How to use SSH without password in Oracle RAC
During the Clusterware (CRS) and RAC Database installations, Oracle Universal Installer (OUI) must be able to Oracle
Automatically replicates the software to all RAC nodes. Here we configure SSH to allow Oracle users to access without entering a password
The ability of each node.
First, ping between two nodes, make sure it's all through.
[Root@node1 ~]# Ping 192.168.100.102
[Root@node1 ~]# Ping 10.10.17.222
to establish user equivalence, the user's public and private key needs to be generated on two nodes as an Oracle user, first executing in Node1:
[root@node1 opt]# su-oracle [oracle@node1 ~]$ mkdir ~/.ssh
[Oracle@node1 ~]$ chmod ~/.ssh
[Oracle@node1 ~]$ ssh-keygen-t RSA
Generating public/private RSA key pair.
Enter file in which to save the key (/HOME/ORACLE/.SSH/ID_RSA):
Enter passphrase (empty for no passphrase):
Enter same Passphrase again:
Your identification has been saved In/home/oracle/.ssh/id_rsa.
Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
d2:69:eb:ac:86:62:27:50:99:ff:e8:1e:a2:e6:5d:7f Oracle@node1
Then change Node2 to execute.
[root@node2 ~]# Ping 192.168.100.102
[Root@node2 ~]# Ping 10.10.17.222
[Root@node2 opt]# Su-oracle
[Oracle@node2 ~]$ mkdir ~/.ssh
[Oracle@node2 ~]$ chmod ~/.ssh
[Oracle@node2 ~]$ ssh-keygen-t RSA
Generating public/private RSA key pair.
Enter file in which to save the key (/HOME/ORACLE/.SSH/ID_RSA):
Enter passphrase (empty for no passphrase):
Enter same Passphrase again:
Your identification has been saved In/home/oracle/.ssh/id_rsa.
Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
dd:be:7a:37:e4:b5:f0:b2:24:95:50:61:ea:a1:61:07 Oracle@node2
Switch back to Node1, and then execute:
[Oracle@node1 ~]$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
Hint: The following command prompts you to enter a node2 oracle password, enter it as prompted, and retry execution if it fails
Make.
[oracle@node1 ~]$ ssh node2 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
The authenticity of host ' Node2 (192.168.100.102) ' can ' t be established.
RSA key fingerprint is 92:d1:ce:5b:c8:a1:52:d5:ac:00:5f:48:5d:12:06:e4.
Are you sure your want to continue connecting (yes/no)? Yes
warning:permanently added ' node2,192.168.100.102 ' (RSA) to the list of known hosts.
Oracle@node2 ' s Password:
[Oracle@node1 ~]$ SCP ~/.ssh/authorized_keys Node2:~/.ssh/authorized_keys
Oracle@node2 ' s Password:
Authorized_keys 100% 1992 2.0KB/S 00:00
The two machines execute each other to see if they need to enter the password
[Oracle@node1 ~]$ ssh node1 Date
[Oracle@node1 ~]$ ssh node2 date
[Oracle@node1 ~]$ ssh node1-priv date
[Oracle@node1 ~]$ ssh node2-priv date
Switch to Node2 execution
[Oracle@node2 ~]$ ssh node1 Date
[Oracle@node2 ~]$ ssh node2 date
[Oracle@node2 ~]$ ssh node1-priv date
[Oracle@node2 ~]$ ssh node2-priv date
Tips:
Note The return information for the command, because the RAC is more sensitive to the time between nodes, so if the node is displayed here in a single time, it is recommended that the
Step (usually more than 20 seconds apart will require synchronization time).