Linux SSH 無密碼登入__Linux

借用ORACLE RAC中設定SSH無密碼的操作方法

在 clusterware (CRS) 和 Rac Database 安裝過程中， Oracle Universal Installer (OUI) 必須能夠以 oracle
的身份自動將軟體複製到所有 RAC 節點。這裡我們通過配置 ssh 讓 oracle 使用者擁有不輸入密碼即可訪問
各節點的能力。
首先兩個節點間互 ping ，要確保都是通的
[root@node1 ~]# ping 192.168.100.102
[root@node1 ~]# ping 10.10.17.222

要建立使用者等效性，需要在兩個節點上以 oracle 使用者身份產生使用者的公開金鑰和私密金鑰，首先在 node1 執 行 ：

[root@node1 opt]# su - oracle [oracle@node1 ~]$ mkdir ~/.ssh
[oracle@node1 ~]$ chmod 700 ~/.ssh
[oracle@node1 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
d2:69:eb:ac:86:62:27:50:99:ff:e8:1e:a2:e6:5d:7f oracle@node1

然後換 node2 執行
[root@node2 ~]# ping 192.168.100.102
[root@node2 ~]# ping 10.10.17.222
[root@node2 opt]# su - oracle
[oracle@node2 ~]$ mkdir ~/.ssh
[oracle@node2 ~]$ chmod 700 ~/.ssh
[oracle@node2 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
dd:be:7a:37:e4:b5:f0:b2:24:95:50:61:ea:a1:61:07 oracle@node2

切換回 node1 ，接著執行：
[oracle@node1 ~]$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
提示：下列命令會提示你輸入 node2 的 oracle 密碼，按照提示輸入即可，如果失敗可重新嘗試執行命
令。
[oracle@node1 ~]$ ssh node2 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
The authenticity of host 'node2 (192.168.100.102)' can't be established.
RSA key fingerprint is 92:d1:ce:5b:c8:a1:52:d5:ac:00:5f:48:5d:12:06:e4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node2,192.168.100.102' (RSA) to the list of known hosts.
oracle@node2's password:

[oracle@node1 ~]$ scp ~/.ssh/authorized_keys node2:~/.ssh/authorized_keys
oracle@node2's password:
authorized_keys 100% 1992 2.0KB/s 00:00
兩機相互執行，看看是否還需要輸入密碼
[oracle@node1 ~]$ ssh node1 date
[oracle@node1 ~]$ ssh node2 date
[oracle@node1 ~]$ ssh node1-priv date
[oracle@node1 ~]$ ssh node2-priv date
切換至 node2 執行
[oracle@node2 ~]$ ssh node1 date
[oracle@node2 ~]$ ssh node2 date
[oracle@node2 ~]$ ssh node1-priv date
[oracle@node2 ~]$ ssh node2-priv date
提示：
注意命令的返回資訊，由於 rac 對節點間時間較敏感，因此如果此處顯示節點單時間不一至，建議同
步 ( 一般相隔超過 20 秒就需要同步時間了 ) 。