This discussion is archived
2 Replies Latest reply: Jun 30, 2013 10:42 PM by BillyVerreynne RSS

Help correct code connect to Oracle on Unix system

4581a78d-8e6c-4d24-bc01-968bd836d8e9 Newbie
Currently Being Moderated

Hi,

 

A database administrator has used to connect to oracle database on unix operating system by using the following

 

$ sqlplus sys/sysPass1@orcl as sysdba 

 

What are the big mistakes in the previous method to connect?

  What do you suggest to avoid such mistakes?

  • 1. Re: Help correct code connect to Oracle on Unix system
    Solomon Yakobson Guru
    Currently Being Moderated


    Anyone who can has access to command history will be able to see sys password. It is suggested to use /nolog:

     

    $ sqlplus /nolog

    SQL> connect sys/sysPass1@orcl as sysdba

     

    SY.

  • 2. Re: Help correct code connect to Oracle on Unix system
    BillyVerreynne Oracle ACE
    Currently Being Moderated

    If the intention is to connect to a remote database, then a local internal logon will not work.

     

    In that case the user can use the TWO_TASK variable to hide the identify of the database from the command line, and only specify the username on the command line - forcing sqlplus to prompt for the password.

     

    Example:

    /home/billy> export TWO_TASK=dev1
    /home/billy> sqlplus billy
    SQL*Plus: Release 11.2.0.3.0 Production on Mon Jul 1 07:35:38 2013
    Copyright (c) 1982, 2011, Oracle.  All rights reserved.
    Enter password: 
    Connected to:
    Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 - 64bit Production
    With the Partitioning, Real Application Clusters, Automatic Storage Management, Oracle Label Security,
    OLAP, Data Mining, Oracle Database Vault and Real Application Testing options
    Session altered.
    SQL> !ps -fu billy | grep sqlplus | grep -v grep
    billy    32521  2177  0 07:35 pts/8    00:00:00 rlwrap /home/billy/instantclient_11_2/sqlplus billy
    billy    32522 32521  0 07:35 pts/14   00:00:00 /home/billy/instantclient_11_2/sqlplus      
    SQL> 

     

    As you can see, the only details available by looking at the process's command line is the schema name used as logon. No database details. No password details.