|
Connecting via SSH |
|
|
|
Connecting via SSH |
|
This section dicusses how to connect a client application to Oracle Database through SSH. SSH is a network protocol for secure remote login to another system over the Internet by connecting the SSH client to the SSH server. SSH provides a mechanism for establishing a secure connection between the client and the remote server, which authenticate each other and exchange messages. It employs different forms of symmetrical encryption, asymmetrical encryption, and hashing. The SSH client initiates a connection and uses public key cryptography to verify the identity of the SSH server.
It is possible to use SSH an an encryption method to secure the connection between a Delphi application and an Oracle server. You can embed the SSH client functionality into your application and install the SSH server on a remote machine where your Oracle server resides. The SSH client connects to the SSH server, which sends all commands to Oracle Database.
SSH key-based authentication is done by public and private keys that a client uses to authenticate itself when logging into an SSH server. The server key is used is used by the client to authenticate the SSH server and is specified in the TScSSHClient.HostKeyName property. The client key is used by the SSH server to authenticate the client and is specified in the TScSSHClient.PrivateKeyName property. Note that the private key contains the public key. See SecureBridge tutorial on configuring the SSH server.
The SSH server is required to replicate the steps in this tutorial and encrypt the network connection between the client application and Oracle Database. You can build the SSH server demo project, which is distributed with SecureBridge ("Documents\Devart\ODAC for RAD Studio\Demos\TechnologySpecific\SecureBridge\Demo\SSH") and run the executable file.
To establish a connection to a remote SSH server, you must compile and install the TCRSSHIOHandler component, which is distributed with SecureBridge and is required to bind ODAC with SecureBridge. The installation instructions for the component are provided in the Readme.html file, which is located by default in "My Documents\Devart\ODAC for RAD Studio XX\Demos\TechnologySpecific\SecureBridge".
TOraSession, TOraQuery, TOraDataSource, TDBGrid, TButton, TCRSSHIOHandler, TScSSHClient, and TScFileStorage.
TDBGrid component and set the DataSource property to an instance TOraDataSource.TOraDataSource component and set the DataSet property to an instance of TOraQuery.TOraQuery component and set the Session property to an instance of TOraSession. Double-click TOraQuery and specify a SQL query to execute against Oracle Database.TButton component and create an OnClick event. Add the code to call the Open method of TOraQuery when the button is clicked.
TCRSSHIOHandler component and set the Client property to TScSSHClient.TScFileStorage component and specify the directory for storing information about keys and users in the Path property.
Follow the instructions to generate a pair of keys for authenticating the server by the client.TScSSHClient component and specify the server public key in the HostKeyName property and the client private key in the PrivateKeyName property. Specify the address of the SSH server in the HostName property and the port, user, and password in corresponding properties. Set the KeyStorage property to an instance of TScFileStorage.Oracle Cloud, leave the Password and HostKeyName properties empty — only specify PrivateKeyName and User (the default username is opc). See the Oracle documentation for information on generating SSH keys.
TOraSession component and set the IOHandler property to an instance of TCRSSHIOHandler. Double-click TOraSession and specify the server address, port, service name, and user credentials.
It is not mandatory to use the TScSSHServer component as the SSH server — you can use any other server that implements the SSH protocol.