Specifying the Encrypted Password in a Parameter File or Command

D.2 Specifying the Encrypted Password in a Parameter File or Command

Copy the encrypted password that you generated with the ENCRYPT PASSWORD command (see Encrypting a Password in a Command or Parameter File), and then paste it into the appropriate Oracle GoldenGate parameter statement or command as in the following table. Option descriptions follow the table.

Table D-1 Specifying Encrypted Passwords in Parameters and Commands

Purpose of the Password	Parameter or Command to Use
Oracle GoldenGate database login Syntax elements required for `USERID` vary by database type. See Reference for Oracle GoldenGate for more information.	USERID `user`, PASSWORD `encrypted-password`, & `algorithm` ENCRYPTKEY {`keyname` \| DEFAULT}
Oracle GoldenGate database login for Oracle ASM instance	TRANLOGOPTIONS ASMUSER SYS@`ASM_instance_name`, & ASMPASSWORD `encrypted-password`, & `algorithm` ENCRYPTKEY {`keyname` \| DEFAULT}
Oracle GoldenGate database login for a downstream Oracle mining database	[MININGUSER {/ \| `user`}[, MININGPASSWORD `encrypted-password`]& [`algorithm` ENCRYPTKEY {`key_name` \| DEFAULT}]& [SYSDBA]]
Password substitution for `{CREATE \| ALTER} USER` `name` `IDENTIFIED BY` `password`	DDLOPTIONS DEFAULTUSERPASSWORD `encrypted-password` & `algorithm` ENCRYPTKEY {`keyname` \| DEFAULT}
Oracle TDE shared-secret password	DBOPTIONS DECRYPTPASSWORD `encrypted-password`^Foot 1 `algorithm` & ENCRYPTKEY {`keyname` \| DEFAULT}
Oracle GoldenGate database login from GGSCI	DBLOGIN USERID `user`, PASSWORD `encrypted-password`, & `algorithm` ENCRYPTKEY {`keyname` \| DEFAULT}
Oracle GoldenGate database login to a downstream Oracle mining database from GGSCI	MININGDBLOGIN USERID `user`, PASSWORD `encrypted-password`,& `algorithm` ENCRYPTKEY {`keyname` \| DEFAULT}

^Footnote 1

This is the shared secret.

Where:

user is the database user name for the Oracle GoldenGate process or (Oracle only) a host string. For Oracle ASM, the user must be SYS.
encrypted-passwordis the encrypted password that is copied from the ENCRYPT PASSWORD command results. Do not enclose the password within quotes. Do not use commas in passwords. If the password is case-sensitive, type it that way.
algorithm specifies the encryption algorithm that was used to encrypt the password: AES128, AES192, AES256, or BLOWFISH. AES128 is the default if the default key is used and no algorithm is specified.
ENCRYPTKEY keyname specifies the logical name of a user-created encryption key in the ENCKEYS lookup file. Use if ENCRYPT PASSWORD was used with the KEYNAME keyname option.
ENCRYPTKEY DEFAULT directs Oracle GoldenGate to use a random key. Use if ENCRYPT PASSWORD was used with the KEYNAME DEFAULT option.

The following are examples of using an encrypted password in parameters and command:

Note:

In the following example, comma is used as a separator and is not part of the password.

SOURCEDB db1 USERID ogg,&
PASSWORD AACAAAAAAAAAAAJAUEUGODSCVGJEEIUGKJDJTFNDKEJFFFTC, &
AES128, ENCRYPTKEY securekey1

USERID ogg, PASSWORD AACAAAAAAAAAAAJAUEUGODSCVGJEEIUGKJDJTFNDKEJFFFTC, &
BLOWFISH, ENCRYPTKEY securekey1

USERID ogg, PASSWORD AACAAAAAAAAAAAJAUEUGODSCVGJEEIUGKJDJTFNDKEJFFFTC, &
BLOWFISH, ENCRYPTKEY DEFAULT

TRANLOGOPTIONS ASMUSER SYS@asm1, &
ASMPASSWORD AACAAAAAAAAAAAJAUEUGODSCVGJEEIUGKJDJTFNDKEJFFFTC, &
AES128, ENCRYPTKEY securekey1

DBLOGIN USERID ogg, PASSWORD &
AACAAAAAAAAAAAJAUEUGODSCVGJEEIUGKJDJTFNDKEJFFFTC, &
AES128, ENCRYPTKEY securekey1

DDLOPTIONS DEFAULTUSERPASSWORD &
AACAAAAAAAAAAAJAUEUGODSCVGJEEIUGKJDJTFNDKEJFFFTC, &
AES 256 ENCRYPTKEY mykey

DBOPTIONS DECRYPTPASSWORD AACAAAAAAAAAAAJAUEUGODSCVGJEEIUGKJDJTFNDKEJFFFTC, &
AES 256 ENCRYPTKEY mykey

DDLOPTIONS PASSWORD AACAAAAAAAAAAAJAUEUGODSCVGJEEIUGKJDJTFNDKEJFFFTC, &
AES 256 ENCRYPTKEY mykey

Parent topic: Encrypting a Password in a Command or Parameter File