1.SSH协议: 在每个节点上创建.ssh目录并生成RSA Key 1) 以oracle用户登录 2) 检查在在/home/oracle/下是否已有.ssh目录 如果没有.ssh目录,请创建该目录 3) 生成rsa key [oracle@rac1 ~]$ /usr/bin/ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/oracle/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/oracle/.ssh/id_rsa. Your public key has been saved in /home/oracle/.ssh/id_rsa.pub. The key fingerprint is: 3f:d2:e4:a3:ee:a1:58:e5:73:92:39:0d:8e:3f:9b:11 oracle@rac1 4) 在每个节点上重复以上步骤 2.将所有的RSA Key添加到文authorized_keys 1) 在节点rac1上面,将RSA Key添加到文件authorized_keys [oracle@rac1 ~]$ cd .ssh [oracle@rac1 .ssh]$ cat id_rsa.pub >> authorized_keys [oracle@rac1 .ssh]$ ls authorized_keys id_rsa id_rsa.pub
2) 将节点rac1上的 authorized_keys 抄送到节点rac2 [oracle@rac01 .ssh]$ scp authorized_keys rac2:/home/oracle/.ssh/ The authenticity of host 'rac2 (10.182.108.88)' can't be established. RSA key fingerprint is e6:dc:07:c3:d5:2a:45:43:66:72:d3:44:17:4d:54:42. Are you sure you want to continue connecting (yes/no) yes Warning: Permanently added 'rac2,10.182.108.88' (RSA) to the list of known hosts. oracle@rac2's password: authorized_keys 100% 224 0.2KB/s 00:00
3) 在节点rac2上,将该节点的RSA Key也添加到authorized_keys [oracle@rac2 .ssh]$ cat id_rsa.pub >> authorized_keys 4) 当所有节点的RSA Key都添加到authorized_keys时,将authorized_keys文件抄送到每个节点 3.在节点上启用SSH协议 1) 在每个节点上执行 SSH hostname date [oracle@rac1 .ssh]$ ssh rac1 date The authenticity of host 'rac1 (10.182.108.86)' can't be established. RSA key fingerprint is e6:dc:07:c3:d5:2a:45:43:66:72:d3:44:17:4d:54:42. Are you sure you want to continue connecting (yes/no) yes Warning: Permanently added 'rac1,10.182.108.86' (RSA) to the list of known hosts. Enter passphrase for key '/home/oracle/.ssh/id_rsa': Sun Apr 20 23:31:06 EDT 2008 [oracle@rac01 .ssh]$ ssh rac2 date 在节点rac2上重复以上步骤 2) 在每个节点上启动SSH Agent,并将SSH keys装载到内存 [oracle@rac1 .ssh]$ exec /usr/bin/ssh-agent $SHELL [oracle@rac1 .ssh]$ /usr/bin/ssh-add [oracle@rac2 ~]$ exec /usr/bin/ssh-agent $SHELL [oracle@rac2 ~]$ /usr/bin/ssh-add
4.验证SSH 协议 [oracle@rac1 .ssh]$ ssh rac1 date Sun Apr 20 23:40:04 EDT 2008 [oracle@rac1 .ssh]$ ssh rac2 date Sun Apr 20 23:40:09 EDT 2008 [oracle@rac1 .ssh]$ ssh rac1-priv date Sun Apr 20 23:41:20 EDT 2008 [oracle@rac1 .ssh]$ ssh rac2-priv date Sun Apr 20 23:41:20 EDT 2008 在节点2上重复以上步骤
这时oracle 用户下的互信就已经建好了,同理grid下的配置和oracle用户下完全一样,只要将用户切换到grid下即可 …
|