Oracle 10g RAC on ESXi3 using SLES9 SP5 – Part 5
Configuring SSH access for the oracle user for Remote installation
Login as the oracle user and generate keys for ssh authentication without passwords.
I usually check the /etc/ssh/sshd_config file to make sure I have the proper configuration in place.
I usually disable the DNS check since it causes the ssh to timeout.
UseDNS no
Now I will generate the ssh keys with no password
oracle@rac01:~> /usr/bin/ssh-keygen -t dsa -b 1024
Generating public/private dsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_dsa):
Created directory ‘/home/oracle/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_dsa.
Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
01:32:45:20:27:f4:b8:3c:7d:5b:a3:df:c3:51:c4:4b oracle@rac01
Use the same command on rac02 node to generate a key pair without password
oracle@rac02:~> /usr/bin/ssh-keygen -t dsa -b 1024
Generating public/private dsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_dsa):
Created directory ‘/home/oracle/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_dsa.
Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
01:32:45:20:27:f4:b8:3c:7d:5b:a3:df:c3:51:c4:4b oracle@rac02
oracle@rac01:~> ssh rac02 “cat ~/.ssh/id_dsa.pub” >> ~/.ssh/authorized_keys
oracle@rac01:~> ssh rac01 “cat ~/.ssh/id_dsa.pub” >> ~/.ssh/authorized_keys
oracle@rac01:~> scp ~/.ssh/authorized_keys >> rac02:/home/oracle/.ssh/
The above commands will create an authorized_keys file that contains the public dsa keys from both nodes and will copy the file on the second node.
Here is the time to test the SSH connectivity between the 2 nodes.
It is good to test with the public and private entries present in your /etc/hosts file as follows:
oracle@rac01:~> ssh rac01 date
oracle@rac01:~> ssh rac02 date
oracle@rac01:~> ssh rac01.searchdomain date
oracle@rac01:~> ssh rac02.searchdomain date
oracle@rac01:~> ssh rac01-priv date
oracle@rac01:~> ssh rac02-priv date
oracle@rac01:~> ssh rac01-priv.searchdomain date
oracle@rac01:~> ssh rac02-priv.searchdomain date
You should do the same thing from the node rac02:
oracle@rac02:~> ssh rac01 date
oracle@rac02:~> ssh rac02 date
oracle@rac02:~> ssh rac01.searchdomain date
oracle@rac02:~> ssh rac02.searchdomain date
oracle@rac02:~> ssh rac01-priv date
oracle@rac02:~> ssh rac02-priv date
oracle@rac02:~> ssh rac01-priv.searchdomain date
oracle@rac02:~> ssh rac02-priv.searchdomain date
The reason is to make sure you add the hostnames to the known_hosts file of the ssh client.
This will save you trouble when installing clusterware since it is using the ssh connectivity to install the software on all cluster nodes.
Overview of the required Directories of the Oracle Database Software
I will be following the Optimal Flexible Architecture (OFA) recommendations.
Oracle Base Directory (ORACLE_BASE) : /u01/app/oracle (/mount_point/app/oracle_user)
Oracle Inventory Directory : ORACLE_BASE/oraInventory (/mount_point/app/oracle_user/oraInventory)
Oracle Clusterware home directory: /u01/crs1020
In this example the u01 folder should be owned by root and writable by the orainstall group
Oracle Home Directory: ORACLE_BASE/product/10.2.0/db_1
Oracle ASM home directory: ORACLE_BASE/product/10.2.0/asm
In my next post I will be dealing with the Linux OS Parameters