-20180205-04 comment = NONE

Completed Control File and SPFILE Autobackup in 05-February-18

RMAN > shutdown immediate

The database is closed

Database has been uninstalled

Oracle instance is closed

RMAN > startup mount

Connected to the target database (not started)

Oracle instance has been started

The database is mounted

The total system global area is 2768240640 bytes

Fixed Size 8922760 byt

Variable Size 704645496 byt

Database Buffers 2046820352 byt

Redo Buffers 7852032 byt

RMAN > restore database

Starting with restore, which is located in 2005-February-18

Assigned channel: ORA_DISK_1

Channel ORA_DISK_1: SID=33 device type = DISK

Skipping data file 2; restored to file C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ PDBSEED\ SYSTEM01.DBF

Skipping data file 4; restored to file C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ PDBSEED\ SYSAUX01.DBF

Skipping data file 6; restored to file C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ PDBSEED\ UNDOTBS01.DBF

Skipping data file 8; restored to file C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ PDBTEST\ SYSTEM01.DBF

Skipping data file 9; restored to file C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ PDBTEST\ SYSAUX01.DBF

Skipping data file 10; restored to file C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ PDBTEST\ UNDOTBS01.DBF

Skipping data file 11; restored to file C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ PDBTEST\ USERS01.DBF

Skipping data file 40; restored to file C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ CLONEPDB_PLUG\ SYSTEM01.DBF

Skipping data file 41; restored to file C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ CLONEPDB_PLUG\ SYSAUX01.DBF

Skipping data file 42; restored to file C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ CLONEPDB_PLUG\ UNDOTBS01.DBF

Skipping data file 43; restored to file C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ CLONEPDB_PLUG\ USERS01.DBF

Skipping data file 45; restored to file C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ CLONEPDB_PLUG\ FDA01.DBF

Channel ORA_DISK_1: starting to restore data file backup set

Channel ORA_DISK_1: specifying data files to restore from the backup set

Channel ORA_DISK_1: restore the data file 00001 to C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ SYSTEM01.DBF

Channel ORA_DISK_1: restore the data file 00003 to C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ SYSAUX01.DBF

Channel ORA_DISK_1: restore the data file 00005 to C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ UNDOTBS01.DBF

Channel ORA_DISK_1: restore the data file 00007 to C:\ APP\ ADMINISTRATOR\ VIRTUAL\ ORADATA\ NEWTEST\ USERS01.DBF

Channel ORA_DISK_1: reading backup fragment E:\ RECOVERYFLASH\ NEWTEST\ BACKUPSET\ 2018'02'05\ O1_MF_NNNDF_TAG20180205T100514F7HGYVZ5.BKP

RMAN-00571: =

RMAN-00569: = ERROR MESSAGE STACK FOLLOWS =

RMAN-00571: =

RMAN-03002: the restore command at 02amp 05amp 10:11:52 on 2018 failed

ORA-19870: error restoring backup fragment E:\ RECOVERYFLASH\ NEWTEST\ BACKUPSET\ 2018'02'05\ O1_MF_NNNDF_TAG20180205T100514F7HGYVZ5.BKP

ORA-19913: unable to decrypt backup

ORA-28365: Wallet is not open

RMAN > set decryption identified by 'test'

Executing command: SET decryption