linux下Oracle11g RAC搭建（五）

四、建立主机间的信任关系（node1、node2）

建立节点之间oracle 、grid 用户之间的信任（通过ssh 建立公钥和私钥）

分别在node1和node2创建

=====Oracle用户=========================

在oracle用户下操作：

[root@node1 /]# su - oracle

[oracle@node1 ~]$ mkdir .ssh 创建一个.ssh的隐藏目录

[oracle@node1 ~]$ ls -al

total 44

-rw-r--r-- 1 oracle oinstall 33 Jul 12 17:05 .bash_logout

-rw-r--r-- 1 oracle oinstall 438 Jul 12 18:03 .bash_profile

drwxr-xr-x 4 oracle oinstall 4096 Jul 1217:05 .mozilla

drwx------ 2 oracle oinstall 4096 Jul 1218:05 .ssh

-rw------- 1 oracle oinstall 657 Jul 12 18:03 .viminfo

1）生成密钥对（rsa+dsa）（node1、node2）

node1生成密钥rsa类型

id_rsa为私钥，自动保存到.ssh下

id_rsa.pub为公钥，自动保存到.ssh下

[oracle@node1 ~]$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_rsa): enter

Enter passphrase (empty for nopassphrase): enter

Enter same passphrase again: enter

Your identification has been saved in/home/oracle/.ssh/id_rsa.

Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.

The key fingerprint is:

64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@node1

node1生成密钥dsa类型

id_dsa为私钥，自动保存到.ssh下

id_dsa.pub为公钥，自动保存到.ssh下

[oracle@node1 ~]$ ssh-keygen -t dsa

Generating public/private dsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_dsa): enter

Enter passphrase (empty for no passphrase):enter

Enter same passphrase again: enter

Your identification has been saved in/home/oracle/.ssh/id_dsa.

Your public key has been saved in/home/oracle/.ssh/id_dsa.pub.

The key fingerprint is:

7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@node1

node2生成密钥rsa类型

id_rsa为私钥，自动保存到.ssh下

id_rsa.pub为公钥，自动保存到.ssh下

[oracle@node2 asm]# su - oracle

[oracle@node2 ~]$ mkdir .ssh

[oracle@node2 ~]$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key(/home/oracle/.ssh/id_rsa): enter

Enter passphrase (empty for nopassphrase): enter

Enter same passphrase again: enter

Your identification has been saved in/home/oracle/.ssh/id_rsa.

Your public key has been saved in/home/oracle/.ssh/id_rsa.pub.

The key fingerprint is:

64:a6:4a:77:db:33:a4:aa:6e:ca:8f:5f:2f:77:0f:40oracle@node1

node2生成密钥dsa类型

id_dsa为私钥，自动保存到.ssh下

id_dsa.pub为公钥，自动保存到.ssh下

[oracle@node2 ~]$ ssh-keygen -tdsa

Generatingpublic/private dsa key pair.

Enter file inwhich to save the key (/home/oracle/.ssh/id_dsa): enter

Enter passphrase(empty for no passphrase): enter

Enter samepassphrase again: enter

Youridentification has been saved in /home/oracle/.ssh/id_dsa.

Your public keyhas been saved in /home/oracle/.ssh/id_dsa.pub.

The keyfingerprint is:

7c:41:b5:0f:81:06:ad:30:07:4f:8b:1a:9b:94:68:14oracle@node1

2）配置信任关系（node1、node2）

为node1配置信任

[oracle@node1 ~]$ ls .ssh

id_dsa id_rsa id_dsa.pub id_rsa.pub

//rsa和dsa为私钥 .pub的为公钥

//ssh下文件authorized_keys是专门存储公钥信息的

//把rsa、dsa类型的公钥文件都放入到authorized_keys文件里

// “ssh node2”命令代表登陆到节点2下操作

//把两种类型的公钥信息都放到节点2的authorized_keys文件里

[oracle@node1 ~]$ cat.ssh/id_rsa.pub >>.ssh/authorized_keys

[oracle@node1 ~]$ cat.ssh/id_dsa.pub >>.ssh/authorized_keys

[oracle@node1 ~]$ ssh node2 cat .ssh/id_rsa.pub>>.ssh/authorized_keys

oracle@node2's password:

[oracle@node1 ~]$ ssh node2 cat .ssh/id_dsa.pub>>.ssh/authorized_keys

oracle@node2's password: oracle的密码

为node2配置信任

可以把node1中的authoriz