Establish Passwordless SSH connection between RAC DB nodes

Establish Passwordless SSH connection between RAC DB nodes

Establish Passwordless SSH connection between RAC DB nodes in EXADATA

EXADATA: How to configure ssh for current user on a list of nodes (Doc ID 1923785.1)

Manual Steps:

1. Oracle OS user orasnap newly created on all the RAC DB nodes
--- Please refer my other blog for how to create OS users in linux

2. Create a file with all the RAC DB nodes. 

[orasnap@npexdbadm01 ~]$ cat dbs_group 
npexdbadm01
npexdbadm02

3. Check for is Public key id_rsa.pub exist for a user or not under /<HOME DIR>/.ssh on all the nodes

[orasnap@npexdbadm01 .ssh]$ ls -ltrh
total 16K
-rw-r--r-- 1 orasnap dba  416 May 22 05:29 id_rsa.pub
-rw------- 1 orasnap dba 1.7K May 22 05:29 id_rsa
-rw-r--r-- 1 orasnap dba  810 May 22 05:30 known_hosts
-rw-r--r-- 1 orasnap dba 1.3K May 22 05:37 authorized_keys
[orasnap@npexdbadm01 .ssh]$

If id_rsa.pub key is not available then only perform the bellow steps otherwise move to step 4

To generate new public keys:

[orasnap@npexdbadm01 ~]$ ssh-keygen   -t    rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/orasnap/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/orasnap/.ssh/id_rsa.
Your public key has been saved in /home/orasnap/.ssh/id_rsa.pub.
The key fingerprint is:
dd:b5:8c:be:0f:38:2a:59:08:3c:bc:e1:ad:10:51:2a orasnap@npexdbadm01.r02.xlgs.local
The key's randomart image is:
+--[ RSA 2048]----+
|   ..            |
|  ..             |
|E .+          .  |
| .. *    . . + . |
|   o * .S . o o  |
|  . o o .  o     |
|   . . o  o o    |
|    . o  . . o   |
|       ..   ...  |
+-----------------+


4. Pass the public key id_rsa.pub to all other cluster nodes. 

Exadata: 

[orasnap@npexdbadm01 ~]$ dcli -g /home/orasnap/dbs_group -l orasnap -k -s '-o StrictHostKeyChecking=no'
oragold@npexdbadm01's password: 
oragold@npexdbadm02's password: 
npexdbadm01: ssh key added
npexdbadm02: ssh key added
[orasnap@npexdbadm01 ~]$ 

Non-Exadata:

Copy content of id_rsa.pub from node1 and paste if under the file authorized_keys for all other cluster nodes

[orasnap@npexdbadm02 .ssh]$ ls -ltr 
total 16
-rw------- 1 orasnap dba 1675 May 22 05:31 id_rsa
-rw-r--r-- 1 orasnap dba  416 May 22 05:31 id_rsa.pub
-rw-r--r-- 1 orasnap dba  810 May 22 05:31 known_hosts
-rw-r--r-- 1 orasnap dba 1245 May 22 05:37 authorized_keys

Note:
We need to perform these above steps on all the cluster nodes.

5. Verification:

Test the password less verification

[orasnap@npexdbadm01 ~]$ ssh npexdbadm01
Last login: Tue May 22 05:39:22 2018 from npexdbadm02.r02.xlgs.local
[orasnap@npexdbadm01 ~]$ ssh npexdbadm02
Last login: Tue May 22 05:37:41 2018 from npexdbadm02.r02.xlgs.local
[orasnap@npexdbadm02 ~]$


[orasnap@npexdbadm02 ~]$ ssh npexdbadm02
Last login: Wed Jun  6 10:14:14 2018 from npexdbadm01.r02.xlgs.local
[orasnap@npexdbadm02 ~]$ ssh npexdbadm01
Last login: Wed Jun  6 10:14:06 2018 from npexdbadm01.r02.xlgs.local
[orasnap@npexdbadm01 ~]$


Auto Steps:

For automatic setup the password please refer the below document for the setting up passwordless SSH equivalence – Applicable for EXADATA machines only

EXADATA: How to configure ssh for current user on a list of nodes (Doc ID 1923785.1)

Regards,

Mallik