因为ORACLE 11G R2的cluster是由grid用户来安装,所以两个节点上的grid用户也要配置互信。
在RAC01上oracle用户执行
[oracle@rac01 ~]$ mkdir ~/.ssh
[oracle@rac01 ~]$ chmod 700 ~/.ssh
[oracle@rac01 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
0c:45:a5:ec:e2:08:22:12:8b:0a:f3:d3:b6:1c:57:c2 oracle@rac01
[oracle@rac01 ~]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_dsa.
Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
78:9a:fe:04:ec:35:2c:62:91:9c:16:c4:ae:54:38:30 oracle@rac01
在RAC02上oracle用户执行
[oracle@rac02 ~]$ mkdir ~/.ssh
[oracle@rac02 ~]$ chmod 700 ~/.ssh
[oracle@rac02 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
a1:f5:63:ea:02:b1:af:fc:ab:30:d2:fe:d4:51:ba:17 oracle@rac02
[oracle@rac02 ~]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_dsa.
Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
95:98:f3:1a:22:cf:fa:7d:09:de:6d:5f:24:8d:df:db oracle@rac02
在RAC01上oracle用户执行
[oracle@rac01 ~]$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[oracle@rac01 ~]$ cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
[oracle@rac01 ~]$ ssh rac02 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
The authenticity of host 'rac02 (192.168.136.128)' can't be established.
RSA key fingerprint is 3c:a6:d6:d8:8f:31:d4:bc:87:6c:e1:23:21:ca:78:ff.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'rac02,192.168.136.128' (RSA) to the list of known hosts.
oracle@rac02's password:
[oracle@rac01 ~]$ ssh rac02 cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
oracle@rac02's password:
[oracle@rac01 ~]$ scp ~/.ssh/authorized_keys rac02:~/.ssh/authorized_keys
oracle@rac02's password:
authorized_keys
100% 1992 2.0KB/s 00:00
2、测试两个节点间的互连
在每个节点上测试连接。验证当您再次运行以下命令时,系统是否不提示您输入口令。
ssh rac01 date
ssh rac02 date
ssh rac01-priv date
ssh rac02-priv date