Re: slightly OT: passwordless ssh and Clusterware
Date: Fri, 26 Jul 2013 08:36:04 -0400
Message-ID: <20130726123604.290160_at_gmx.com>
Thanks Jared, et al,
I've been wanting that to be the fix since yesterday morning. Last night i played some more. When i do a diff between authorized_keys and id_rsa.pub, i can only see the other server's entry in authorized_keys. How it should be, i'd think. devdb01: more authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAm5z9G2R/OzRdGvkyKI2ai4VAow8DTEMZsEZtNR6YYkvp6KThJ8n8bbVfLZxQ3CnHoi4 0uM3ca02PKbk4IEmv5TVARv1Ya9djZORczYfqpNDGsLDSojZzJJZYeUHYDeVxnp9vO9Ua7SU5M3QGaOpsIQNWosi3CXpzinhURt5Ekc ta84WQUsb2tfhk698dQ8CCzVzYuNqSupMaeFo/U6UUc8c1lDgxL3azXmeCYmx4bfXUG57kAxgxQ0/DJSyPWVHpOoDhVh0yfXelE13is 0osWT9A27Se4jWxKrr+CcxsMWMlFz1uqtzoYbBfZyUtkexsFXhp9tLHOoa6X4qPyLfqnw== oly_db_admin_at_devdb01 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA060/VClzimwpiRAjx7KWl584A44i6ImdDWb4kaGJddn0AF9M27YgQW+GQPJhul8f5Ji Z2O+uW0tlH1ytO6I6RHSDTZK7//lc+Cf5AO7LYKDVUSVyaj11wKTLDTEMmYT9kFqZmb352ix6aY3xtujLIu8VTCOnleboWHV4IoxLRQ tf23/C+vr7SciJ9cq1+uj32BPzHG3pBhVXKPTfek2T5QxQf1+XjrKL6i6IRNzyMO+3eC+91g5pugIdt9K2ONaEoOGA5lvpWC6Pu+vjE G4tesbeM5+P3DIFnHPbeifRh4sKMkoxWD7Pu514Y48nlkTObJE4+K1+WiFMOeRFulk7hw== oly_db_admin_at_devdb02
devdb01: more id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAm5z9G2R/OzRdGvkyKI2ai4VAow8DTEMZsEZtNR6YYkvp6KThJ8n8bbVfLZxQ3CnHoi4
0uM3ca02PKbk4IEmv5TVARv1Ya9djZORczYfqpNDGsLDSojZzJJZYeUHYDeVxnp9vO9Ua7SU5M3QGaOpsIQNWosi3CXpzinhURt5Ekc
ta84WQUsb2tfhk698dQ8CCzVzYuNqSupMaeFo/U6UUc8c1lDgxL3azXmeCYmx4bfXUG57kAxgxQ0/DJSyPWVHpOoDhVh0yfXelE13is
0osWT9A27Se4jWxKrr+CcxsMWMlFz1uqtzoYbBfZyUtkexsFXhp9tLHOoa6X4qPyLfqnw== oly_db_admin_at_devdb01
devdb01: diff authorized_keys id_rsa.pub
2d1
< ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA060/VClzimwpiRAjx7KWl584A44i6ImdDWb4kaGJddn0AF9M27YgQW+GQPJhul8f5JiZ2O+uW0tlH1ytO6I6RHSDTZK7//lc+Cf5AO7LYKDVUSVyaj11wKTLDTEMmYT9kFqZmb352ix6aY3xtujLIu8VTCOnleboWHV4IoxLRQtf23/C+vr7SciJ9cq1+uj32BPzHG3pBhVXKPTfek2T5QxQf1+XjrKL6i6IRNzyMO+3eC+91g5pugIdt9K2ONaEoOGA5lvpWC6Pu+vjEG4tesbeM5+P3DIFnHPbeifRh4sKMkoxWD7Pu514Y48nlkTObJE4+K1+WiFMOeRFulk7hw== oly_db_admin_at_devdb02
devdb01: ssh devdb01 date
oly_db_admin_at_devdb01's password:
devdb01:
Here's another hook to this craziness. I can, since i started this, usually, ssh from node1 to node2 ... and from node2 to node2, no problem. The problem is going to node1. Is there some parameter file that i need to look at? The ssh versions are the same between these servers. What else do i need to look at, other then ssh-keygen and ssh-copy-id, anybody? Maybe something doesn't link up between how the two servers are configured?
Lyall Barbour
----- Original Message -----
From: Jared Still
Sent: 07/25/13 08:12 PM
To: lyallbarbour_at_sanfranmail.com
Subject: Re: slightly OT: passwordless ssh and Clusterware
On Thu, Jul 25, 2013 at 1:23 PM, Lyall Barbour <lyallbarbour_at_sanfranmail.com > wrote: > ssh from node1 to node2 works good, going from node2 to node1 works good. > But ssh from node1 to node1 or node2 to node2 doesn't work. Apparently 10g > didn't truely care about this, but 11g OUI definitely needs it. anybody > know how to really set this up? I've been Googling and ready Oracle docs > all days. Delete .ssh directories, running ssh-keygen and running > ssh-copy-id, sometimes i get one server to work fine, sometimes the other > server works, sometimes both do not work. Is there an order? Compare the public keys between nodes, they are probably different .( only 1 node is up on my RAC right now so cannot check) Here is one simple method to fix it. node1: append to the end of ~/.ssh/authorized_keys the value of the public key from the same directory this will be a file called either id_rsa.pub or id_dsa.pub, but probably an RSA key. node2: do the same as on node 1 Jared Still C ertifiable Oracle DBA and Part Time Perl Evangelist Oracle Blog: http://jkstill.blogspot.com Home Page: http://jaredstill.com -- http://www.freelists.org/webpage/oracle-l
-- http://www.freelists.org/webpage/oracle-lReceived on Fri Jul 26 2013 - 14:36:04 CEST