The dg4pwd utility is used to encrypt initialization parameters that would normally be stored in the initialization parameter file in plain text. The utility works by reading the initialization parameter file in the current directory and looking for parameters having a security marker for the value. The security marker is an unquoted asterisk (*). This designates that the value of this parameter is to be stored in an encrypted form in a password file. The following is an example of an initialization parameter set to this value:
HS_FDS_CONNECT_INFO = *
The initialization parameter file in the current directory is first edited to set the value of the parameter to this security marker. Then the utility is run, specifying the gateway SID on the command line, with an optional user ID to designate a different owner of the encrypted information. The utility reads the initialization parameter file and prompts you to enter the real values that are to be encrypted. The syntax of the command is:
dg4pwd [sid] {userid}
Where [sid] is the SID of the gateway and {userid} is an optional user ID used to encrypt the contents. If no user ID is specified, then the current user's ID is used. Values are encrypted using this ID. In order to decrypt the values, the agent must be run as that user. The following example assumes a gateway SID of SYBASE:
dg4pwd SYBASE ORACLE Gateway Password Utility Constructing password file for Gateway SID SYBASE Enter the value for HS_FDS_CONNECT_INFO sybasew
In the previous example, the initialization parameter file, initSYBASE.ora, is read. The parameter, HS_FDS_CONNECT_INFO, is identified as requiring encryption. Enter the value (for example, sybasew) and presses enter. If more parameters require encryption, they are prompted for in turn. The encrypted data is stored in the same directory as the initialization file.Any initialization parameters needing encryption should be encrypted before using the Oracle Database gateway.