第5步：創建主機間的信任關係（sgdb一、sgdb2）

5.1 Oracle 用戶下創建信任

5.11 建立 .ssh 目錄

[root@sgdb1 /]# su - oracle [oracle@sgdb1 ~]$ mkdir .ssh        建立一個 .ssh 的隱藏目錄 [oracle@sgdb1 ~]$ ls -al total 44 -rw-r--r-- 1 oracle oinstall   33 Jul 12 17:05 .bash_logout -rw-r--r-- 1 oracle oinstall  438 Jul 12 18:03 .bash_profile drwxr-xr-x 4 oracle oinstall 4096 Jul 1217:05 .mozilla drwx------ 2 oracle oinstall 4096 Jul 1218:05 .ssh -rw------- 1 oracle oinstall  657 Jul 12 18:03 .viminfo

5.12 sgdb1 生成密鑰 rsa 類型

id_rsa 爲私鑰，自動保存到 .ssh 下

id_rsa.pub 爲公鑰，自動保存到 .ssh 下

[oracle@sgdb1 ~]$ ssh-keygen -t rsa       Generating public/private rsa key pair. Enter file in which to save the key(/home/oracle/.ssh/id_rsa):  enter Enter passphrase (empty for nopassphrase):  enter Enter same passphrase again:  enter Your identification has been saved in/home/oracle/.ssh/id_rsa. Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.            The key fingerprint is: 64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@sgdb1

5.12 sgdb1 生成密鑰 dsa 類型

id_dsa 爲私鑰，自動保存到 .ssh 下

id_dsa.pub 爲公鑰，自動保存到 .ssh 下

[oracle@sgdb1 ~]$ ssh-keygen -t dsa      Generating public/private dsa key pair. Enter file in which to save the key(/home/oracle/.ssh/id_dsa): enter                         Enter passphrase (empty for no passphrase):enter Enter same passphrase again: enter Your identification has been saved in/home/oracle/.ssh/id_dsa. Your public key has been saved in/home/oracle/.ssh/id_dsa.pub.                 The key fingerprint is: 7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@sgdb1

5.13 sgdb2 生成密鑰 rsa 類型

id_rsa 爲私鑰，自動保存到 .ssh 下

id_rsa.pub 爲公鑰，自動保存到 .ssh 下

[oracle@sgdb2 asm]# su - oracle [oracle@sgdb2 ~]$ mkdir .ssh [oracle@sgdb2 ~]$ ssh-keygen -t rsa       Generating public/private rsa key pair. Enter file in which to save the key(/home/oracle/.ssh/id_rsa):  enter              Enter passphrase (empty for nopassphrase):  enter Enter same passphrase again:  enter Your identification has been saved in/home/oracle/.ssh/id_rsa. Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.            The key fingerprint is: 64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@sgdb1

5.14 sgdb2 生成密鑰 dsa 類型

id_dsa 爲私鑰，自動保存到 .ssh 下

id_dsa.pub 爲公鑰，自動保存到 .ssh 下

[oracle@sgdb2 ~]$ ssh-keygen -tdsa     Generatingpublic/private dsa key pair. Enter file inwhich to save the key (/home/oracle/.ssh/id_dsa): enter                         Enter passphrase(empty for no passphrase): enter Enter samepassphrase again: enter Youridentification has been saved in /home/oracle/.ssh/id_dsa. Your public keyhas been saved in /home/oracle/.ssh/id_dsa.pub.                 The keyfingerprint is: 7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@sgdb1

5.16 爲 sgdb1 配置信任

rsa 和 dsa 爲私鑰， .pub 的爲公鑰  

ssh 下文件 authorized_keys 是專門存儲公鑰信息的

把 rsa 、 dsa 類型的公鑰文件都放入到 authorized_keys 文件裏

「 ssh  sgdb2 」命令表明登錄到節點 2 下操做

把兩種類型的公鑰信息都放到節點 2 的 authorized_keys 文件裏

[oracle@sgdb1 ~]$ ls .ssh id_dsa       id_rsa             id_dsa.pub   id_rsa.pub      [oracle@sgdb1 ~]$ cat.ssh/id_rsa.pub >>.ssh/authorized_keys [oracle@sgdb1 ~]$ cat.ssh/id_dsa.pub >>.ssh/authorized_keys [oracle@sgdb1 ~]$ ssh sgdb2  cat .ssh/id_rsa.pub>>.ssh/authorized_keys oracle@sgdb2's password: [oracle@sgdb1 ~]$ ssh sgdb2  cat .ssh/id_dsa.pub>>.ssh/authorized_keys oracle@sgdb2's password:  oracle 的密碼

5.17 爲 sgdb2 配置信任

能夠把sgdb1中的authorized_keys（密鑰文件）複製到sgdb2中

[oracle@sgdb1 ~]$ scp.ssh/authorized_keys   sgdb2:~/.ssh oracle@sgdb2's password: oracle 的密碼

5.18 sgdb1 上驗證信任

[oracle@sgdb1 ~]$ ssh sgdb2 date [oracle@sgdb1 ~]$ ssh sgdb 2-privdate     // 私有 ip 地址驗證 [oracle@sgdb1 ~]$ ssh sgdb 1date [oracle@sgdb1 ~]$ ssh sgdb 1-privdate

5.19 sgdb2 上驗證信任

[oracle@sgdb2 ~]$ ssh sgdb1 date [oracle@sgdb2~]$ ssh sgdb 1-priv date     [oracle@sgdb2 ~]$ ssh sgdb2 date [oracle@sgdb2~]$ ssh sgdb2-priv date

5.2 Grid 用戶下創建信任

步驟同 oracle  同樣，可參考oracle用戶下設置

5.21 建立 .ssh 目錄

在grid用戶下操做：

[root@sgdb1 /]# su– grid [grid@sgdb1 ~]$mkdir .ssh       建立一個 .ssh 的隱藏目錄 [grid@sgdb1 ~]$ ls-al

5.22 sgdb1 生成密鑰 rsa 類型

id_rsa 爲私鑰，自動保存到 .ssh 下

id_rsa.pub 爲公鑰，自動保存到 .ssh 下

[grid@sgdb1 ~]$ ssh-keygen-t rsa      Generating public/private rsa key pair. Enter file in which to save the key(/home/oracle/.ssh/id_rsa):  enter              Enter passphrase (empty for no passphrase):  enter Enter same passphrase again:  enter Your identification has been saved in/home/oracle/.ssh/id_rsa. Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.            The key fingerprint is: 64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@sgdb1

5.23 sgdb1 生成密鑰 dsa 類型

id_dsa 爲私鑰，自動保存到 .ssh 下

id_dsa.pub 爲公鑰，自動保存到 .ssh 下

[grid@sgdb1 ~]$ ssh-keygen-t dsa     Generating public/private dsa key pair. Enter file in which to save the key(/home/oracle/.ssh/id_dsa): enter                         Enter passphrase (empty for no passphrase): enter Enter same passphrase again: enter Your identification has been saved in/home/oracle/.ssh/id_dsa. Your public key has been saved in/home/oracle/.ssh/id_dsa.pub.                 The key fingerprint is: 7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@sgdb1

5.24 sgdb2 生成密鑰 rsa 類型

id_rsa 爲私鑰，自動保存到 .ssh 下

id_rsa.pub 爲公鑰，自動保存到 .ssh 下

[root@sgdb2 ~]# su – grid [grid@sgdb2 ~]$ mkdir .ssh [grid@sgdb2 ~]$ ssh-keygen-t rsa      Generating public/private rsa key pair. Enter file in which to save the key(/home/oracle/.ssh/id_rsa):  enter              Enter passphrase (empty for no passphrase):  enter Enter same passphrase again:  enter Your identification has been saved in/home/oracle/.ssh/id_rsa. Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.            The key fingerprint is: 64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@sgdb1

5.25 sgdb2 生成密鑰 dsa 類型

id_dsa 爲私鑰，自動保存到 .ssh 下

id_dsa.pub 爲公鑰，自動保存到 .ssh 下

[grid@sgdb2 ~]$ ssh-keygen -t dsa     Generating public/private dsa key pair. Enter file in which to save the key(/home/oracle/.ssh/id_dsa): enter                         Enter passphrase (empty for no passphrase): enter Enter same passphrase again: enter Your identification has been saved in/home/oracle/.ssh/id_dsa. Your public key has been saved in/home/oracle/.ssh/id_dsa.pub.                 The key fingerprint is: 7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@sgdb1

5.26 爲 sgdb1 配置信任

[grid@sgdb1 ~]$ ls .ssh id_dsa       id_rsa             id_dsa.pub   id_rsa.pub      known_hosts [grid@sgdb1 ~]$ cat.ssh/id_rsa.pub >>.ssh/authorized_keys [grid@sgdb1 ~]$ cat.ssh/id_dsa.pub >>.ssh/authorized_keys [grid@sgdb1 ~]$ ssh sgdb2  cat .ssh/id_rsa.pub>>.ssh/authorized_keys grid@sgdb2's password: [grid@sgdb1 ~]$ ssh sgdb2  cat .ssh/id_dsa.pub >>.ssh/authorized_keys grid@sgdb2's password: grid 的密碼

5.27 爲 sgdb2 配置信任

能夠把sgdb1中的authorized_keys（密鑰文件）複製到sgdb2中

[grid@sgdb1 ~]$ scp.ssh/authorized_keys   sgdb2:~/.ssh grid@sgdb2's password: grid 的密碼 authorized_keys                             100% 1992     2.0KB/s  00:00

5.28 sgdb1 上驗證信任

[grid@sgdb1 ~]$ ssh sgdb2 date [grid@sgdb1 ~]$ ssh sgdb2-priv date     [grid@sgdb1 ~]$ ssh sgdb1 date [grid@sgdb1 ~]$ ssh sgdb 1-priv date

5.29 sgdb2 上驗證信任

[grid@sgdb2 ~]$ ssh sgdb1 date [grid@sgdb2~]$ ssh sgdb1-priv date     [grid@sgdb2 ~]$ ssh sgdb2 date [grid@sgdb2~]$ ssh sgdb2-priv date