在N多年前,搭建Oracle RAC环境的时候,其中有一项非常艰巨的任务就是配置节点服务器的互信关系,每次到了这个部分的时候就有点晕,因为文件需要在两个节点间拷过来,拷过去。 每次到了这个部分,就需要打开我的攻略笔记,然后严格按照上面的步骤来完成。到了OCM考试的时候,当时Oracle是提供了一个建立互信关系的脚本,直 接运行即可。搭建的过程省事不少。到了11g的RAC搭建中,在检查项中有一个就是建立互信关系,只需要在界面上点击即可完成。可见互信关系的建立过程是 越来越简化了。
#!/bin/sh
# Shell script to install your public key on a remote machine
# Takes the remote machine name as an argument.
# Obviously, the remote machine must accept password authentication,
# or one of the other keys in your ssh-agent, for this to work.
ID_FILE="${HOME}/.ssh/id_rsa.pub"
if [ "-i" = "$1" ]; then
shift
# check if we have 2 parameters left, if so the first is the new ID file
if [ -n "$2" ]; then
if expr "$1" : ".*\.pub" > /dev/null ; then
ID_FILE="$1"
else
ID_FILE="$1.pub"
fi
shift # and this should leave $1 as the target name
fi
else
if [ x$SSH_AUTH_SOCK != x ] ; then
GET_ID="$GET_ID ssh-add -L"
fi
fi
if [ -z "`eval $GET_ID`" ] && [ -r "${ID_FILE}" ] ; then
GET_ID="cat ${ID_FILE}"
fi
if [ -z "`eval $GET_ID`" ]; then
echo "$0: ERROR: No identities found" >&2
exit 1
fi
if [ "$#" -lt 1 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
echo "Usage: $0 [-i [identity_file]] [user@]machine" >&2
exit 1
fi
{ eval "$GET_ID" ; } | ssh $1 "umask 077; test -d ~/.ssh || mkdir ~/.ssh ; cat >> ~/.ssh/authorized_keys && (test -x /sbin/restorecon && /sbin/restorecon ~/.ssh ~/.ssh/authorized_keys >/dev/null 2>&1 || true)" || exit 1
cat <<EOF
Now try logging into the machine, with "ssh '$1'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
EOF
其实看完之后,发现里面确实有不少的内容,命令格式,新的命令都值得学习。
restorecon命令用来恢复SELinux文件属性即恢复文件的安全上下文。
扫一扫
375
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
