Connecting via SSH
This section dicusses how to connect a client application to Oracle Database through SSH. SSH is a network protocol for secure remote login to another system over the Internet by connecting the SSH client to the SSH server. SSH provides a mechanism for establishing a secure connection between the client and the remote server, which authenticate each other and exchange messages. It employs different forms of symmetrical encryption, asymmetrical encryption, and hashing. The SSH client initiates a connection and uses public key cryptography to verify the identity of the SSH server.
It is possible to use SSH an an encryption method to secure the connection between a Delphi application and an Oracle server. You can embed the SSH client functionality into your application and install the SSH server on a remote machine where your Oracle server resides. The SSH client connects to the SSH server, which sends all commands to Oracle Database.
SSH key-based authentication is done by public and private keys that a client uses to authenticate itself when logging into an SSH server. The server key is used is used by the client to authenticate the SSH server and is specified in the TScSSHClient.HostKeyName property. The client key is used by the SSH server to authenticate the client and is specified in the TScSSHClient.PrivateKeyName property. Note that the private key contains the public key. See SecureBridge tutorial on configuring the SSH server.
The SSH server is required to replicate the steps in this tutorial and encrypt the network connection between the client application and Oracle Database. You can build the SSH server demo project, which is distributed with SecureBridge ("Documents\Devart\ODAC for RAD Studio\Demos\TechnologySpecific\SecureBridge\Demo\SSH") and run the executable file.
To establish a connection to a remote SSH server, you must compile and install the
TCRSSHIOHandler component, which is distributed with SecureBridge and is required to bind ODAC with SecureBridge. The installation instructions for the component are provided in the Readme.html file, which is located by default in "My Documents\Devart\ODAC for RAD Studio XX\Demos\TechnologySpecific\SecureBridge".
TDBGridcomponent and set the
DataSourceproperty to an instance
TOraDataSourcecomponent and set the
DataSetproperty to an instance of
TOraQuerycomponent and set the
Sessionproperty to an instance of
TOraQueryand specify a SQL query to execute against Oracle Database.
TButtoncomponent and create an
OnClickevent. Add the code to call the
TOraQuerywhen the button is clicked.
TCRSSHIOHandlercomponent and set the
TScFileStoragecomponent and specify the directory for storing information about keys and users in the
Pathproperty. Follow the instructions to generate a pair of keys for authenticating the server by the client.
TScSSHClientcomponent and specify the server public key in the
HostKeyNameproperty and the client private key in the
PrivateKeyNameproperty. Specify the address of the SSH server in the
HostNameproperty and the port, user, and password in corresponding properties. Set the
KeyStorageproperty to an instance of
Oracle Cloud, leave the
HostKeyNameproperties empty — only specify
User(the default username is
opc). See the Oracle documentation for information on generating SSH keys.
TOraSessioncomponent and set the
IOHandlerproperty to an instance of
TOraSessionand specify the server address, port, service name, and user credentials.
It is not mandatory to use the
TScSSHServer component as the SSH server — you can use any other server that implements the SSH protocol.