linux下Oracle11g RAC搭建(五)

linux下Oracle11g RAC搭建(五)


四、建立主机间的信任关系(node1、node2)

 

建立节点之间oracle 、grid 用户之间的信任(通过ssh 建立公钥和私钥)

分别在node1和node2创建

=====Oracle用户=========================

在oracle用户下操作:

[root@node1 /]# su - oracle

[oracle@node1 ~]$ mkdir .ssh       创建一个.ssh的隐藏目录

[oracle@node1 ~]$ ls -al

total 44

-rw-r--r-- 1 oracle oinstall   33 Jul 12 17:05 .bash_logout

-rw-r--r-- 1 oracle oinstall  438 Jul 12 18:03 .bash_profile

drwxr-xr-x 4 oracle oinstall 4096 Jul 1217:05 .mozilla

drwx------ 2 oracle oinstall 4096 Jul 1218:05 .ssh

-rw------- 1 oracle oinstall  657 Jul 12 18:03 .viminfo

 

1)生成密钥对(rsa+dsa)(node1、node2)

node1生成密钥rsa类型

id_rsa为私钥,自动保存到.ssh下

id_rsa.pub为公钥,自动保存到.ssh下

 

[oracle@node1 ~]$ ssh-keygen -t rsa      

Generating public/private rsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_rsa):  enter

Enter passphrase (empty for nopassphrase):  enter

Enter same passphrase again:  enter

Your identification has been saved in/home/oracle/.ssh/id_rsa.

Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.           

The key fingerprint is:

64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@node1

node1生成密钥dsa类型

id_dsa为私钥,自动保存到.ssh下

id_dsa.pub为公钥,自动保存到.ssh下

 

[oracle@node1 ~]$ ssh-keygen -t dsa     

Generating public/private dsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_dsa): enter                        

Enter passphrase (empty for no passphrase):enter

Enter same passphrase again: enter

Your identification has been saved in/home/oracle/.ssh/id_dsa.

Your public key has been saved in/home/oracle/.ssh/id_dsa.pub.                

The key fingerprint is:

7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@node1

node2生成密钥rsa类型

id_rsa为私钥,自动保存到.ssh下

id_rsa.pub为公钥,自动保存到.ssh下

 

[oracle@node2 asm]# su - oracle

[oracle@node2 ~]$ mkdir .ssh

[oracle@node2 ~]$ ssh-keygen -t rsa      

Generating public/private rsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_rsa):  enter             

Enter passphrase (empty for nopassphrase):  enter

Enter same passphrase again:  enter

Your identification has been saved in/home/oracle/.ssh/id_rsa.

Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.           

The key fingerprint is:

64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@node1

node2生成密钥dsa类型

id_dsa为私钥,自动保存到.ssh下

id_dsa.pub为公钥,自动保存到.ssh下

 

[oracle@node2 ~]$ ssh-keygen -tdsa    

Generatingpublic/private dsa key pair.

Enter file inwhich to save the key (/home/oracle/.ssh/id_dsa): enter                        

Enter passphrase(empty for no passphrase): enter

Enter samepassphrase again: enter

Youridentification has been saved in /home/oracle/.ssh/id_dsa.

Your public keyhas been saved in /home/oracle/.ssh/id_dsa.pub.                

The keyfingerprint is:

7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@node1

 

2)配置信任关系(node1、node2)

为node1配置信任

[oracle@node1 ~]$ ls .ssh

 

id_dsa       id_rsa             id_dsa.pub   id_rsa.pub     

//rsa和dsa为私钥                .pub的为公钥 

//ssh下文件authorized_keys是专门存储公钥信息的

//把rsa、dsa类型的公钥文件都放入到authorized_keys文件里

// “ssh  node2”命令代表登陆到节点2下操作

//把两种类型的公钥信息都放到节点2的authorized_keys文件里

 

[oracle@node1 ~]$ cat.ssh/id_rsa.pub >>.ssh/authorized_keys

[oracle@node1 ~]$ cat.ssh/id_dsa.pub >>.ssh/authorized_keys

[oracle@node1 ~]$ ssh node2  cat .ssh/id_rsa.pub>>.ssh/authorized_keys

oracle@node2‘s password:

[oracle@node1 ~]$ ssh node2  cat .ssh/id_dsa.pub>>.ssh/authorized_keys

oracle@node2‘s password:  oracle的密码

为node2配置信任

可以把node1中的authorized_keys(密钥文件)复制到node2中

[oracle@node1 ~]$ scp.ssh/authorized_keys   node2:~/.ssh

oracle@node2‘s password: oracle的密码




3)验证信任关系(node1、node2)

node1上验证信任

[oracle@node1 ~]$ ssh node2date

[oracle@node1 ~]$ ssh node2-privdate     //私有ip地址验证

[oracle@node1 ~]$ ssh node1date

[oracle@node1 ~]$ ssh node1-privdate    

 

详细操作如下:

[oracle@node1 ~]$ ssh node2date

Thu May  214:46:30 CST 2013

[oracle@node1 ~]$ sshnode2-priv date                 //不要求输入密码代表信任成功

The authenticity of host ‘node2-priv (10.10.10.2)‘can‘t be established.

RSA key fingerprint is16:28:88:50:27:30:92:cb:49:be:55:61:f6:c2:a1:3f.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added ‘node2-priv,10.10.10.2‘(RSA) to the list of known hosts.

Thu May  214:47:03 CST 2013

[oracle@node1 ~]$ sshnode2-priv date

Thu May  214:47:05 CST 2013

 

[oracle@node1 ~]$ ssh node1date

Thu May  214:48:19 CST 2013

[oracle@node1 ~]$ sshnode1-priv date

The authenticity of host ‘node1-priv (10.10.10.1)‘can‘t be established.

RSA key fingerprint is39:04:88:3b:54:34:3c:34:d2:df:74:37:fe:5f:92:2d.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added ‘node1-priv,10.10.10.1‘(RSA) to the list of known hosts.

Thu May  214:48:35 CST 2013

[oracle@node1 ~]$ sshnode1-priv date

Thu May  214:48:36 CST 2013

 

node2上验证信任

[oracle@node2 ~]$ ssh node1date

[oracle@node2~]$ ssh node1-priv date    

[oracle@node2 ~]$ ssh node2date

[oracle@node2~]$ ssh node2-priv date    

=====Grid 用户==========================

步骤同oracle 一样,可参考oracle用户下设置

 

在grid用户下操作:

[root@node1 /]# su– grid

[grid@node1 ~]$mkdir .ssh       创建一个.ssh的隐藏目录

[grid@node1 ~]$ ls-al

 

1)生成密钥对(rsa+dsa)(node1、node2)

node1生成密钥rsa类型

id_rsa为私钥,自动保存到.ssh下

id_rsa.pub为公钥,自动保存到.ssh下

 

[grid@node1 ~]$ ssh-keygen-t rsa     

Generating public/private rsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_rsa):  enter             

Enter passphrase (empty for no passphrase):  enter

Enter same passphrase again:  enter

Your identification has been saved in/home/oracle/.ssh/id_rsa.

Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.           

The key fingerprint is:

64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@node1

node1生成密钥dsa类型

id_dsa为私钥,自动保存到.ssh下

id_dsa.pub为公钥,自动保存到.ssh下

 

[grid@node1 ~]$ ssh-keygen-t dsa    

Generating public/private dsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_dsa): enter                        

Enter passphrase (empty for no passphrase): enter

Enter same passphrase again: enter

Your identification has been saved in/home/oracle/.ssh/id_dsa.

Your public key has been saved in/home/oracle/.ssh/id_dsa.pub.                

The key fingerprint is:

7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@node1

node2生成密钥rsa类型

id_rsa为私钥,自动保存到.ssh下

id_rsa.pub为公钥,自动保存到.ssh下

 

[root@node2 ~]# su – grid

[grid@node2 ~]$ mkdir .ssh

[grid@node2 ~]$ ssh-keygen-t rsa     

Generating public/private rsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_rsa):  enter             

Enter passphrase (empty for no passphrase):  enter

Enter same passphrase again:  enter

Your identification has been saved in/home/oracle/.ssh/id_rsa.

Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.           

The key fingerprint is:

64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@node1

node2生成密钥dsa类型

id_dsa为私钥,自动保存到.ssh下

id_dsa.pub为公钥,自动保存到.ssh下

 

 [grid@node2 ~]$ ssh-keygen -t dsa    

Generating public/private dsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_dsa): enter                        

Enter passphrase (empty for no passphrase): enter

Enter same passphrase again: enter

Your identification has been saved in/home/oracle/.ssh/id_dsa.

Your public key has been saved in/home/oracle/.ssh/id_dsa.pub.                

The key fingerprint is:

7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@node1

 

2)配置信任关系(node1、node2)

为node1配置信任

[grid@node1 ~]$ ls .ssh

id_dsa       id_rsa             id_dsa.pub   id_rsa.pub      known_hosts

       rsa和dsa为私钥                .pub的为公钥     

[grid@node1 ~]$ cat.ssh/id_rsa.pub >>.ssh/authorized_keys

[grid@node1 ~]$ cat.ssh/id_dsa.pub >>.ssh/authorized_keys

[grid@node1 ~]$ ssh node2  cat .ssh/id_rsa.pub>>.ssh/authorized_keys

grid@node2‘s password:

[grid@node1 ~]$ ssh node2  cat .ssh/id_dsa.pub >>.ssh/authorized_keys

grid@node2‘s password: grid的密码

为node2配置信任

可以把node1中的authorized_keys(密钥文件)复制到node2中

[grid@node1 ~]$ scp.ssh/authorized_keys   node2:~/.ssh

grid@node2‘s password: grid的密码

authorized_keys                             100% 1992     2.0KB/s  00:00 

 

3)验证信任关系(node1、node2)

node1上验证信任

[grid@node1 ~]$ ssh node2date

[grid@node1 ~]$ ssh node2-privdate    

[grid@node1 ~]$ ssh node1date

[grid@node1 ~]$ ssh node1-privdate    

 

详细操作如下:

[grid@node1 ~]$ ssh node2date

Thu May  214:46:30 CST 2013

[grid@node1 ~]$ sshnode2-priv date                  //不要输入密码为信任成功

The authenticity of host ‘node2-priv (10.10.10.2)‘can‘t be established.

RSA key fingerprint is 16:28:88:50:27:30:92:cb:49:be:55:61:f6:c2:a1:3f.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added ‘node2-priv,10.10.10.2‘(RSA) to the list of known hosts.

Thu May  214:47:03 CST 2013

[grid@node1 ~]$ sshnode2-priv date

Thu May  214:47:05 CST 2013

 

[grid@node1 ~]$ ssh node1date

Thu May  214:48:19 CST 2013

[grid@node1 ~]$ sshnode1-priv date

The authenticity of host ‘node1-priv (10.10.10.1)‘can‘t be established.

RSA key fingerprint is39:04:88:3b:54:34:3c:34:d2:df:74:37:fe:5f:92:2d.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added ‘node1-priv,10.10.10.1‘(RSA) to the list of known hosts.

Thu May  214:48:35 CST 2013

[grid@node1 ~]$ sshnode1-priv date

Thu May  214:48:36 CST 2013

 

node2上验证信任

[grid@node2 ~]$ ssh node1date

[grid@node2~]$ ssh node1-priv date    

[grid@node2 ~]$ ssh node2date

[grid@node2~]$ ssh node2-priv date    

 


声明:
         原创作品,出自 “深蓝的blog” 博客,允许转载,转载时请务必注明出处(http://blog.csdn.net/huangyanlong)。

         关于涉及版权事宜,作者有权追究法律责任。


************************** 未完待续 敬请关注 **************************************

linux下Oracle11g RAC搭建(五),古老的榕树,5-wow.com

郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。