Configure SSH Manually for RAC 4 node Cluster
Before 11gR2, Grid Infrastructure Installation requires SSH to be configured. But from 11gR2 onwards, using Oracle Universal Installer the ssh setup can be done by using the 'SSH Connectivity' button.
And also to run cluvfy, SSH configuration is needed. Below are the steps for manual SSH configuration.
**************************************** Step By Step Procedure ******************************************************
#########################################
# 1) Create Necessary Folders & Permissions
#########################################
Login to ORACLE user HOME and create a directory called .ssh and permissions should be given like below.
$ cd $HOME
$ mkdir .ssh
$ chmod 700 .ssh
cd /u01/home/oracle/.ssh
=====================================================================================================================
Do Step 1 in all the 4 nodes.
=====================================================================================================================
#########################################
# 2) Create Keygen
#########################################
On Node 1 ( hostU13 )
---------------------------
no_sid @ hostu13:/u01/home/oracle/.ssh
> ls -ltr
total 4
-rw-r--r-- 1 oracle oinstall 407 Dec 18 05:40 known_hosts
/usr/bin/ssh-keygen -t rsa
no_sid @ hostu13:/u01/home/oracle/.ssh
> /usr/bin/ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/u01/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /u01/home/oracle/.ssh/id_rsa.
Your public key has been saved in /u01/home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
af:75:72:de:a8:1c:1e:0a:11:64:9e:5b:cd:0e:30:b2 oracle@hostu13
Note :
---------
Accept the default location for the key file, Enter and confirm a passphrase. (you can also press enter twice)
no_sid @ hostu13:/u01/home/oracle/.ssh
> ls
id_rsa id_rsa.pub known_hosts
no_sid @ hostu13:/u01/home/oracle/.ssh
> ls -altr
total 20
-rw-r--r-- 1 oracle oinstall 407 Dec 18 05:40 known_hosts
drwxr-xr-x 4 oracle dba 4096 Dec 18 21:58 ..
-rw-r--r-- 1 oracle oinstall 400 Dec 18 22:02 id_rsa.pub
-rw------- 1 oracle oinstall 1675 Dec 18 22:02 id_rsa
drwx------ 2 oracle oinstall 4096 Dec 18 22:02 .
no_sid @ hostu13:/u01/home/oracle/.ssh
=====================================================================================================================
Now we have got 2 files generated "id_rsa.pub" & "id_rsa"
Do Step 2 in all the 4 nodes.
=====================================================================================================================
#########################################
# 3) Create Authorization Keys
#########################################
Now we will create an authorization key file from "id_rsa.pub" file in all the nodes.
cat id_rsa.pub >> authorized_keys.$HOSTNAME
no_sid @ hostu13:/u01/home/oracle/.ssh
> cat id_rsa.pub >> authorized_keys.$HOSTNAME
no_sid @ hostu13:/u01/home/oracle/.ssh
> ls -ltr
total 16
-rw-r--r-- 1 oracle oinstall 408 Dec 18 06:32 known_hosts
-rw-r--r-- 1 oracle oinstall 400 Dec 18 23:10 id_rsa.pub
-rw------- 1 oracle oinstall 1675 Dec 18 23:10 id_rsa
-rw-r--r-- 1 oracle oinstall 400 Dec 19 07:44 authorized_keys.hostu13
no_sid @ hostu13:/u01/home/oracle/.ssh
Copy All the authorized_keys.$HOSTNAME from all the 4 nodes to Node 1, Once copied it will be like below,
no_sid @ hostu13:/u01/home/oracle/.ssh
> ls -ltr
total 28
-rw-r--r-- 1 oracle oinstall 400 Dec 18 22:02 id_rsa.pub
-rw------- 1 oracle oinstall 1675 Dec 18 22:02 id_rsa
-rw-r--r-- 1 oracle oinstall 1631 Dec 19 07:49 known_hosts
-rwxrwxrwx 1 oracle oinstall 400 Dec 18 22:06 authorized_keys.hostu13
-rw-r--r-- 1 oracle oinstall 400 Dec 19 07:48 authorized_keys.hostu14
-rw-r--r-- 1 oracle oinstall 400 Dec 19 07:49 authorized_keys.hostu15
-rw-r--r-- 1 oracle oinstall 400 Dec 19 07:49 authorized_keys.hostu16
no_sid @ hostu13:/u01/home/oracle/.ssh
>
Now Create a file called "authorized_keys" which will hold all the 4 nodes key files.
cat *.host* >> authorized_keys
no_sid @ hostu13:/u01/home/oracle/.ssh
> cat *.host* >> authorized_keys
no_sid @ hostu13:/u01/home/oracle/.ssh
> ls -ltr
total 32
-rw-r--r-- 1 oracle oinstall 400 Dec 18 22:02 id_rsa.pub
-rw------- 1 oracle oinstall 1675 Dec 18 22:02 id_rsa
-rw-r--r-- 1 oracle oinstall 1631 Dec 19 07:49 known_hosts
-rwxrwxrwx 1 oracle oinstall 400 Dec 18 22:06 authorized_keys.hostu13
-rw-r--r-- 1 oracle oinstall 400 Dec 19 07:48 authorized_keys.hostu14
-rw-r--r-- 1 oracle oinstall 400 Dec 19 07:49 authorized_keys.hostu15
-rw-r--r-- 1 oracle oinstall 400 Dec 19 07:49 authorized_keys.hostu16
-rw-r--r-- 1 oracle oinstall 1600 Dec 19 07:51 authorized_keys
no_sid @ hostu13:/u01/home/oracle/.ssh
Now FTP the authorized_keys file to all the nodes to /u01/home/oracle/.ssh location
=====================================================================================================================
#########################################
# 4) Test SSH
#########################################
Now run the below commands, from all the nodes. Initially it may prompt like below, Give "YES". "known_hosts" file will be added with the RSA key values.
Below commands should return date.
ssh hostu13 date
ssh hostu14 date
ssh hostu15 date
ssh hostu16 date
no_sid @ hostu13:/u01/home/oracle/.ssh
> ssh hostu13 date
The authenticity of host 'hostu13 (192.168.29.205)' can't be established.
RSA key fingerprint is e6:e2:24:ad:1f:bf:88:0e:f2:6d:09:2c:5d:7b:f2:0e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hostu13,192.168.29.205' (RSA) to the list of known hosts.
Thu Dec 19 07:57:18 CST 2013
no_sid @ hostu13:/u01/home/oracle/.ssh
>
no_sid @ hostu13:/u01/home/oracle/.ssh
> ssh hostu14 date
Thu Dec 19 07:57:30 CST 2013
no_sid @ hostu13:/u01/home/oracle/.ssh
>
no_sid @ hostu13:/u01/home/oracle/.ssh
> ssh hostu15 date
Thu Dec 19 07:57:37 CST 2013
no_sid @ hostu13:/u01/home/oracle/.ssh
>
no_sid @ hostu13:/u01/home/oracle/.ssh
> ssh hostu16 date
Thu Dec 19 07:57:44 CST 2013
no_sid @ hostu13:/u01/home/oracle/.ssh
>
no_sid @ hostu13:/u01/home/oracle/.ssh
>
=====================================================================================================================
#########################################
# 5) Sample "known_hosts"
#########################################
After ssh to hostu13, and YES was provided, it added an entry.
no_sid @ hostu15:/u01/home/oracle/.ssh
> more known_hosts
hostu13,192.168.29.205 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvLbffewHf7FSEB7FuRZUpq8Swk8Yy9uUgGdbUiTsF2firlYi7lfkDywlAHvtpixxhmkyTHV92LFk0Dwr0HhYTYSBBxlNTBWPr
4sfjvcIweWSlF/HMoTerG4QE7dwbRxYej+mDqVxs4Zujh6verF1GMKkrsG8tMVfnVQUxeRj1q4YifY2nZR6vG3JpVv+4aV8KG6ViCFORzdR6AKD20YtQ7sqe3O1Dg7gqUo5UA5/XCdHUgcKIw4lza6WzRVdj6QZQ
E+aFl/f3TKgbI9jqhIwiBqtPPw69VeYGdcF0RpwhAHxvvVR5U34BUeOs+TuE/KpKe4MEGMZJHeP1Wu6rc3inw==
no_sid @ hostu15:/u01/home/oracle/.ssh
>
Now, After ssh to hostu14, it has entry of hostU13 & hostU14
no_sid @ hostu15:/u01/home/oracle/.ssh
> more known_hosts
hostu13,192.168.29.205 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvLbffewHf7FSEB7FuRZUpq8Swk8Yy9uUgGdbUiTsF2firlYi7lfkDywlAHvtpixxhmkyTHV92LFk0Dwr0HhYTYSBBxlNTBWPr
4sfjvcIweWSlF/HMoTerG4QE7dwbRxYej+mDqVxs4Zujh6verF1GMKkrsG8tMVfnVQUxeRj1q4YifY2nZR6vG3JpVv+4aV8KG6ViCFORzdR6AKD20YtQ7sqe3O1Dg7gqUo5UA5/XCdHUgcKIw4lza6WzRVdj6QZQ
E+aFl/f3TKgbI9jqhIwiBqtPPw69VeYGdcF0RpwhAHxvvVR5U34BUeOs+TuE/KpKe4MEGMZJHeP1Wu6rc3inw==
hostu14,192.168.29.206 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwyx+PEkivwKs1RGoLiBNbgKU0KloyKdkL2HVouWZzRr36veV+SDYNJkR7ek8kcNdakVlV20aKzfqlaOhfOq1GfI7Hd0Z3epUh
Bbs/YkdaKdPwtRpeB7iD/kBSTkpiuXbcS06QjtQ5NLlsGOLrviProDucMjQIHg1wrU5PE12fQ4NHFBGSArSk/d4kQUxyYotPcjbACjKmdnY/TpTuRCy5eyIXDiDHN/opXX+0j+rH9A4j5eIBe1G9cZcQda/57BBL
Z/ESIGkZ444YqbwT5dxTlrpaKPtyK12UCeLw9xoSAOcnQUm/4ICj96M95kMeMezUBSjlZIN3S79/9rVpOTUtw==
no_sid @ hostu15:/u01/home/oracle/.ssh
>
=====================================================================================================================
No comments:
Post a Comment