hvrlivewallet – HVR Live Wallet.
hvrlivewallet [-v] hubdb locuser/locpwd
hvrlivewallet [-v] portnum locuser/locpwd
hvrlivewallet sets a password for the Oracle TDE wallet associated to the location specified by locuser on the HVR Live Wallet port. The HVR Live Wallet port is an additional listening port started whenever a HVR Scheduler or HVR Remote Listener is started. It is designed to remember encrypted passwords in the process memory, which will be lost whenever the process terminates. Passwords set with HVR Live Wallet will never be written to disk nor leave the machine's memory.
The first form (shown in the SYNOPSIS above) sets a password for a local connection on the HVR Scheduler's Live Wallet port.
The second form sets a password for a remote location on the HVR Remote Listener's Live Wallet port.
Running either a HVR Scheduler or a HVR Remote Listener is mandatory to use hvrlivewallet (Unix inetd or Linux xinetd will not work with hvrlivewallet).
For remote locations, hvrlivewallet needs to be run on the remote machine.
|-v||Only validate the provided password.|
Despite the fact that the Oracle database is provided, the password is remembered in association with the location of the wallet. Hence, if multiple locations using the same Oracle wallet share a HVR Scheduler or HVR Remote Listener, the wallet password must be set only once using hvrlivewallet.
One part of hvrlivewallet is a password validation step to see that the correct password is given. Therefore it is not possible to set a wrong password into the HVR Live Wallet port. Additionally, hvrlivewallet will report if an existing password is going to be overwritten. The report message will contain the timestamp when the previous password was set.
If the HVR Live Wallet port cannot remember a requested password, hvrlivewallet will report the timestamp when the HVR Live Wallet port was last restarted.
For Oracle locations that have a Capture action defined, the HVR Live Wallet functionality can be used in the GUI. Right-click on the location and select 'Db Encryption Password'.
Enter the correct password in the dialog and press 'Set Password'.
For a local location hvrcen on the hub 'hvrhub'.
$ hvrlivewallet hvrhub hvrcen/hvrcen
For a remote location hvrcen with the HVR Remote Listener on port 4343.
$ echo "my_secret" | hvrlivewallet 4343 hvrcen/hvrcen