Oracle之配置节点间相互信任机制测试

1.SSH协议： 在每个节点上创建.ssh目录并生成RSA Key 1) 以oracle用户登录 2) 检查在在/home/oracle/下是否已有.ssh目录 如果没有.ssh目录，请创建该目录 mkdir ~/.ssh 创建后修改目录权限 [oracle@rac1 ~]$ chmod 700 ~/.ssh 3) 生成rsa key [oracle@rac1 ~]$ /usr/bin/ssh-keygen  -t  rsa Generating public/private rsa key pair. Enter file in which to save the key  (/home/oracle/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in  /home/oracle/.ssh/id_rsa. Your public key has been saved in  /home/oracle/.ssh/id_rsa.pub. The key fingerprint is: 3f:d2:e4:a3:ee:a1:58:e5:73:92:39:0d:8e:3f:9b:11  oracle@rac1                           4) 在每个节点上重复以上步骤 2.将所有的RSA Key添加到文authorized_keys 1) 在节点rac1上面，将RSA Key添加到文件authorized_keys [oracle@rac1 ~]$ cd .ssh [oracle@rac1 .ssh]$ cat id_rsa.pub  >> authorized_keys [oracle@rac1 .ssh]$ ls authorized_keys  id_rsa   id_rsa.pub                             2) 将节点rac1上的 authorized_keys 抄送到节点rac2 [oracle@rac01 .ssh]$ scp  authorized_keys    rac2:/home/oracle/.ssh/ The authenticity of host 'rac2  (10.182.108.88)' can't be established. RSA key fingerprint is  e6:dc:07:c3:d5:2a:45:43:66:72:d3:44:17:4d:54:42. Are you sure you want to continue  connecting (yes/no)  yes Warning: Permanently added  'rac2,10.182.108.88' (RSA) to the list of known hosts. oracle@rac2's password: authorized_keys           100%   224     0.2KB/s   00:00                             3) 在节点rac2上，将该节点的RSA Key也添加到authorized_keys [oracle@rac2 .ssh]$ cat id_rsa.pub  >> authorized_keys 4) 当所有节点的RSA Key都添加到authorized_keys时，将authorized_keys文件抄送到每个节点 3.在节点上启用SSH协议 1) 在每个节点上执行 SSH hostname date [oracle@rac1 .ssh]$ ssh rac1 date The authenticity of host 'rac1  (10.182.108.86)' can't be established. RSA key fingerprint is  e6:dc:07:c3:d5:2a:45:43:66:72:d3:44:17:4d:54:42. Are you sure you want to continue  connecting (yes/no)  yes Warning: Permanently added  'rac1,10.182.108.86' (RSA) to the list of known hosts. Enter passphrase for key  '/home/oracle/.ssh/id_rsa': Sun Apr 20 23:31:06 EDT 2008 [oracle@rac01 .ssh]$ ssh rac2 date          在节点rac2上重复以上步骤 2) 在每个节点上启动SSH Agent,并将SSH keys装载到内存 [oracle@rac1 .ssh]$ exec  /usr/bin/ssh-agent  $SHELL [oracle@rac1 .ssh]$ /usr/bin/ssh-add [oracle@rac2 ~]$ exec /usr/bin/ssh-agent  $SHELL [oracle@rac2 ~]$ /usr/bin/ssh-add                             4.验证SSH 协议 [oracle@rac1 .ssh]$ ssh rac1 date Sun Apr 20 23:40:04 EDT 2008 [oracle@rac1 .ssh]$ ssh rac2 date Sun Apr 20 23:40:09 EDT 2008 [oracle@rac1 .ssh]$ ssh rac1-priv date Sun Apr 20 23:41:20 EDT 2008 [oracle@rac1 .ssh]$ ssh rac2-priv date Sun Apr 20 23:41:20 EDT 2008 在节点2上重复以上步骤 这时oracle 用户下的互信就已经建好了，同理grid下的配置和oracle用户下完全一样，只要将用户切换到grid下即可 …