关于Oracle RAC 搭建ssh配置以及执行
    该文章讲述了关于Oracle RAC 搭建ssh配置以及执行.

、在所有节点间配置ssh

在安装rac的多个步骤都需要从一个节点拷贝文件到其他节点中,这要求各个节点间互相访问不需要输入密码,否则安装就会失败。

这一步骤就是要配置ssh,使得rac的各个节点间不需要密码就可以互相访问。

以下步骤要求在oracle用户下执行:

Ø在所有节点生成RSA和DSA Keys

过程需要回车几次。

Rac1中执行步骤如下:

[[email protected] ~]# su - oracle

[[email protected] ~]$ mkdir ~/.ssh

[[email protected] ~]$ chmod 700 ~/.ssh

[[email protected] ~]$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/oracle/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/oracle/.ssh/id_rsa.

Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.

The key fingerprint is:

f3:df:90:e7:a7:47:7b:47:52:b1:f0:09:07:39:1b:c7 [email protected]

[[email protected] ~]$ ssh-keygen -t dsa

Generating public/private dsa key pair.

Enter file in which to save the key (/home/oracle/.ssh/id_dsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/oracle/.ssh/id_dsa.

Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.

The key fingerprint is:

8d:57:66:6c:77:9b:2a:1a:60:4e:18:6c:43:f3:15:3d [email protected]

在rac2中执行如下:

[[email protected] ~]# su - oracle

[[email protected] ~]$ mkdir ~/.ssh

[[email protected] ~]$ chmod 700 ~/.ssh

[[email protected] ~]$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/oracle/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/oracle/.ssh/id_rsa.

Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.

The key fingerprint is:

c8:93:83:8e:1f:51:0c:76:e7:42:75:a9:b0:12:04:f0 [email protected]

[[email protected] ~]$ ssh-keygen -t dsa

Generating public/private dsa key pair.

Enter file in which to save the key (/home/oracle/.ssh/id_dsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/oracle/.ssh/id_dsa.

Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.

The key fingerprint is:

e1:56:2f:f8:22:df:af:b3:f9:94:e3:15:dc:17:30:[email protected]

Ø添加密钥信息到验证文件中

这一系列步骤只需要在其中一个节点执行就可以了(这里选择rac1):

首先生成一个验证文件(ssh登录时会读取这个文件的信息),用来存储各个密钥信息:

bash-3.00$ touch~/.ssh/authorized_keys

把各个节点的密钥信息都放在上一步新建的验证文件中:

[[email protected] ~]$ cd ~/.ssh

[[email protected] .ssh]$ ssh rac1 cat ~/.ssh/id_rsa.pub >> authorized_keys

The authenticity of host 'rac1 (192.168.1.111)' can't be established.

RSA key fingerprint is e6:b8:99:04:5c:2a:42:a4:6b:18:6d:5d:69:59:b2:2e.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'rac1,192.168.1.111' (RSA) to the list of known hosts.

[email protected]'s password:

[[email protected] .ssh]$ ssh rac2 cat ~/.ssh/id_rsa.pub >> authorized_keys

The authenticity of host 'rac2 (192.168.1.222)' can't be established.

RSA key fingerprint is e6:b8:99:04:5c:2a:42:a4:6b:18:6d:5d:69:59:b2:2e.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'rac2,192.168.1.222' (RSA) to the list of known hosts.

[email protected]'s password:

[[email protected] .ssh]$ ssh rac1 cat ~/.ssh/id_dsa.pub >> authorized_keys

[[email protected] .ssh]$ ssh rac2 cat ~/.ssh/id_dsa.pub >> authorized_keys

[email protected]'s password:

Ø在rac1把存储公钥信息的验证文件传送到rac2上

[[email protected] .ssh]$ pwd

/home/oracle/.ssh

[[email protected] .ssh]$ scp authorized_keys rac2:`pwd`

[email protected]'s password:

authorized_keys100% 16441.6KB/s00:00

Ø设置验证文件的权限

在每一个节点执行:

bash-3.00$ chmod 600 ~/.ssh/authorized_keys

Ø启用用户一致性

在你要运行OUI的节点以oracle用户运行(这里选择rac1):

[[email protected] .ssh]$ exec /usr/bin/ssh-agent $SHELL

[[email protected] .ssh]$ ssh-add

Identity added: /home/oracle/.ssh/id_rsa (/home/oracle/.ssh/id_rsa)

Identity added: /home/oracle/.ssh/id_dsa (/home/oracle/.ssh/id_dsa)

Ø验证ssh配置是否正确

以oracle用户在所有节点分别执行:

ssh rac1 date

ssh rac2 date

ssh rac1-priv date

ssh rac2-priv date

如果不需要输入密码就可以输出时间,说明ssh验证配置成功。必须把以上命令在两个节点都运行,每一个命令在第一次执行的时候需要输入yes。

如果不运行这些命令,即使ssh验证已经配好,安装clusterware的时候也会出现错误:

The specified nodes are not clusterable

因为,配好ssh后,还需要在第一次访问时输入yes,才算是真正的无障碍访问其他服务器。

相关阅读
  • 关于SSH客户端配置文件ssh_config
  • Oracle RAC 异常小结-配置 Oracle
  • 关于CentOS 配置Squid节点CDN讲解
  • PIX 配置 SSH 登陆方式
  • 分享关于Juniper SSG-5-SH 新手配
  • VSL电动执行器配置
  • VAQ电动执行器配置
  • 关于RIPng 配置实验讲解
  • 关于ubuntu subverion 配置介绍
  • 查看ORACLE执行计划
  • 关于puppet 资源配置参考说明
  • VPN总结-配置IPSec以及配置端口应
  • Oracle 10g RAC 负载均衡配置-客户
  • 关于角行程执行器的用途
  • 思科FWSM配置注意点以及心得
  • 关于进口轴承安装配置的介绍
  • SSH登录+Password认证功能的配置介
  • Cisco ASA 防火墙配置SSH登录方式
  • Oracle 数据库性能优化分析与配置
  • Linux安装Oracle 配置详解(图示)
  • 有关Oracle数据库执行计划的步骤顺
  • 关于Oracle RAC 启动与关闭总结
  •  

     
     
         

    收录时间:2014年06月24日 11:19:19 来源:高校自动化网 作者:匿名
    上一篇:基于ARM的局域网IP电话设计(图示)  (电脑版  手机版)
     
    创建分享人
    ybhzy30
    最新问题
     
    喜欢此文章的还喜欢
    Copyright by www.chinabaike.com;All rights reserved. 联系:QQ:469681782