Grid Control

Oracle Grid Control: The Importance of Deleting the emkey

Oracle Grid Control documentation warns against leaving the emkey in the Grid Control repository, if it is not removed after it has been copied it is easy to decrypt data, like passwords. Oracle Management Service 10.2 uses several ways to protect these sensitive data, including Virtual Private Database and Password Encryption. To overcome the first one, you have to connect to the database as the SYS user, for the second one, you have to know the encrypted password form, the key, and the associated algorithm. Obviously, the key used to cipher the password is the emkey. So the next question is, “Where are stored the ciphered passwords?”.