linux下一个Oracle11g RAC建立(五岁以下儿童)
linux下一个Oracle11g RAC建立(五岁以下儿童)
四、建立主机之间的信任关系(node1、node2)
建立节点之间oracle 、grid 用户之间的信任(通过ssh 建立公钥和私钥)
分别在node1和node2创建
=====Oracle用户=========================
在oracle用户下操作:
[root@node1 /]# su - oracle
[oracle@node1 ~]$ mkdir .ssh 创建一个.ssh的隐藏文件夹
[oracle@node1 ~]$ ls -al
total 44
-rw-r--r-- 1 oracle oinstall 33 Jul 12 17:05 .bash_logout
-rw-r--r-- 1 oracle oinstall 438 Jul 12 18:03 .bash_profile
drwxr-xr-x 4 oracle oinstall 4096 Jul 1217:05 .mozilla
drwx------ 2 oracle oinstall 4096 Jul 1218:05 .ssh
-rw------- 1 oracle oinstall 657 Jul 12 18:03 .viminfo
1)生成密钥对(rsa+dsa)(node1、node2)
node1生成密钥rsa类型
id_rsa为私钥。自己主动保存到.ssh下
id_rsa.pub为公钥。自己主动保存到.ssh下
[oracle@node1 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key(/home/oracle/.ssh/id_rsa): enter
Enter passphrase (empty for nopassphrase): enter
Enter same passphrase again: enter
Your identification has been saved in/home/oracle/.ssh/id_rsa.
Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@node1
node1生成密钥dsa类型
id_dsa为私钥。自己主动保存到.ssh下
id_dsa.pub为公钥,自己主动保存到.ssh下
[oracle@node1 ~]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key(/home/oracle/.ssh/id_dsa): enter
Enter passphrase (empty for no passphrase):enter
Enter same passphrase again: enter
Your identification has been saved in/home/oracle/.ssh/id_dsa.
Your public key has been saved in/home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@node1
node2生成密钥rsa类型
id_rsa为私钥。自己主动保存到.ssh下
id_rsa.pub为公钥,自己主动保存到.ssh下
[oracle@node2 asm]# su - oracle
[oracle@node2 ~]$ mkdir .ssh
[oracle@node2 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key(/home/oracle/.ssh/id_rsa): enter
Enter passphrase (empty for nopassphrase): enter
Enter same passphrase again: enter
Your identification has been saved in/home/oracle/.ssh/id_rsa.
Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@node1
node2生成密钥dsa类型
id_dsa为私钥。自己主动保存到.ssh下
id_dsa.pub为公钥,自己主动保存到.ssh下
[oracle@node2 ~]$ ssh-keygen -tdsa
Generatingpublic/private dsa key pair.
Enter file inwhich to save the key (/home/oracle/.ssh/id_dsa): enter
Enter passphrase(empty for no passphrase): enter
Enter samepassphrase again: enter
Youridentification has been saved in /home/oracle/.ssh/id_dsa.
Your public keyhas been saved in /home/oracle/.ssh/id_dsa.pub.
The keyfingerprint is:
7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@node1
2)配置信任关系(node1、node2)
为node1配置信任
[oracle@node1 ~]$ ls .ssh
id_dsa id_rsa id_dsa.pub id_rsa.pub
//rsa和dsa为私钥 .pub的为公钥
//ssh下文件authorized_keys是专门存储公钥信息的
//把rsa、dsa类型的公钥文件都放入到authorized_keys文件中
// “ssh node2”命令代表登陆到节点2下操作
//把两种类型的公钥信息都放到节点2的authorized_keys文件中
[oracle@node1 ~]$ cat.ssh/id_rsa.pub >>.ssh/authorized_keys
[oracle@node1 ~]$ cat.ssh/id_dsa.pub >>.ssh/authorized_keys
[oracle@node1 ~]$ ssh node2 cat .ssh/id_rsa.pub>>.ssh/authorized_keys
oracle@node2's password:
[oracle@node1 ~]$ ssh
node2 cat .ssh/id_dsa.pub>>.ssh/authorized_keys
oracle@node2's password: oracle的密码
为node2配置信任
能够把node1中的authorized_keys(密钥文件)拷贝到node2中
[oracle@node1 ~]$ scp.ssh/authorized_keys node2:~/.ssh
oracle@node2's password: oracle的密码
3)验证信任关系(node1、node2)
node1上验证信任
[oracle@node1 ~]$ ssh
node2date
[oracle@node1 ~]$ ssh
node2-privdate //私有ip地址验证
[oracle@node1 ~]$ ssh
node1date
[oracle@node1 ~]$ ssh
node1-privdate
具体操作例如以下:
[oracle@node1 ~]$ ssh node2date
Thu May 214:46:30 CST 2013
[oracle@node1 ~]$ sshnode2-priv date //不要求输入password代表信任成功
The authenticity of host 'node2-priv (10.10.10.2)'can't be established.
RSA key fingerprint is16:28:88:50:27:30:92:cb:49:be:55:61:f6:c2:a1:3f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node2-priv,10.10.10.2'(RSA) to the list of known hosts.
Thu May 214:47:03 CST 2013
[oracle@node1 ~]$ sshnode2-priv date
Thu May 214:47:05 CST 2013
[oracle@node1 ~]$ ssh node1date
Thu May 214:48:19 CST 2013
[oracle@node1 ~]$ sshnode1-priv date
The authenticity of host 'node1-priv (10.10.10.1)'can't be established.
RSA key fingerprint is39:04:88:3b:54:34:3c:34:d2:df:74:37:fe:5f:92:2d.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node1-priv,10.10.10.1'(RSA) to the list of known hosts.
Thu May 214:48:35 CST 2013
[oracle@node1 ~]$ sshnode1-priv date
Thu May 214:48:36 CST 2013
node2上验证信任
[oracle@node2 ~]$ ssh
node1date
[oracle@node2~]$ ssh
node1-priv date
[oracle@node2 ~]$ ssh
node2date
[oracle@node2~]$ ssh
node2-priv date
=====Grid 用户==========================
步骤同oracle
一样,可參考oracle用户下设置
在grid用户下操作:
[root@node1 /]# su– grid
[grid@node1 ~]$mkdir .ssh 创建一个.ssh的隐藏文件夹
[grid@node1 ~]$ ls-al
1)生成密钥对(rsa+dsa)(node1、node2)
node1生成密钥rsa类型
id_rsa为私钥。自己主动保存到.ssh下
id_rsa.pub为公钥,自己主动保存到.ssh下
[grid@node1 ~]$ ssh-keygen-t rsa
Generating public/private rsa key pair.
Enter file in which to save the key(/home/oracle/.ssh/id_rsa):
enter
Enter passphrase (empty for no passphrase): enter
Enter same passphrase again: enter
Your identification has been saved in/home/oracle/.ssh/id_rsa.
Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@node1
node1生成密钥dsa类型
id_dsa为私钥。自己主动保存到.ssh下
id_dsa.pub为公钥,自己主动保存到.ssh下
[grid@node1 ~]$ ssh-keygen-t dsa
Generating public/private dsa key pair.
Enter file in which to save the key(/home/oracle/.ssh/id_dsa): enter
Enter passphrase (empty for no passphrase): enter
Enter same passphrase again: enter
Your identification has been saved in/home/oracle/.ssh/id_dsa.
Your public key has been saved in/home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@node1
node2生成密钥rsa类型
id_rsa为私钥。自己主动保存到.ssh下
id_rsa.pub为公钥,自己主动保存到.ssh下
[root@node2 ~]# su – grid
[grid@node2 ~]$ mkdir .ssh
[grid@node2 ~]$ ssh-keygen-t rsa
Generating public/private rsa key pair.
Enter file in which to save the key(/home/oracle/.ssh/id_rsa):
enter
Enter passphrase (empty for no passphrase): enter
Enter same passphrase again: enter
Your identification has been saved in/home/oracle/.ssh/id_rsa.
Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@node1
node2生成密钥dsa类型
id_dsa为私钥,自己主动保存到.ssh下
id_dsa.pub为公钥。自己主动保存到.ssh下
[grid@node2 ~]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key(/home/oracle/.ssh/id_dsa): enter
Enter passphrase (empty for no passphrase): enter
Enter same passphrase again: enter
Your identification has been saved in/home/oracle/.ssh/id_dsa.
Your public key has been saved in/home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@node1
2)配置信任关系(node1、node2)
为node1配置信任
[grid@node1 ~]$ ls .ssh
id_dsa id_rsa id_dsa.pub id_rsa.pub known_hosts
rsa和dsa为私钥 .pub的为公钥
[grid@node1 ~]$ cat.ssh/id_rsa.pub >>.ssh/authorized_keys
[grid@node1 ~]$ cat.ssh/id_dsa.pub >>.ssh/authorized_keys
[grid@node1 ~]$ ssh node2 cat .ssh/id_rsa.pub>>.ssh/authorized_keys
grid@node2's password:
[grid@node1 ~]$ ssh
node2 cat .ssh/id_dsa.pub >>.ssh/authorized_keys
grid@node2's password: grid的密码
为node2配置信任
能够把node1中的authorized_keys(密钥文件)拷贝到node2中
[grid@node1 ~]$ scp.ssh/authorized_keys
node2:~/.ssh
grid@node2's password: grid的密码
authorized_keys 100% 1992 2.0KB/s 00:00
3)验证信任关系(node1、node2)
node1上验证信任
[grid@node1 ~]$ ssh
node2date
[grid@node1 ~]$ ssh
node2-privdate
[grid@node1 ~]$ ssh
node1date
[grid@node1 ~]$ ssh
node1-privdate
具体操作例如以下:
[grid@node1 ~]$ ssh node2date
Thu May 214:46:30 CST 2013
[grid@node1 ~]$ sshnode2-priv date //不要输入password为信任成功
The authenticity of host 'node2-priv (10.10.10.2)'can't be established.
RSA key fingerprint is 16:28:88:50:27:30:92:cb:49:be:55:61:f6:c2:a1:3f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node2-priv,10.10.10.2'(RSA) to the list of known hosts.
Thu May 214:47:03 CST 2013
[grid@node1 ~]$ sshnode2-priv date
Thu May 214:47:05 CST 2013
[grid@node1 ~]$ ssh node1date
Thu May 214:48:19 CST 2013
[grid@node1 ~]$ sshnode1-priv date
The authenticity of host 'node1-priv (10.10.10.1)'can't be established.
RSA key fingerprint is39:04:88:3b:54:34:3c:34:d2:df:74:37:fe:5f:92:2d.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node1-priv,10.10.10.1'(RSA) to the list of known hosts.
Thu May 214:48:35 CST 2013
[grid@node1 ~]$ sshnode1-priv date
Thu May 214:48:36 CST 2013
node2上验证信任
[grid@node2 ~]$ ssh
node1date
[grid@node2~]$ ssh
node1-priv date
[grid@node2 ~]$ ssh
node2date
[grid@node2~]$ ssh
node2-priv date
声明:
原创作品。出自 “深蓝的blog” 博客。同意转载。转载时请务必注明出处(http://blog.csdn.net/huangyanlong)。
关于涉及版权事宜,作者有权追究法律责任。
************************** 未完待续 敬请关注 **************************************
版权声明:本文博主原创文章,博客,未经同意不得转载。
linux下一个Oracle11g RAC建立(五岁以下儿童)的更多相关文章
- linux下一个Oracle11g RAC建立(四)
linux下一个Oracle11g RAC建立(四) 三.配置共享存储 配置ASM管理准备 1)OCRDISK :存储CRS资源配置信息 2)VOTEDISK:仲裁盘.记录节点状态 3)DataDis ...
- linux下一个Oracle11g RAC建立(八)
linux下一个Oracle11g RAC建立(八) 七.安装oracle软件 直接在图形界面里安装oracle.在node1操作 在虚拟机界面中,直接切换到oracle用户下: [grid@no ...
- linux下一个oracle11G DG建立(一个):准备环境
linux下一个oracle11G DG建立(一个):准备环境 周围环境 名称 主库 备库 主机名 bjsrv shsrv 软件版本号 RedHat Enterprise5.5.Oracle 11g ...
- Linux下搭建Oracle11g RAC(2)----配置DNS服务器,确认SCAN IP可以被解析
从Oracle 11gR2开始,引入SCAN(Single Client Access Name) IP的概念,相当于在客户端和数据库之间增加一层虚拟的网络服务层,即是SCAN IP和SCAP IP ...
- Linux下搭建Oracle11g RAC(5)----配置ASM磁盘
将共享磁盘格式化.然后用asmlib将其配置为ASM磁盘,用于将来存放OCR.Voting Disk和数据库用. 注意:只需在其中1个节点上格式化就可以,接下来我们选择在node1节点上格式化. 这里 ...
- Linux下搭建Oracle11g RAC(3)----创建用户及配置相关文件
配置11gR2 RAC需要安装Oracle Grid Infrastructure软件.Oracle数据库软件,其中Grid软件等同于Oracle 10g的Clusterware集群件.Oracle建 ...
- Linux下搭建Oracle11g RAC(9)----创建RAC数据库
接下来,使用DBCA来创建RAC数据库. ① 以oracle用户登录图形界面,执行dbca,进入DBCA的图形界面,选择第1项,创建RAC数据库: ② 选择创建数据库选项,Next: ③ 选择创建通用 ...
- Linux下搭建Oracle11g RAC(8)----创建ASM磁盘组
以grid用户创建ASM磁盘组,创建的ASM磁盘组为下一步创建数据库提供存储. ① grid用户登录图形界面,执行asmca命令来创建磁盘组: ② 进入ASMCA配置界面后,单击Create,创建新的 ...
- Linux下搭建Oracle11g RAC(7)----安装Oracle 软件
从此步骤开始,我们正式安装oracle软件: ① 以oracle用户登录图形界面,执行/home/oracle/database/runInstaller,进入OUI的图形安装界面: ② 进入OUI安 ...
随机推荐
- Wix学习整理(4)——关于WiX文件格式和案例HelloWorld的分析
原文:Wix学习整理(4)--关于WiX文件格式和案例HelloWorld的分析 关于WiX文件格式 .wxs是WiX的源文件扩展名..wxs文件以类XML文件的格式来指定了要构造Windows In ...
- TMG 2010 VPN配置
微软的ISA 到2006以后就叫TMG了,上周在公司的服务器上安装测试了下,虽然增加了很多功能,但是主要功能上和ISA 2004差不多,最近在部署L2TP VPN,由于防火墙带的远程访问VPN为纯的L ...
- Thinkphp中的volist标签(查询数据集(select方法)的结果输出)用法简介
参考网址:http://camnpr.com/archives/1515.html 通常volist标签多用于查询数据集(select方法)的结果输出,通常模型的select方法返回的结果是一个二维数 ...
- java IO流文件的读写具体实例
IO流的分类:1.根据流的数据对象来分:高端流:所有的内存中的流都是高端流,比如:InputStreamReader 低端流:所有的外界设备中的流都是低端流,比如InputStream,Output ...
- robot framework 使用四:分层设计和截图以及注意事项
再说一下眼下的主要环境信息和版本号: 操作系统:win7 64位 python版本号:2.7.6 RIDE版本号:1.2.3 selenium2library:1.5.0 selenium:2.40. ...
- 该Tiled地图制作拿到项目~~这是偷懒,为了直接复制后写来
1.现在,.h声明private: cocos2d::CCSprite* ninja; cocos2d::CCTMXTiledMap* tileMap; 然后.cpp中增加tileMap = CCT ...
- 无法打开登录所请求的数据库 "ASPState"。登录失败。 用户 'NT AUTHORITY/SYSTEM' 登录失败。
原文:无法打开登录所请求的数据库 "ASPState".登录失败. 用户 'NT AUTHORITY/SYSTEM' 登录失败. 无法打开登录 'ASPState' 中请求的数据库 ...
- Android PackageInstaller 安装和卸载
应用的安装方式:adb install或者下载安装 过程分析请參考老罗的blog,这里记录一下第三方应用程序安装apk的过程. 安装的过程主要是调用PackageInstaller这个App,源码的位 ...
- hdu1011(树形背包)
hdu1011 http://acm.hdu.edu.cn/showproblem.php?pid=1011 给定n个洞穴和m个士兵(每个士兵能消灭20个bugs) 然后给定每个洞穴的bugs数量(背 ...
- bellman_ford寻找平均权值最小的回路
给定一个有向图,如果存在平均值最小的回路,输出平均值. 使用二分法求解,对于一个猜测值mid,判断是否存在平均值小于mid的回路 如果存在平均值小于mid的包含k条边的回路,那么有w1+w2+w3+. ...