linux下一个Oracle11g RAC建立(五岁以下儿童)

四、建立主机之间的信任关系(node1、node2)

建立节点之间oracle 、grid 用户之间的信任(通过ssh 建立公钥和私钥)

分别在node1和node2创建

=====Oracle用户=========================

在oracle用户下操作:

[root@node1 /]# su - oracle

[oracle@node1 ~]$ mkdir .ssh       创建一个.ssh的隐藏文件夹

[oracle@node1 ~]$ ls -al

total 44

-rw-r--r-- 1 oracle oinstall   33 Jul 12 17:05 .bash_logout

-rw-r--r-- 1 oracle oinstall  438 Jul 12 18:03 .bash_profile

drwxr-xr-x 4 oracle oinstall 4096 Jul 1217:05 .mozilla

drwx------ 2 oracle oinstall 4096 Jul 1218:05 .ssh

-rw------- 1 oracle oinstall  657 Jul 12 18:03 .viminfo

1)生成密钥对(rsa+dsa)(node1、node2)

node1生成密钥rsa类型

id_rsa为私钥。自己主动保存到.ssh下

id_rsa.pub为公钥。自己主动保存到.ssh下

[oracle@node1 ~]$ ssh-keygen -t rsa  

Generating public/private rsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_rsa):  enter

Enter passphrase (empty for nopassphrase):  enter

Enter same passphrase again:  enter

Your identification has been saved in/home/oracle/.ssh/id_rsa.

Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.

The key fingerprint is:

64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@node1

node1生成密钥dsa类型

id_dsa为私钥。自己主动保存到.ssh下

id_dsa.pub为公钥,自己主动保存到.ssh下

[oracle@node1 ~]$ ssh-keygen -t dsa

Generating public/private dsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_dsa): enter 

Enter passphrase (empty for no passphrase):enter

Enter same passphrase again: enter

Your identification has been saved in/home/oracle/.ssh/id_dsa.

Your public key has been saved in/home/oracle/.ssh/id_dsa.pub.

The key fingerprint is:

7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@node1

node2生成密钥rsa类型

id_rsa为私钥。自己主动保存到.ssh下

id_rsa.pub为公钥,自己主动保存到.ssh下

[oracle@node2 asm]# su - oracle

[oracle@node2 ~]$ mkdir .ssh

[oracle@node2 ~]$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_rsa):  enter

Enter passphrase (empty for nopassphrase):  enter

Enter same passphrase again:  enter

Your identification has been saved in/home/oracle/.ssh/id_rsa.

Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.

The key fingerprint is:

64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@node1

node2生成密钥dsa类型

id_dsa为私钥。自己主动保存到.ssh下

id_dsa.pub为公钥,自己主动保存到.ssh下

[oracle@node2 ~]$ ssh-keygen -tdsa    

Generatingpublic/private dsa key pair.

Enter file inwhich to save the key (/home/oracle/.ssh/id_dsa): enter 

Enter passphrase(empty for no passphrase): enter

Enter samepassphrase again: enter

Youridentification has been saved in /home/oracle/.ssh/id_dsa.

Your public keyhas been saved in /home/oracle/.ssh/id_dsa.pub.

The keyfingerprint is:

7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@node1

2)配置信任关系(node1、node2)

为node1配置信任

[oracle@node1 ~]$ ls .ssh

id_dsa       id_rsa             id_dsa.pub   id_rsa.pub

//rsa和dsa为私钥                .pub的为公钥

//ssh下文件authorized_keys是专门存储公钥信息的

//把rsa、dsa类型的公钥文件都放入到authorized_keys文件中

// “ssh  node2”命令代表登陆到节点2下操作

//把两种类型的公钥信息都放到节点2的authorized_keys文件中

[oracle@node1 ~]$ cat.ssh/id_rsa.pub >>.ssh/authorized_keys

[oracle@node1 ~]$ cat.ssh/id_dsa.pub >>.ssh/authorized_keys

[oracle@node1 ~]$ ssh node2  cat .ssh/id_rsa.pub>>.ssh/authorized_keys

oracle@node2's password:

[oracle@node1 ~]$ ssh
node2  cat .ssh/id_dsa.pub>>.ssh/authorized_keys

oracle@node2's password:  oracle的密码

为node2配置信任

能够把node1中的authorized_keys(密钥文件)拷贝到node2中

[oracle@node1 ~]$ scp.ssh/authorized_keys   node2:~/.ssh

oracle@node2's password: oracle的密码

3)验证信任关系(node1、node2)

node1上验证信任

[oracle@node1 ~]$ ssh
node2date

[oracle@node1 ~]$ ssh
node2-privdate    
//私有ip地址验证

[oracle@node1 ~]$ ssh
node1date

[oracle@node1 ~]$ ssh
node1-privdate    

具体操作例如以下:

[oracle@node1 ~]$ ssh node2date

Thu May  214:46:30 CST 2013

[oracle@node1 ~]$ sshnode2-priv date                 //不要求输入password代表信任成功

The authenticity of host 'node2-priv (10.10.10.2)'can't be established.

RSA key fingerprint is16:28:88:50:27:30:92:cb:49:be:55:61:f6:c2:a1:3f.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'node2-priv,10.10.10.2'(RSA) to the list of known hosts.

Thu May  214:47:03 CST 2013

[oracle@node1 ~]$ sshnode2-priv date

Thu May  214:47:05 CST 2013

[oracle@node1 ~]$ ssh node1date

Thu May  214:48:19 CST 2013

[oracle@node1 ~]$ sshnode1-priv date

The authenticity of host 'node1-priv (10.10.10.1)'can't be established.

RSA key fingerprint is39:04:88:3b:54:34:3c:34:d2:df:74:37:fe:5f:92:2d.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'node1-priv,10.10.10.1'(RSA) to the list of known hosts.

Thu May  214:48:35 CST 2013

[oracle@node1 ~]$ sshnode1-priv date

Thu May  214:48:36 CST 2013

node2上验证信任

[oracle@node2 ~]$ ssh
node1date

[oracle@node2~]$ ssh
node1-priv date    

[oracle@node2 ~]$ ssh
node2date

[oracle@node2~]$ ssh
node2-priv date    

=====Grid 用户==========================

步骤同oracle
一样,可參考oracle用户下设置

在grid用户下操作:

[root@node1 /]# su– grid

[grid@node1 ~]$mkdir .ssh       创建一个.ssh的隐藏文件夹

[grid@node1 ~]$ ls-al

1)生成密钥对(rsa+dsa)(node1、node2)

node1生成密钥rsa类型

id_rsa为私钥。自己主动保存到.ssh下

id_rsa.pub为公钥,自己主动保存到.ssh下

[grid@node1 ~]$ ssh-keygen-t rsa     

Generating public/private rsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_rsa): 
enter

Enter passphrase (empty for no passphrase):  enter

Enter same passphrase again:  enter

Your identification has been saved in/home/oracle/.ssh/id_rsa.

Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.

The key fingerprint is:

64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@node1

node1生成密钥dsa类型

id_dsa为私钥。自己主动保存到.ssh下

id_dsa.pub为公钥,自己主动保存到.ssh下

[grid@node1 ~]$ ssh-keygen-t dsa    

Generating public/private dsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_dsa): enter

Enter passphrase (empty for no passphrase): enter

Enter same passphrase again: enter

Your identification has been saved in/home/oracle/.ssh/id_dsa.

Your public key has been saved in/home/oracle/.ssh/id_dsa.pub.

The key fingerprint is:

7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@node1

node2生成密钥rsa类型

id_rsa为私钥。自己主动保存到.ssh下

id_rsa.pub为公钥,自己主动保存到.ssh下

[root@node2 ~]# su – grid

[grid@node2 ~]$ mkdir .ssh

[grid@node2 ~]$ ssh-keygen-t rsa     

Generating public/private rsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_rsa): 
enter

Enter passphrase (empty for no passphrase):  enter

Enter same passphrase again:  enter

Your identification has been saved in/home/oracle/.ssh/id_rsa.

Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.

The key fingerprint is:

64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@node1

node2生成密钥dsa类型

id_dsa为私钥,自己主动保存到.ssh下

id_dsa.pub为公钥。自己主动保存到.ssh下

[grid@node2 ~]$ ssh-keygen -t dsa    

Generating public/private dsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_dsa): enter

Enter passphrase (empty for no passphrase): enter

Enter same passphrase again: enter

Your identification has been saved in/home/oracle/.ssh/id_dsa.

Your public key has been saved in/home/oracle/.ssh/id_dsa.pub.

The key fingerprint is:

7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@node1

2)配置信任关系(node1、node2)

为node1配置信任

[grid@node1 ~]$ ls .ssh

id_dsa       id_rsa             id_dsa.pub   id_rsa.pub      known_hosts

rsa和dsa为私钥                .pub的为公钥

[grid@node1 ~]$ cat.ssh/id_rsa.pub >>.ssh/authorized_keys

[grid@node1 ~]$ cat.ssh/id_dsa.pub >>.ssh/authorized_keys

[grid@node1 ~]$ ssh node2  cat .ssh/id_rsa.pub>>.ssh/authorized_keys

grid@node2's password:

[grid@node1 ~]$ ssh
node2  cat .ssh/id_dsa.pub >>.ssh/authorized_keys

grid@node2's password: grid的密码

为node2配置信任

能够把node1中的authorized_keys(密钥文件)拷贝到node2中

[grid@node1 ~]$ scp.ssh/authorized_keys  
node2:~/.ssh

grid@node2's password: grid的密码

authorized_keys                             100% 1992     2.0KB/s  00:00

3)验证信任关系(node1、node2)

node1上验证信任

[grid@node1 ~]$ ssh
node2date

[grid@node1 ~]$ ssh
node2-privdate    

[grid@node1 ~]$ ssh
node1date

[grid@node1 ~]$ ssh
node1-privdate    

具体操作例如以下:

[grid@node1 ~]$ ssh node2date

Thu May  214:46:30 CST 2013

[grid@node1 ~]$ sshnode2-priv date                  //不要输入password为信任成功

The authenticity of host 'node2-priv (10.10.10.2)'can't be established.

RSA key fingerprint is 16:28:88:50:27:30:92:cb:49:be:55:61:f6:c2:a1:3f.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'node2-priv,10.10.10.2'(RSA) to the list of known hosts.

Thu May  214:47:03 CST 2013

[grid@node1 ~]$ sshnode2-priv date

Thu May  214:47:05 CST 2013

[grid@node1 ~]$ ssh node1date

Thu May  214:48:19 CST 2013

[grid@node1 ~]$ sshnode1-priv date

The authenticity of host 'node1-priv (10.10.10.1)'can't be established.

RSA key fingerprint is39:04:88:3b:54:34:3c:34:d2:df:74:37:fe:5f:92:2d.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'node1-priv,10.10.10.1'(RSA) to the list of known hosts.

Thu May  214:48:35 CST 2013

[grid@node1 ~]$ sshnode1-priv date

Thu May  214:48:36 CST 2013

node2上验证信任

[grid@node2 ~]$ ssh
node1date

[grid@node2~]$ ssh
node1-priv date    

[grid@node2 ~]$ ssh
node2date

[grid@node2~]$ ssh
node2-priv date    

声明:

         原创作品。出自 “深蓝的blog” 博客。同意转载。转载时请务必注明出处(http://blog.csdn.net/huangyanlong)。

关于涉及版权事宜,作者有权追究法律责任。

************************** 未完待续 敬请关注 **************************************

版权声明:本文博主原创文章,博客,未经同意不得转载。

linux下一个Oracle11g RAC建立(五岁以下儿童)的更多相关文章

  1. linux下一个Oracle11g RAC建立(四)

    linux下一个Oracle11g RAC建立(四) 三.配置共享存储 配置ASM管理准备 1)OCRDISK :存储CRS资源配置信息 2)VOTEDISK:仲裁盘.记录节点状态 3)DataDis ...

  2. linux下一个Oracle11g RAC建立(八)

    linux下一个Oracle11g RAC建立(八) 七.安装oracle软件   直接在图形界面里安装oracle.在node1操作 在虚拟机界面中,直接切换到oracle用户下: [grid@no ...

  3. linux下一个oracle11G DG建立(一个):准备环境

    linux下一个oracle11G  DG建立(一个):准备环境 周围环境 名称 主库 备库 主机名 bjsrv shsrv 软件版本号 RedHat Enterprise5.5.Oracle 11g ...

  4. Linux下搭建Oracle11g RAC(2)----配置DNS服务器,确认SCAN IP可以被解析

    从Oracle 11gR2开始,引入SCAN(Single Client Access Name) IP的概念,相当于在客户端和数据库之间增加一层虚拟的网络服务层,即是SCAN IP和SCAP IP  ...

  5. Linux下搭建Oracle11g RAC(5)----配置ASM磁盘

    将共享磁盘格式化.然后用asmlib将其配置为ASM磁盘,用于将来存放OCR.Voting Disk和数据库用. 注意:只需在其中1个节点上格式化就可以,接下来我们选择在node1节点上格式化. 这里 ...

  6. Linux下搭建Oracle11g RAC(3)----创建用户及配置相关文件

    配置11gR2 RAC需要安装Oracle Grid Infrastructure软件.Oracle数据库软件,其中Grid软件等同于Oracle 10g的Clusterware集群件.Oracle建 ...

  7. Linux下搭建Oracle11g RAC(9)----创建RAC数据库

    接下来,使用DBCA来创建RAC数据库. ① 以oracle用户登录图形界面,执行dbca,进入DBCA的图形界面,选择第1项,创建RAC数据库: ② 选择创建数据库选项,Next: ③ 选择创建通用 ...

  8. Linux下搭建Oracle11g RAC(8)----创建ASM磁盘组

    以grid用户创建ASM磁盘组,创建的ASM磁盘组为下一步创建数据库提供存储. ① grid用户登录图形界面,执行asmca命令来创建磁盘组: ② 进入ASMCA配置界面后,单击Create,创建新的 ...

  9. Linux下搭建Oracle11g RAC(7)----安装Oracle 软件

    从此步骤开始,我们正式安装oracle软件: ① 以oracle用户登录图形界面,执行/home/oracle/database/runInstaller,进入OUI的图形安装界面: ② 进入OUI安 ...

随机推荐

  1. hdu2845(dp)

    题目链接:http://acm.hdu.edu.cn/showproblem.php?pid=2845 题意:给你一个n*m的矩阵,每个位置有一定数量的豆子,如果你去map[x][y]位置上的豆子,则 ...

  2. hdu4004(二分)

    题目链接:http://acm.hdu.edu.cn/showproblem.php?pid=4004 大致题意 二分最大跳跃能力,判断是否可以在m次内到达对岸! 分析:由于求青蛙最小弹跳能力,所以二 ...

  3. WampServer:轻松配置Wordpress安装环境

    WordPress运行环境 PHP 5.2.4 或更新版本(不支持第三方推出的“PHP 6.0”) MySQL 5.0 或更新版本 Apache mod_rewrite 模块(可选,用于支持“固定链接 ...

  4. CSS3 3D旋转动画代码实例

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/ ...

  5. 解决错误 fatal error C1010: unexpected end of file while looking for precompiled head

    在编译VS时候,出现fatal error C1010: unexpected end of file while looking for precompiled head. 问题详解:致命错误C10 ...

  6. java连接数据库——JDBC连接数据库

    DBUtil.java   // 数据库操作文件 package com.bjpowernode.jdbc.util; import java.io.File; import java.io.File ...

  7. session校验是否登录

    由于一个网站要有好多页面,如果每个页面都写上检验session是否为空,太麻烦了,所以写个工具类,就方便了. 1首先创建一个类库Common 2,然后在这个类库添加引用 3在Common继承 :Sys ...

  8. 【从翻译mos文章】在OGG (Oracle GoldenGate) 正在使用SCHEMATRANDATA如果,需要额外的db patch

    在OGG (Oracle GoldenGate) 正在使用SCHEMATRANDATA如果.需要额外的db patch 参考原始: Patches needed to support SCHEMATR ...

  9. 状态压缩dp入门

    poj1321 http://poj.org/problem?id=1321 我们可以把棋盘的每一行看做是一个状态,如果某一列放置了棋子,那么就标记为1,否则就标记为0.然后把它看成是一个二进制数,然 ...

  10. Windows Phone开发(9):关于页面状态

    原文:Windows Phone开发(9):关于页面状态 按照一般做法,刚学会如何导航,还是不够的,因为要知道,手机里面的每个页面,就如同Web页面一样,是无状态的. 啥是无状态?如果我们玩过Web开 ...