I am trying to disable encryption on a database which is hosted inside Azure managed instance. I am not able to disable the encryption for it. Any help would be highly appreciated.
I have tried this alter database query:
ALTER DATABASE "DATABASE-NAME" SET ENCRYPTION OFF
I had checked encryption on each database as:
SELECT name, is encrypted
FROM sys.databases;
ALTER DATABASE "DATABASE-NAME" SET ENCRYPTION OFF
The query I used to alter the database turns out run successfully but the encryption is not disabled.
It may take some time to complete. On databases of less than 100 GB you may find it takes 20-25 minutes to complete.
You can monitor de progress using below query:
SELECT DB.NAME, DEK.ENCRYPTION_STATE, DEK.PERCENT_COMPLETE
FROM SYS.DM_DATABASE_ENCRYPTION_KEYS AS DEK
FULL JOIN SYS.DATABASES AS DB
ON DB.DATABASE_ID = DEK.DATABASE_ID
ORDER BY DB.NAME
Related
I'm create SQLite databse with DB Browser for SQLite (non encrypted) and open with FireDAC in delphi.(Can retrive data Eg. Select * from abc).
How encrypt this SQLite database with FireDAC? When enter username, password and encrypt get message "Cipher DB is not encrypdet"
Note:
When create SQLite database from Delphi FireDac I can use encryption!
To encrypt a database, use a TFDSQLiteSecurity Component. You'll also need a TFDSQLitePhysSQLiteDriverLink component to go along with it.
If a database is unencrypted, then its password is ''. So use '' as the OldPassword and create the new password in that case. Passwords are formatted as algorithm:PassPhrase. See documentation on the choices, I use aes-256. Also, the database needs to be closed when you do this.
...
//Change password
FDSQLiteSecurity1.Password := OldPassword;
FDSQLiteSecurity1.ToPassword := NewPassword; // example: 'aes-256:mypassword123'
FDSQLiteSecurity1.ChangePassword;
...
//Remove Password
FDSQLiteSecurity1.Password := OldPassword;
FDSQLiteSecurity1.ToPassword := '';
FDSQLiteSecurity1.RemovePassword;
...
From the Documentation
SQLite Encrypted Database
Approach
One of the distinctive SQLite
features is the high-speed strong database encryption. It allows you
to make database file content confidential and enforce integrity
control on the database file. The encrypted database format is not
compatible with other similar SQLite encryption extensions. This means
that you cannot use an encrypted database, encrypted with non-FireDAC
libraries. If you need to do this, then you have to decrypt a database
with an original tool and encrypt it with FireDAC.
Recent Delphi versions come with an example project for working with encryption on Sqlite databases, see this documentation. I have not used this myself, btw.
It includes this section
Encrypt DB
Encrypt: Encrypts the database according to the Encryption mode and the password provided.
The sampe uses TFDSQLiteSecurity.SetPassword to encrypt the database with the password provided.
The database password is the combination of <encryption algorythm>:<password>.
I have faced several challenges when first time tried to encrypt SQLite database for use with Embarcadero FireDAC. Also all information is published by Embarcadero question pops up again and again on different forums. My case was solved based on community support, but when time has permitted simple Delphi application was assembled and available on Sourceforge. Hope it will make encryption/decryption slightly easier particularly for the newbie
https://sourceforge.net/projects/sqlite-sequrity-for-delphi/
I've been using unecrypted data base so far in my app and now I wanted to migrated my database to encrypted database using SQLCipher. Here is my situation.
For the next release I'll update the database version and that will execute the script. For the onUpgrade() to be called I've to call geReadableDatabase() or getWriteableDatabase(). So when I'll called for any operation() it will execute my script and that will do the following operation.
Create and encrypted database.
Export data from the old (un-encrypted) database to the encrypted database.
Delete the old database.
So when I'll perform the migration I'll like to halt all the other operation until the migration is complete and then halted operation will be performed on the encrypted database.
Not really sure how can I achieve that so what approach should I use to achieve this.
I think what you are searching for is
sqlcipher_export method
It easly facilitates copying unencrypted DB to the encrypted one. On Android probably you could do something like:
unencryptedDb.rawExecSQL("ATTACH DATABASE 'secure_db_name.db' AS encrypted KEY 'testkey'");
unencryptedDb.rawExecSQL("SELECT sqlcipher_export('secure_db_name')");
unencryptedDb.rawExecSQL("DETACH DATABASE secure_db_name");
I am using an Amazon EC2 instance and a MariaDB database.
Suppose that I have 20GB database storage and 10 user accounts. I want each account to have 2GB database storage.
How can I achieve this?
I don't think there is any builtin way to monitor or report disk usage by user.
If you limit each user to one database:
GRANT ALL PRIVILEGES ON user1_db TO user1#'...' ...;
and periodically run a query like
SELECT table_schema AS db_name,
SUM(data_length+index_length) / 1073741824 DB_Gigabyte
FROM information_schema.tables
GROUP BY table_schema;
to get a list of how many GB is in each database. From there, it is up to you to deal with any over-eating users.
Caution: Because of temp tables, free space, etc., it is quite possible for a user to temporarily exceed the limit. Also, there are cases where inserting one small row will grow the allocation by a megabyte or more. So, be lenient, else both you and the user will be puzzled at what is going on.
Be sure to have innodb_file_per_table = ON so that you can more easily deal with bloated users.
I have a QML application which user intract with. There is a timer that listen to server for work order then insert all info to SQLite db in application.Also user make change on data (update,delete etc...) in SQLite.
My question is , How to prevent multi operation on SQLite table. Only one operation must take effect on SQLite(select,delete,insert,update....) I don't know but , Can Mutex.lock structure use for this. Or Is there a something wrong with multiple operation on SQLite
First thing you should do is read up on SQLite locking, they have a section in the docs about it: https://www.sqlite.org/lockingv3.html
The summarisation is that SQLite does locking on modifications such as an insert or update, but won't create a lock when reading. However if a lock exists whilst a modification is in progress the read won't be able to access the database.
I wouldn't worry too much about locking on reading, the state should be fine to be shared at that stage.
Do we have any way to specify default schema in cataloged DBs in db2 client in AIX.
The problem is , when it's connecting to DB, it's taking user ID as default schema and that's where it's failing.
We have too many scripts that are doing transactions to DB without specifying schema in their db2 sql statements. So it's not feasible to change scripts at all.
Also we can't create users to match schema.
You can try to type SET SCHEMA=<your schema> ; before executing your queries.
NOTE: Not sure if this work (I am without a DB2 database at the moment, but it seems that work) and depending on your DB2 version.
You can create a stored procedure that just changes the current schema and then set the SP as connect proc. You can test some conditions before make that schema change, for example if the stored procedure is executed from the AIX server directly with a given user.
You configure the database to use this SP each time a connection is established by modifying connect_proc
http://pic.dhe.ibm.com/infocenter/db2luw/v10r5/topic/com.ibm.db2.luw.admin.config.doc/doc/r0057371.html
http://pic.dhe.ibm.com/infocenter/db2luw/v10r5/topic/com.ibm.db2.luw.admin.dbobj.doc/doc/c0057372.html
You can create alias in the new user schema that points to the tables with the other schema. Refer these links :
http://pic.dhe.ibm.com/infocenter/db2luw/v10r5/topic/com.ibm.db2.luw.sql.ref.doc/doc/r0000910.html
http://bytes.com/topic/db2/answers/181247-do-you-have-always-specify-schema-when-using-db2-clp