Setting Listener Passwords With an Oracle 10g or Newer Listener
(Doc ID 260986.1)
Last updated on MARCH 31, 2022
Applies to:Oracle Net Services - Version 10.1.0.2 to 184.108.40.206 [Release 10.1 to 11.2]
Information in this document applies to any platform.
How to set a password for 10g and newer listeners leaving the default OS authentication mechanism in place.
In Oracle 10g and newer versions of the listener, the listener is secure out of the box. There should be no need to set a listener password to prohibit privileged LSNRCTL commands from being executed.
Beginning with version 10g, the listener now uses local OS authentication. As long as one runs LSNRCTL privileged commands (stop, status, etc) as the same user who started the listener, that user will be able to fully administer the running listener without providing a password.
This security feature is enabled by default and can be identified at listener
startup, or when issuing a LSNRCTL STATUS command, by the following output:
Security ON: Local OS Authentication
If the TNSListener is started as the "oracle" user and the user "sales" attempts
to administer the listener, or if "oracle" on a different node attempts to
administer the listener, the following error will be returned:
TNS-01190: The user is not authorized to execute the requested listener command
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document