If you're wanting RAC1 to trust RAC2 then the "${HOME}/.ssh/authorized_keys" file on RAC1 needs to contain the *.pub that was generated on RAC2. What I usually do is: RAC1: ssh-keygen -t rsa ssh-keygen -t dsa cd ${HOME}/.ssh cp id_rsa.pub id_rsa_oracle@xxxxxxxx cp id_dsa.pub id_dsa_oracle@xxxxxxxx scp ${HOME}/.ssh/id_?sa_oracle@xxxxxxxx oracle@rac2:.ssh/. RAC2: ssh-keygen -t rsa ssh-keygen -t dsa cd ${HOME}/.ssh cp id_rsa.pub id_rsa_oracle@xxxxxxxx cp id_dsa.pub id_dsa_oracle@xxxxxxxx scp ${HOME}/.ssh/id_?sa_oracle@xxxxxxxx oracle@rac1:.ssh/. Once you've done that: RAC1: cat id_?sa_oracle@xxxxxxxx >>authorized_keys RAC2: cat id_?sa_oracle@xxxxxxxx >>authorized_keys Your trusiting relationship should be established at this point. -- James On 2/14/08, Pedro Espinoza <raindoctor@xxxxxxxxx> wrote: > If you don't want to proect the private key without passphrase, you > dont need worry anything. That is, you dont need to run ssh-agent, nor > do you need to load the private keys to that ssh-agent. > > > However, if you want to protect using a private key, you gott export > that socket id, and agent pid. Doing the latter requires some > scripting, some changes to .profile of that oracle user. > > You can use the script at > http://mah.everybody.org/docs/ssh > > Or, you can use the big shell script called keychain developed by gentoo > http://pkgsrc.se/security/keychain > > > > > > > > > > > > On Thu, Feb 14, 2008 at 12:30 AM, Sridhar <sridhara.m@xxxxxxxxxxxx> wrote: > > > > > > > > > > Hi Kathy/Atul, > > > > > > > > I am configuring 10g RAC on vmware (RHEL AS4 & 2 nodes).When I am > > configuring ssh without password I am unable to do so. > > > > Please see the steps I followed > > > > rac1 > > > > cd /home/oracle/ > > > > mkdir .ssh > > > > chmod 700 .ssh > > > > cd .ssh > > > > ssh-keygen rsa > > > > ssh-keygen dsa > > > > > > > > Performed same steps on rac2 > > > > > > > > then at rac1 > > > > touch authorized_keys > > > > ssh rac1 cat /home/oracle/.ssh/id_rsa.pub >> authorized_keys > > > > --followed steps > > > > ssh rac1 cat /home/oracle/.ssh/id_dsa.pub >> authorized_keys > > > > --followed steps > > > > ssh rac2 cat /home/oracle/.ssh/id_rsa.pub >> authorized_keys > > > > --followed steps > > > > ssh rac2 cat /home/oracle/.ssh/id_dsa.pub >> authorized_keys > > > > chmod 644 ~/.ssh/authorized_keys > > > > > > > > performed the same steps at rac2 > > > > > > > > --establish user equivalency > > > > as oracle user > > > > exec /usr/bin/ssh-agent $SHELL > > > > /usr/bin/ssh-add > > > > > > > > then i typed > > > > at rac1 > > > > ssh rac1 date --asking me the password (without password if i enter it is > > asking me password > > > > ssh rac2 date --- same above > > > > at rac2 > > > > > > > > ssh rac1 date --same above > > > > ssh rac2 date --same above > > > > > > > > Any good suggestion (I can use rsh/rcp) to resolve ssh without password. > > > > > > > > Thanks in advance, > > > > Dr.M.Sridhar > > > > Team Lead > > > > Vertex Computer Systems > > -- ---------------------------------------------------------------------- James J. Morrow | Senior Oracle Applications DBA | Solution Beacon, LLC jmorrow <at> solutionbeacon <dot> com morrow.james <at> gmail <dot> com http://www.solutionbeacon.com http://www.solutionbeaconfoundation.com