SSH信任
配置SSH的目的就是使得两个节点的主机之间的相同用户可以无障碍的通信,SSH主要包括两条命令,即scp和ssh。当用户在一个节点上安装和配置RAC软件时,SSH将通过scp命令,以对等用户的身份,将软件复制到其他节点上。
注意:这种信任是oracle用户之间的,所以要切换到oracle用户下进行。
[oracle@rac2 ~]$ mkdir .ssh
[oracle@rac2 ~]$ chmod 700 .ssh
在rac2上产生rsa、dsa密钥
[oracle@rac2 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair. */以下全部回车
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
cd:a7:af:8d:50:89:84:65:e9:83:23:c9:09:3d:3c:e0 oracle@rac2.localdomain
[oracle@rac2 ~]$ ssh-keygen -t dsa
Generating public/private dsa key pair. */以下全部回车
Enter file in which to save the key (/home/oracle/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_dsa.
Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
e1:b4:97:bd:85:b4:07:f9:fc:83:c4:5b:10:cf:51:a3 oracle@rac2.localdomain
[oracle@rac2 ~]$ cd .ssh
[oracle@rac2 .ssh]$ ls
id_dsa id_dsa.pub id_rsa id_rsa.pub
将密钥信息写道authorized_keys文件中并修改修改权限
[oracle@rac2 .ssh]$ cat id_rsa.pub >> authorized_keys
[oracle@rac2 .ssh]$ cat id_dsa.pub >> authorized_keys
[oracle@rac2 .ssh]$ chmod 600 authorized_keys
在rac1上作同样的操作。
[oracle@rac1 ~]$ mkdir .ssh
[oracle@rac1 ~]$ chmod 700 .ssh
[oracle@rac1 ~]$ cd .ssh
[oracle@rac1 .ssh]$ ls
[oracle@rac1 .ssh]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
d2:9d:01:7b:4c:7f:82:36:cf:ca:35:af:29:ba:84:bc oracle@rac1.oracle.com
[oracle@rac1 .ssh]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_dsa.
Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
41:57:98:38:63:a6:12:6d:f1:46:e5:af:6d:b1:25:55 oracle@rac1.oracle.com
[oracle@rac1 .ssh]$ cat id_rsa.pub >> authorized_keys
[oracle@rac1 .ssh]$ cat id_dsa.pub >> authorized_keys
将rac2中的authorized_keys拷贝到rac1中命名为key
[oracle@rac2 .ssh]$ scp authorized_keys rac1:/home/oracle/.ssh/key
The authenticity of host 'rac1 (192.168.84.241)' can't be established.
RSA key fingerprint is 83:1b:90:98:2f:56:5b:b1:36:16:e3:21:b5:8f:d7:f4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'rac1,192.168.84.241' (RSA) to the list of known hosts.
oracle@rac1's password:
authorized_keys 100% 1018 1.0KB/s 00:00
再在rac1上将2个密钥合并,并拷贝到rac2上覆盖原来的authorized_keys
[oracle@rac1 .ssh]$ ls
authorized_keys id_dsa id_dsa.pub id_rsa id_rsa.pub key
[oracle@rac1 .ssh]$ cat key >> authorized_keys
[oracle@rac1 .ssh]$ scp authorized_keys rac2:/home/oracle/.ssh/
验证SSH是否配置成功,在oracle用户下ssh连接另外一个节点,如果不需要输入密码则配置成功。
[oracle@rac1 .ssh]$ exec /usr/bin/ssh-agent $SHELL
[oracle@rac1 .ssh]$ ssh-add
Enter passphrase for /home/oracle/.ssh/id_rsa:
Identity added: /home/oracle/.ssh/id_rsa (/home/oracle/.ssh/id_rsa)
Identity added: /home/oracle/.ssh/id_dsa (/home/oracle/.ssh/id_dsa)
[oracle@rac1 .ssh]$ ssh rac2
Last login: Fri Dec 16 12:13:36 2011 from rac1_priv
[oracle@rac2 ~]$ exit
logout
Connection to rac2 closed.
[oracle@rac1 .ssh]$ ssh rac2-priv
Last login: Fri Dec 16 12:15:30 2011 from rac1
最新文章
- ECSHOP后台商品列表显示商品缩略图
- QT笔记之QLineEdit自动补全以及控件提升
- iOS开发之多媒体API
- Gridview 多重表头 (二)
- Phalcon 性能最高的php框架没有之一
- zTree学习实例
- Docker(4):Docker集中化web界面管理平台—Shipyard部署
- 如何删除node_modules
- java mybatis后台判断表是否存在mysql
- 高清语音技术(WBS)及其在手机和蓝牙耳机中的实现
- ECS Navicat for MySQL远程连接报10038的错误
- Jmeter 线程组、运行次数参数化
- java日期获取前一天和后一天
- eclipse生成ant build.xml打war包
- 如何让浮动的元素换行??css
- UVa 11889 最小公倍数
- Flask 路由相关操作
- 【BZOJ 3482】 3482: [COCI2013]hiperprostor (dij+凸包)
- [前端]使用JQuery UI Layout Plug-in布局
- Linux tomcat安装详解(未完)
热门文章
- Educational Codeforces Round 12 E. Beautiful Subarrays 预处理+二叉树优化
- oracle查询和设置过期时间
- 【js】IE、FF、Chrome浏览器中的JS差异介绍
- DemoExample
- 监控SQL Server的job执行情况
- Mac环境下装node.js,npm,express;(包括express command not found)
- poj 2262 Goldbach's Conjecture(素数筛选法)
- 安装oracle 11g详细过程仅供参考
- FlushMode属性与transaction(spring注入的事务)
- 【高斯消元】BZOJ 1770: [Usaco2009 Nov]lights 燈