Modifying encrypted password information

Modify the information in the encrypted passwd_file file by running the onpassword utility.

About this task

Modify the encrypted passwd_file file when the following events occur:
  • Database servers are added to or removed from a high-availability cluster or replication domain
  • sqlhosts file server aliases or groups change
  • User IDs or server passwords change
  • You want to change your encryption key

Procedure

  1. Decrypt the passwd_file file by running onpassword utility, specifying the previously used encryption key and a name for the output file.
    For example, if you previously encrypted the file, and used my_secret_encryption_key_asdf as the encryption key, run the following command:
    onpassword -k my_secret_encryption_key_asdf -d my_passwords.txt
    The onpassword utility creates the ASCII text my_passwords.txt output file in the $ONEDB_HOME/etc directory.
  2. Optional: Open the file with a text editor, and modify the information in the file.
  3. Encrypt the password file with the onpassword utility, specifying an encryption key and the name of the text file.
    For example:
    onpassword -k my_secret_encryption_key_lmnop -e my_passwords.txt
    This example uses the new encryption key, my_secret_encryption_key_lmnop, and creates the encrypted passwd_file file in the $ONEDB_HOME/etc directory.
  4. Redistribute passwd_file to all the database servers that the Connection Manager or cdr utility connects to, replacing the previous $ONEDB_HOME/etc/passwd_file files.
    If you update the passwd_file on multiple operating systems, you must run the onpassword utility on each type of operating system, and use the same text file and encryption key.