虽然在安装软件的过程中,oracle会自动配置SSH对等性,建议在安装软件之前手工配置。
配置oracle用户对等性:
node1:
[root@node1 ~]# su - oracle node1-> env | grep ORA ORACLE_UNQNAME=devdb ORACLE_SID=devdb1 ORACLE_BASE=/u01/app/oracle ORACLE_HOSTNAME=node1.localdomain ORACLE_TERM=xterm ORACLE_HOME=/u01/app/oracle/product/11.2.0/db_1 node1-> pwd /home/oracle node1-> mkdir ~/.ssh node1-> chmod 700 ~/.ssh node1-> ls -al total 44 drwx—— 4 oracle oinstall 4096 Apr 24 10:47 . drwxr-xr-x 4 root root 4096 Apr 24 09:41 .. -rw——- 1 oracle oinstall 5 Apr 24 10:43 .bash_history -rw-r–r– 1 oracle oinstall 33 Apr 24 09:41 .bash_logout -rw-r–r– 1 oracle oinstall 823 Apr 24 09:41 .bash_profile -rw-r–r– 1 oracle oinstall 124 Apr 24 09:41 .bashrc -rw-r–r– 1 oracle oinstall 515 Apr 24 09:41 .emacs drwxr-xr-x 4 oracle oinstall 4096 Apr 24 09:41 .mozilla drwx—— 2 oracle oinstall 4096 Apr 24 10:47 .ssh -rw-r–r– 1 oracle oinstall 658 Apr 24 09:41 .zshrc node1-> ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/oracle/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/oracle/.ssh/id_rsa. Your public key has been saved in /home/oracle/.ssh/id_rsa.pub. The key fingerprint is: 4a:bd:22:4c:cc:6a:33:ae:5a:de:7d:7c:8b:77:9e:81 oracle@node1.localdomain node1-> ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/oracle/.ssh/id_dsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/oracle/.ssh/id_dsa. Your public key has been saved in /home/oracle/.ssh/id_dsa.pub. The key fingerprint is: 8b:50:73:41:03:ad:1c:59:25:aa:40:1c:c9:5e:03:99 oracle@node1.localdomain node1->
node2:
[root@node2 ~]# su - oracle node2-> env|grep ORA ORACLE_UNQNAME=devdb ORACLE_SID=devdb2 ORACLE_BASE=/u01/app/oracle ORACLE_HOSTNAME=node2.localdomain ORACLE_TERM=xterm ORACLE_HOME=/u01/app/oracle/product/11.2.0/db_1 node2-> pwd /home/oracle node2-> ls -al total 40 drwx—— 3 oracle oinstall 4096 Apr 24 10:45 . drwxr-xr-x 4 root root 4096 Apr 24 10:44 .. -rw——- 1 oracle oinstall 10 Apr 24 10:49 .bash_history -rw-r–r– 1 oracle oinstall 33 Apr 24 10:44 .bash_logout -rw-r–r– 1 oracle oinstall 823 Apr 24 10:44 .bash_profile -rw-r–r– 1 oracle oinstall 124 Apr 24 10:44 .bashrc -rw-r–r– 1 oracle oinstall 515 Apr 24 10:44 .emacs drwxr-xr-x 4 oracle oinstall 4096 Apr 24 10:44 .mozilla -rw-r–r– 1 oracle oinstall 658 Apr 24 10:44 .zshrc node2-> mkdir ~/.ssh node2-> chmod 770 ~/.ssh/ node2-> ls -al total 44 drwx—— 4 oracle oinstall 4096 Apr 24 10:49 . drwxr-xr-x 4 root root 4096 Apr 24 10:44 .. -rw——- 1 oracle oinstall 10 Apr 24 10:49 .bash_history -rw-r–r– 1 oracle oinstall 33 Apr 24 10:44 .bash_logout -rw-r–r– 1 oracle oinstall 823 Apr 24 10:44 .bash_profile -rw-r–r– 1 oracle oinstall 124 Apr 24 10:44 .bashrc -rw-r–r– 1 oracle oinstall 515 Apr 24 10:44 .emacs drwxr-xr-x 4 oracle oinstall 4096 Apr 24 10:44 .mozilla drwxrwx— 2 oracle oinstall 4096 Apr 24 10:49 .ssh -rw-r–r– 1 oracle oinstall 658 Apr 24 10:44 .zshrc node2-> ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/oracle/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/oracle/.ssh/id_rsa. Your public key has been saved in /home/oracle/.ssh/id_rsa.pub. The key fingerprint is: a0:64:81:a6:12:b2:18:4e:01:c3:bd:9d:f6:bb:55:b0 oracle@node2.localdomain node2-> ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/oracle/.ssh/id_dsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/oracle/.ssh/id_dsa. Your public key has been saved in /home/oracle/.ssh/id_dsa.pub. The key fingerprint is: 85:56:69:73:74:a3:ef:5b:88:d7:6d:ef:90:03:b6:72 oracle@node2.localdomain node2->
返回节点1:
node1-> id uid=1101(oracle) gid=1000(oinstall) groups=1000(oinstall),1201(asmdba),1300(dba),1301(oper) node1-> pwd /home/oracle node1-> cat ~/.ssh/id_rsa.pub >>~/.ssh/authorized_keys node1-> cat ~/.ssh/id_dsa.pub >>~/.ssh/authorized_keys node1-> ssh node2 cat ~/.ssh/id_rsa.pub >>~/.ssh/authorized_keys The authenticity of host 'node2 (172.16.0.192)' can't be established. RSA key fingerprint is a7:6b:2c:2d:fb:c3:ff:33:af:92:cd:7b:99:3b:cf:3a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'node2,172.16.0.192' (RSA) to the list of known hosts. oracle@node2's password: node1-> ssh node2 cat ~/.ssh/id_dsa.pub >>~/.ssh/authorized_keys oracle@node2's password: node1-> scp ~/.ssh/authorized_keys node2:~/.ssh/authorized_keys oracle@node2's password: authorized_keys 100% 2040 2.0KB/s 00:00 node1->
验证oracle SSH对等性:
在node1,node2两个节点上分别执行下述命令,第一次执行时需要口令验证:
node1-> id uid=1101(oracle) gid=1000(oinstall) groups=1000(oinstall),1201(asmdba),1300(dba),1301(oper) node1-> ssh node1 date The authenticity of host 'node1 (172.16.0.191)' can't be established. RSA key fingerprint is 16:c2:67:cd:73:dd:b7:8b:f4:07:ef:e0:fb:36:34:3e. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'node1,172.16.0.191' (RSA) to the list of known hosts. Tue Apr 24 11:28:15 CST 2012 node1-> ssh node2 date Tue Apr 24 11:28:18 CST 2012 node1-> ssh node1-priv date The authenticity of host 'node1-priv (192.168.94.11)' can't be established. RSA key fingerprint is 16:c2:67:cd:73:dd:b7:8b:f4:07:ef:e0:fb:36:34:3e. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'node1-priv,192.168.94.11' (RSA) to the list of known hosts. Tue Apr 24 11:28:25 CST 2012 node1-> ssh node2-priv date The authenticity of host 'node2-priv (192.168.94.12)' can't be established. RSA key fingerprint is a7:6b:2c:2d:fb:c3:ff:33:af:92:cd:7b:99:3b:cf:3a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'node2-priv,192.168.94.12' (RSA) to the list of known hosts. Tue Apr 24 11:28:30 CST 2012 node1-> ssh node1.localdomain date The authenticity of host 'node1.localdomain (172.16.0.191)' can't be established. RSA key fingerprint is 16:c2:67:cd:73:dd:b7:8b:f4:07:ef:e0:fb:36:34:3e. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'node1.localdomain' (RSA) to the list of known hosts. Tue Apr 24 11:28:39 CST 2012 node1-> ssh node2.localdomain date The authenticity of host 'node2.localdomain (172.16.0.192)' can't be established. RSA key fingerprint is a7:6b:2c:2d:fb:c3:ff:33:af:92:cd:7b:99:3b:cf:3a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'node2.localdomain' (RSA) to the list of known hosts. Tue Apr 24 11:28:46 CST 2012 node1-> ssh node2-priv.localdomain date The authenticity of host 'node2-priv.localdomain (192.168.94.12)' can't be established. RSA key fingerprint is a7:6b:2c:2d:fb:c3:ff:33:af:92:cd:7b:99:3b:cf:3a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'node2-priv.localdomain' (RSA) to the list of known hosts. Tue Apr 24 11:28:52 CST 2012 node1-> ssh node1-priv.localdomain date The authenticity of host 'node1-priv.localdomain (192.168.94.11)' can't be established. RSA key fingerprint is 16:c2:67:cd:73:dd:b7:8b:f4:07:ef:e0:fb:36:34:3e. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'node1-priv.localdomain' (RSA) to the list of known hosts. Tue Apr 24 11:28:59 CST 2012
第二次执行时不再提示输入口令,并且可以成功执行命令,则表示oracle用户SSH对等性配置成功
node1:
node1-> ssh node1 date Tue Apr 24 11:29:02 CST 2012 node1-> ssh node2 date Tue Apr 24 11:29:07 CST 2012 node1-> ssh node1-priv date Tue Apr 24 11:29:13 CST 2012 node1-> ssh node2-priv date Tue Apr 24 11:29:18 CST 2012 node1-> ssh node2-priv.localdomain date Tue Apr 24 11:29:27 CST 2012 node1-> ssh node1-priv.localdomain date Tue Apr 24 11:29:33 CST 2012 node1->
node2:
node2-> id uid=1101(oracle) gid=1000(oinstall) groups=1000(oinstall),1201(asmdba),1300(dba),1301(oper) node2-> pwd /home/oracle node2-> ssh node1 date Tue Apr 24 11:32:06 CST 2012 node2-> ssh node2 date Tue Apr 24 11:32:09 CST 2012 node2-> ssh node1-priv date Tue Apr 24 11:32:14 CST 2012 node2-> ssh node2-priv date Tue Apr 24 11:32:17 CST 2012 node2-> ssh node1.localdomain date Tue Apr 24 11:32:26 CST 2012 node2-> ssh node2.localdomain date Tue Apr 24 11:32:29 CST 2012 node2-> ssh node1-priv.localdomain date Tue Apr 24 11:32:39 CST 2012 node2-> ssh node2-priv.localdomain date Tue Apr 24 11:32:43 CST 2012 node2->
至此,Oracle用户SSH对等性配置完成!重复上述步骤,以grid用户配置其对等性。