HOME

Connect to Oracle from Unix, without exposing credentials

Contact Me

Oracle connection syntax, without exposing credentials


Here is an example of how can you connect to Oracle database from Unix, without exposing credentials:

Oracle's executable named sqlplus is used for connecting to database.

Again, we make use of Unix's here document. A here document is used to redirect input into an interactive shell script or program, which in this case is sqlplus.

Again, we have set and exported ORACLE_HOME and PATH variables properly prior to an Oracle connection attempt.


Create a file with a variable to hide credentials:

vi pw.ksh
CONNSTR_HIDDEN=myid/mypwd@db_sid

Make it read only (-r--------): 
chmod 400 pw.ksh
		

Try connecting now:

ORACLE_HOME=/u01/app/oracle/product/10g
export ORACLE_HOME
PATH=$HOME:/usr/bin:/etc:/usr/sbin:/usr/ucb:$HOME/bin:/usr/bin/X11:/sbin:$ORACLE_HOME/bin:/usr/java5/bin
export PATH

. pw.ksh
v_data=`sqlplus -s $CONNSTR_HIDDEN << EOF 
set pages 0
set feed off
select 1 from dual ;
exit    
EOF`
		

Above code should successfully select number 1 into v_data variable.


Please note that it is extremely important never to export a password variable ------
To check if its exported or not:

env | grep db_sid
		
Thanks...

TOP