I "inherited" these scripts which are used to access an Oracle DB on a test envoiroment. Originaly someone from our security team would add an system user and password to the otherwise finished script and encrypt the whole thing. The encrypted file (script.x) would then be scheduled with Control-M.
Recently we decided to test new ways to connect to the DB and managed the following solution:
Code: Select all
${ORACLE_HOME}/bin/sqlplus "`decrypt -a 3des -k ${DIR_CHAVES}/key.3des.aga -i ${DIR_CHAVES}/login.aga`"@orahmp01 <<EOF
Where login.aga is an encrypted file with DB user and password, key.3des.aga the key file for decryption, ${DIR_CHAVES} stores the path to the key diractory and orahmp01 is the DB instance.
It does work, however the system user and password are visible as clear text on the job sysout in Control-M.
Does anyone know how I can hide the decrypt output (user and password) and still logon to the database?
Thanks in advance.