SSH 建立用户等效性

在 rac1 上执行

rac1-> chmod 700 ~/.ssh

rac1-> ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/export/home/oracle/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /export/home/oracle/.ssh/id_rsa.

Your public key has been saved in /export/home/oracle/.ssh/id_rsa.pub.

The key fingerprint is:

87:54:4f:92:ba:ed:7b:51:5d:1d:59:5b:f9:44:da:b6
oracle@rac1.mycorpdomain.com

rac1-> ssh-keygen -t dsa

Generating public/private dsa key pair.

Enter file in which to save the key (/export/home/oracle/.ssh/id_dsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /export/home/oracle/.ssh/id_dsa.

Your public key has been saved in /export/home/oracle/.ssh/id_dsa.pub.

The key fingerprint is:

31:76:96:e6:fc:b7:25:04:fd:70:42:04:1f:fc:9a:26
oracle@rac1.mycorpdomain.com

在rac2 上执行

rac2-> mkdir ~/.ssh

rac2-> chmod 700 ~/.ssh

rac2-> ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/export/home/oracle/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /export/home/oracle/.ssh/id_rsa.

Your public key has been saved in /export/home/oracle/.ssh/id_rsa.pub.

The key fingerprint is:

29:5a:35:ac:0a:03:2c:38:22:3c:95:5d:68:aa:56:66
oracle@rac2.mycorpdomain.com

rac2-> ssh-keygen -t dsa

Generating public/private dsa key pair.

Enter file in which to save the key (/export/home/oracle/.ssh/id_dsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /export/home/oracle/.ssh/id_dsa.

Your public key has been saved in /export/home/oracle/.ssh/id_dsa.pub.

The key fingerprint is:

4c:b2:5a:8d:56:0f:dc:7b:bc:e0:cd:3b:8e:b9:5c:7c
oracle@rac2.mycorpdomain.com

在 rac1 上执行

rac1-> cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

rac1-> cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys

rac1-> ssh rac2 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

The authenticity of host 'rac2 (192.168.2.132)'
can't be established.

RSA key fingerprint is 63:d3:52:d4:4d:e2:cb:ac:8d:4a:66:9f:f1:ab:28:1f.

Are you sure you want to continue connecting
(yes/no)? yes

Warning: Permanently added 'rac2,192.168.2.132'
(RSA) to the list of known hosts.

oracle@rac2's password:

rac1-> ssh rac2 cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys

oracle@rac2's password:

rac1-> scp ~/.ssh/authorized_keys rac2:~/.ssh/authorized_keys

oracle@rac2's password:

authorized_keys                           100%
1716     1.7KB/s   00:00

在每个节点上测试连接。验证当您再次运行以下命令时，系统是否不提示您输入口令。

ssh rac1 date

ssh rac2 date

ssh rac1-priv date

ssh rac2-priv date

ssh rac1.mycorpdomain.com date

ssh rac2.mycorpdomain.com date

ssh rac1-priv.mycorpdomain.com date

ssh rac2-priv.mycorpdomain.com date