Friday, June 29, 2018

Passwordless ssh configuration for ORACLE RAC

                                         



While doing oracle RAC configuration on AIX 6.1 TL 08 ,oracle RAC admin  team had requested some prerequisite and one of them is to configure password less configuration between 2 user of oracle RAC. These 2 user exist on 2 different AIX LPAR.

Here is the scenario,
There are 2 AIX LPAR, where oracle RAC DBA going to configure ORACLE RAC cluster.
Hostname are 
1.aixorarac1
2.aixorarac2
and  user  is "racora" on both AIX node.AIX OS team going to configure password less ssh .
you must be wondered why need password less configuration for oracle RAC ???
Answer to this query is ,it is one of the mandatory prerequisite before doing oracle RAC configuration on AIX or Linux server.

While doing oracle RAC configuration oracle RAC admin stuck with error,password less connection not working for user "racora" .After this he contacted our team and request to sort out this issue.
we immediately copied public key of user "racora" from  aixorarac1 to aixorarac2 in .ssh path of user "racora" on 2nd node.when again installation started for oracle RAC again getting error that password less connection from aixorarac1 to aixorarac2 is ok but from aixorarac2 to aixorarac1 is not correct.
So here we got that we need to configure both way password less communication for oracle RAC user "racora".

Lets see how to configure both way passoword less communication for "racora" user on 2 AIX node which going to host oracle RAC cluster.
Passwordless ssh configuration for oeacle node aixorarac1 and aixorarac2
=============================================================

Steps :
Login to aixorarac1 using user "racora" and execute following command,
aixorarac1#ssh-keygen -t rsa (execute same command on aixorarac2)  //perform this step on both node then proceed for next part.

aixorarac1#cd .ssh (.ssh permission must be 700)
aixorarac1#cat id_rsa.pub >> authorized_keys
aixorarac1#scp authorized_keys aixorarac2:/home/racora/.ssh

============================================================
Now switch to aixorarac2

steps:
aixorarac2#cd .ssh (.ssh permission must be 700)
aixorarac2#cat id_rsa.pub >> authorized_keys
aixorarac2#scp authorized_keys aixorarac1:/home/racora/.ssh

Here what we done is ,First generated rsa key on both node,
Then added id_rsa.pub to authorized_keys file on aixorarac1.
Then SCP authorized_keys file to aixorarac2 home directory "aixorarac2:/home/racora/.ssh."

Then on node aixorarac2 added public key to authorized_keys by command cat id_rsa.pub >> authorized_keys and scp that file to aixorarac1.
So in this way on aixorarac2 home directory(aixorarac2:/home/racora/.ssh) we having authorized_keys file which contain both AIX node public key and same file we copied to “aixorarac1.
after this we simply tested whether passwordless connection is working or not from both end by following command,

aixorarac1# ssh aixorarac2 date
Fri Jun 29 11:11:31 UTC 2018

================================
aixorarac2#ssh aixorarac1 date
Fri Jun 29 11:11:50 UTC 2018
After executing above both command on oracle RAC cluster output  must show date without asking for password.

That’s all  ,Needed to configure password less connection between 2 oracle RAC node on AIX .


Thanks !!!

1 comment: