Feb 23 2020

Setup Password less connection using SSH for User Equivalence on Linux

Setup SSH (Key-Based Authentication)

Password less connectivity is required for RAC setup. Sometimes need to send files from one server to another using script with scheduler job. For this kind of tasks, password less connectivity is required. Password less connectivity can setup one direction (from server A -> B) or both directions (From Server A -> Server B or vs).

Execute following command on both Nodes:

[oracle@racdr1 ~]$ whoami
oracle
[oracle@racdr1 ~]$ pwd
/home/oracle
[oracle@racdr1 ~]$ mkdir ~/.ssh
[oracle@racdr1 ~]$ chmod 700 ~/.ssh
# # Accept the default settings. Press Enter 
[oracle@racdr1 ~]$ /usr/bin/ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
b3:3b:0f:72:15:71:d7:b6:f9:cc:2f:6e:0a:76:79:6e oracle@racdr1
[oracle@racdr1 ~]$ cd .ssh
# id_rsa.pub is public KEY and id_rsa is private KEY
[oracle@racdr1 .ssh]$ ls -lrt
-rw-r--r-- 1 oracle oinstall  395 Jun 23 00:02 id_rsa.pub
-rw------- 1 oracle oinstall 1675 Jun 23 00:02 id_rsa

Generate Authorized KEY file on Node 1 and copy to Node 2. 

oracle@racdr1 ~]$ cd ~/.ssh
[oracle@racdr1 .ssh]$ pwd
/home/oracle/.ssh
[oracle@racdr1 .ssh]$ cat id_rsa.pub >> authorized_keys
[oracle@racdr1 .ssh]$ ls -lrt
-rw-r--r-- 1 oracle oinstall  395 Jun 23 00:02 id_rsa.pub
-rw------- 1 oracle oinstall 1675 Jun 23 00:02 id_rsa
-rw-r--r-- 1 oracle oinstall  395 Jun 23 00:09 authorized_keys
[oracle@racdr1 .ssh]$ scp authorized_keys oracle@racdr2:/home/oracle/.ssh

Generate Authorized KEY file on Node 2 and copy to Node 1. 

oracle@racdr2 ~]$ cd ~/.ssh
[oracle@racdr2 .ssh]$ pwd
/home/oracle/.ssh
[oracle@racdr2 .ssh]$ cat id_rsa.pub >> authorized_keys
[oracle@racdr2 .ssh]$ ls -lrt
-rw-r--r-- 1 oracle oinstall  395 Jun 23 00:02 id_rsa.pub
-rw------- 1 oracle oinstall 1675 Jun 23 00:02 id_rsa
-rw-r--r-- 1 oracle oinstall  395 Jun 23 00:09 authorized_keys
[oracle@racdr2 .ssh]$ scp authorized_keys oracle@racdr1:/home/oracle/.ssh

You should able to connect from one to another node without password

[oracle@racdr2 .ssh]$ ssh racdr1
Last login: Tue Jun 23 00:20:49 2020 from racdr2.localdomain
[oracle@racdr1 ~]$ ssh racdr2
Last login: Tue Jun 23 00:20:57 2020 from racdr1.localdomain

[oracle@racdr1 ~]$ ssh racdr1
Last login: Tue Jun 23 00:34:00 2020 from racdr1.localdomain
[oracle@racdr2 ~]$ ssh racdr2
Last login: Tue Jun 23 00:35:00 2020 from racdr2.localdomain