Monday, 31 March 2014

Configure SSH equivalence For Oracle RAC

SSH password less Equivalence  in RAC nodes are the most important things that count as pre reqs for installing Oracle RAC for more than one node for all RAC related users like oracle who is owner of database and grid who is owner of grid infrastructure. Oracle 11g includes automatic password less equivalence but as you guys know if it returns an error it is one of the most hillarious thing you can ever face before Installing Oracle RAC (click the link for step by step guide of installing Oracle RAC) and at that time you always go for manual way which was very very difficult for new comers so here the easy way to configure password less equivalence for users in Solaris and Linux based operating systems.





1.          Ensure that you can access all the nodes with SSH. OUI also requires that the user account running the Oracle RAC installation is permitted to set up password less SSH. Then grid and asm configuration requires grid user to establish password less authentication similarly for database software and database creation the oracle user is required to establish password less ssh equivalence. To configure and enable password less SSH, carry out following steps:

Name
Type
Home Directory
Primary Group
Grid
User
/export/home/grid
Oinstall
Oracle
User
/export/home/oracle
Oinstall


a.            Login from root user and perform the following directory creation before proceeding any further:-
(1)          -bash-3.2# cd /export/home/grid/
(2)          -bash-3.2# mkdir .ssh
(3)          -bash-3.2# chmod 775 .ssh/
(4)          -bash-3.2# chown grid:oinstall .ssh/
(5)          -bash-3.2# cd /export/home/oracle/
(6)          -bash-3.2# mkdir .ssh
(7)          -bash-3.2# chmod 775 .ssh/
(8)          -bash-3.2# chown oracle:oinstall .ssh/
(9)          Check permissions on the directories and subdirectories, the ownership and permissions must be assigned to the appropriate user before going any further because ssh setup will throw an error if proper permissions are not assigned, check by ls -al
b.            login from the user from which you want to establish password less equivalence
(1)          -bash-3.2# su – grid (or) su – oracle
(2)          cd /u01/app/source/11.2.3_SOARIS_64_SPARC/grid/sshsetup/ (change directory to the sshsetup directory in grid software location where you unzipped the source)
(3)          ./sshUserSetup.sh -user oracle -hosts "host1.DomainName host2.DomainName" -noPromptPassphrase –advanced (run the script with user name and node hostnames and execute it, the script while running will prompt for passwords 4xtimes to perform key exchange using SCP)
(4)          After completion check ssh from the user for which you performed the action, like e.g ssh host1.DomainName, the server shouldn’t ask for password. Similarly from the second node ssh to the primary node and confirm password less authentication.