Home > Developer > Oracle

Oracle 11g R2 RAC SSH two node mutual trust peer configuration Permission denied (Publickey,gssapi-with-mic,password)

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Issue: When installing the Oracle 11g R2 RAC Grid, configure the two-node SSH trusted peer configuration to be unsuccessful, with the following error message:

------------------------------------------------------------------------

Verifying SSH connectivity have been setup from Rac1 to Rac1

------------------------------------------------------------------------

If you see any other output besides the output of the DATE COMMAND OR IF prompted for A PASSWORD here, IT MEANS SS H SETUP has not BEEN successful.

[email protected] ' s password:

Permission denied, please try again.

Permission denied, please try again.

Permission denied (Publickey,gssapi-with-mic,password).

------------------------------------------------------------------------


The following script is used when configuring SSH peering:

./sshusersetup.sh-user grid-hosts "Rac1 rac2"-advanced-exverify-confirm-nopromptpassphrase


The environment for the Oracle Linux 5.5,RAC two node host name is: Rac1 RAC2.

The original configuration/etc/ssh/sshd_config file is:

# This sshd is compiled with Path=/usr/local/bin:/bin:/usr/bin


# The strategy used for options on the default sshd_config shipped with

# OpenSSH is to specify options with their default value where

# possible, but leave them commented. uncommented Options Change A

# default value.


#Port 22

#Protocol 2,1

Protocol 2

#AddressFamily any

#ListenAddress 0.0.0.0

#ListenAddress::


# Hostkey for protocol version 1

#HostKey/etc/ssh/ssh_host_key

# Hostkeys for protocol version 2

#HostKey/etc/ssh/ssh_host_rsa_key

#HostKey/etc/ssh/ssh_host_dsa_key


# Lifetime and size of ephemeral version 1 server key

#KeyRegenerationInterval 1h

#ServerKeyBits 768


# Logging

# obsoletes Quietmode and Fascistlogging

#SyslogFacility AUTH

Syslogfacility Authpriv

#LogLevel INFO


# Authentication:


#LoginGraceTime 2m

#PermitRootLogin Yes

#StrictModes Yes

#MaxAuthTries 6


#RSAAuthentication Yes

#PubkeyAuthentication Yes

#AuthorizedKeysFile. Ssh/authorized_keys


Also need host keys in/etc/ssh/ssh_known_hosts

#RhostsRSAAuthentication No

# Similar for protocol version 2

#HostbasedAuthentication No

# change-to-yes if you don ' t trust ~/.ssh/known_hosts for

# Rhostsrsaauthentication and Hostbasedauthentication

#IgnoreUserKnownHosts No

# Don ' t read the user ' s ~/.rhosts and ~/.shosts files

#IgnoreRhosts Yes

# To disable tunneled clear text passwords, change to No here!

#PasswordAuthentication Yes

#PermitEmptyPasswords No

Passwordauthentication Yes


# Change to No to disable S/key passwords

#ChallengeResponseAuthentication Yes

Challengeresponseauthentication No


# Kerberos Options

#KerberosAuthentication No

#KerberosOrLocalPasswd Yes

#KerberosTicketCleanup Yes

#KerberosGetAFSToken No


# GSSAPI Options

#GSSAPIAuthentication No

Gssapiauthentication Yes

#GSSAPICleanupCredentials Yes

Gssapicleanupcredentials Yes


# Set this to ' yes ' to enable PAM authentication, account processing,

# and session processing. If This is enabled, PAM authentication would

# be allowed through the challengeresponseauthentication mechanism.

# Depending on your PAM configuration, this may bypass the setting of

# passwordauthentication, Permitemptypasswords, and

# "Permitrootlogin Without-password". If you just want the PAM account and

# session checks to run without PAM authentication and then enable this but set

# Challengeresponseauthentication=no

#UsePAM No

Usepam Yes

Solution:

Based on the error "Permission denied (Publickey,gssapi-with-mic,password)."

Then open the/etc/ssh/sshd_config configuration file, modify the above red configuration

#RSAAuthentication Yes

Pubkeyauthentication Yes

Authorizedkeysfile. Ssh/authorized_keys

Enable PublicKey authentication, and you must ensure that passwordauthentication Yes must be in the state.

Restart the SSH service

Service sshd Restart

And then run the script,

./sshusersetup.sh-user grid-hosts "Rac1 rac2"-advanced-exverify-confirm-nopromptpassphrase

SSH Peer Trust configuration succeeded

This article from "Proud Snow Star scar" blog, declined reprint!

Oracle 11g R2 RAC SSH two node mutual trust peer configuration Permission denied (Publickey,gssapi-with-mic,password)

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
ssh root login permission denied centos 7 ssh permission denied ssh access denied correct password step by step data guard configuration in oracle 12c rac fopen permission denied mkdir permission denied php unlink permission denied
Related Article
Oracle SQL Tuning Database optimization steps Graphic tutorial
Oracle database, numbers Force 2 decimal places to display
An array of Oracle
[Oracle] The CHR function of Oracle returns

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More