By: David Rincon
Oracle requires ssh to be configured so to allow logins between cluster nodes without passwords or pass phrases. If this presents a security risk then an ssh agent must be installed in order to provide secured connections via password and pass phrase authentication. This section only describes ssh configuration using rsa keys. As the oracle software owner login to each server and perform the following steps :
- From the /home/oracle directory execute ssh-keygen –t rsa. Simply hit enter and take the default value for the id_rsa.pub file location, do not supply a password or pass phrase at the individual prompts. Ssh-keygen will generate the id_rsa.pub file into a hidden directory (.ssh), if the directory does not exist it will be automatically created. Perform this step on all cluster nodes.
- On each cluster node copy the contents of the id_rsa.pub into the /home/oracle/.ssh/authorized_keys file. Copy the id_rsa.pub file into NODE1’s authorized_keys file, NODE2’s, NODE3’s and so on. Repeat this process on NODE2 by copying NODE2’s id_rsa.pub file into it’s authorized keys and then into NODE1’s and NODE3’s authorized_keys file.
SSH public key propagation schema. Copy the contents of each nodes’ id_rsa.pub file into each nodes authorized_keys file. Remember to copy the id_rsa.pub into
the source node itself. The following figure illustrates the process of enabling ssh public keys across a three node cluster.