ssh User equivalence

[[email protected] grid]$ ./runcluvfy.sh stage -pre crsinst -n RACG1,RACG2 -r 11gR2 -fixup -verbose

Performing pre-checks for cluster services setup

  Destination Node                      Reachable?
  ————————————  ————————
  RACG1                                 yes
  RACG2                                 yes
Result: Node reachability check passed from node “RACG1”

  Node Name                             Comment
  ————————————  ————————
  RACG1                                 failed
  RACG2                                 failed
Result: PRVF-4007 : User equivalence check failed for user “oracle”

User equivalence unavailable on all the specified nodes
Verification cannot proceed

Pre-check for cluster services setup was unsuccessful on all the nodes.

Setup ssh User equivalence in 11gR2

In new 11GR2 ssh User equivalence can be setup as below. 

total 40
drwxrwxrwx  9 oracle oinstall 4096 Apr  1 08:11 doc
drwxrwxrwx  4 oracle oinstall 4096 Apr  1 08:11 install
drwxrwxrwx  2 oracle oinstall 4096 Apr  1 08:11 response
drwxrwxrwx  2 oracle oinstall 4096 Apr  1 08:11 rpm
-rwxrwxrwx  1 oracle oinstall 3795 Apr  1 08:11 runcluvfy.sh
-rwxrwxrwx  1 oracle oinstall 3227 Apr  1 08:11 runInstaller
drwxrwxrwx  2 oracle oinstall 4096 Apr  1 09:05 sshsetup
drwxrwxrwx 14 oracle oinstall 4096 Apr  1 08:11 stage
-rwxrwxrwx  1 oracle oinstall 4228 Apr  1 08:11 welcome.html

cd sshsetup
./sshUserSetup.sh -user oracle -hosts NODE1,NODE2 -advanced -exverify -confirm

Below is method to setup ssh Manually step-by-step. 

ON NODE-1

TESTP1@:/home/oracle : $mkdir -p ~/.ssh
TESTP1@:/home/oracle : $chmod 700 ~/.ssh
TESTP1@:/home/oracle : $/usr/bin/ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
4a:3b:fe:ea:03:d3:cf:6f:d3:06:fb:1a:ed:1e:b0:6b [email protected]
TESTP1@:/home/oracle : $/usr/bin/ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_dsa.
Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
5e:cb:46:cc:d8:f1:01:44:3e:7a:20:eb:ce:5d:d4:15 [email protected]

ON NODE-2

TESTP2@:/home/oracle : $mkdir -p ~/.ssh
TESTP2@:/home/oracle : $chmod 700 ~/.ssh
TESTP2@:/home/oracle : $/usr/bin/ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
dc:4e:e7:c3:ee:71:84:e7:2e:72:99:3d:b0:0a:2b:f9 [email protected]
TESTP2@:/home/oracle : $/usr/bin/ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_dsa.
Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
5a:49:d4:e2:b9:5d:e9:f8:f5:bb:ce:7c:4b:f4:dd:6c [email protected]

ON NODE-1

TESTP1@:/home/oracle : $ssh TESTP1 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
The authenticity of host ‘testp1 (192.168.100.181)’ can’t be established.
RSA key fingerprint is 27:ac:4b:9a:e3:d2:ae:6d:2b:71:99:8d:b9:c0:b1:a7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘testp1,192.168.100.181’ (RSA) to the list of known hosts.
[email protected]’s password:
TESTP1@:/home/oracle : $ssh TESTP1 cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
TESTP1@:/home/oracle : $scp /home/oracle/.ssh/authorized_keys [email protected]:~/.ssh/
[email protected]’s password:
authorized_keys                                                                                                          100% 1030     1.0KB/s   00:00

ON NODE-2

TESTP2@:/home/oracle/.ssh : $ssh TESTP2 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
The authenticity of host ‘testp2 (192.168.100.182)’ can’t be established.
RSA key fingerprint is 27:ac:4b:9a:e3:d2:ae:6d:2b:71:99:8d:b9:c0:b1:a7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘testp2,192.168.100.182’ (RSA) to the list of known hosts.
[email protected]’s password:
TESTP2@:/home/oracle/.ssh : $ssh TESTP2 cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
TESTP2@:/home/oracle/.ssh : $scp /home/oracle/.ssh/authorized_keys [email protected]:~/.ssh/
The authenticity of host ‘testp1 (192.168.100.181)’ can’t be established.
RSA key fingerprint is 27:ac:4b:9a:e3:d2:ae:6d:2b:71:99:8d:b9:c0:b1:a7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘testp1,192.168.100.181’ (RSA) to the list of known hosts.
[email protected]’s password:
authorized_keys                                                                                                          100% 2060     2.0KB/s   00:00

–Confirm ssh on both Nodes. 

TESTP1@:/home/oracle : $ssh TESTP2 date
Mon Aug  6 09:20:48 EDT 2012
TESTP1@:/home/oracle : $ssh TESTP1 date
Mon Aug  6 09:20:43 EDT 2012

TESTP2@:/home/oracle/.ssh : $ssh TESTP2 date
Mon Aug  6 09:20:37 EDT 2012
TESTP2@:/home/oracle/.ssh : $ssh TESTP1 date
Mon Aug  6 09:20:31 EDT 2012

Share this post: on Twitter on Facebook on Google+