在CentOS系统上如何配置rsh,rcp,scp多节点互通及相关排错
友情提醒:rsh的安全性是没有保证的,所有密码均使用明文传输,如果服务器有大量对外服务,建议不要使用此协议
我们在使用CentOS系统时候,安装RAC时,需要配置各个节点的互信关系,使rsh、rlogin、rcp等命令不需要输入密码可以操作其他节点。
除了按照管法rac安装文档中的方法配置ssh之外,还可以通过修改.rhosts等文件实现互信。在unix(如aix)中,
可以简单修改/etc/hosts.equiv实现,但是Linux中比较麻烦,需要一些其他的步骤,下面我们来演示在CentOS系统中配置方法:
一、CentOS系统时需要在各个节点上完成如下操作
检查在CentOS系统中rsh-server包是否已经安装
[root@rac1 ~]# rpm -qa|grep -i ^rsh-server rsh-server-0.17-40.el5 如果没有安装使用rpm -ivh 命令安装
确保/etc/xinetd.d/rlogin中存在disable = no这一行
[root@rac1 ~]# cat /etc/xinetd.d/rlogin
# default: on
# description: rlogind is the server for the rlogin(1) program. The server
# provides a remote login facility with authentication based on
# privileged port numbers from trusted hosts. service login
{disable = no
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rlogind}
确保/etc/xinetd.d/rsh中存在disable = no这一行
[root@rac1 ~]# cat /etc/xinetd.d/rsh
# default: on
# description: The rshd server is the server for the rcmd(3) routine and,
# consequently, for the rsh(1) program. The server provides
# remote execution facilities with authentication based on
# privileged port numbers from trusted hosts. service shell
{disable = no
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rshd}
在CentOS系统重启xinetd服务
[root@rac1 ~]# service xinetd restart Stopping xinetd: [ OK ] Starting xinetd: [ OK ]
在CentOS系统编辑/etc/securetty
确保存在rexec、rsh、rlogin三行
[ro
ot@rac1 ~]# cat /etc/securetty console vc/1 vc/2 vc/3 vc/4 vc/5 vc/6 vc/7 vc/8 vc/9 vc/10 vc/11 tty1 tty2 tty3 tty4 tty5 tty6 tty7 tty8 tty9 tty10 tty11 rexec rsh rlogin
在CentOS系统编辑/etc/hosts.equiv文件
如下所示
[root
@rac1 ~]# cat /etc/hosts.equiv +rac1 oracle +rac2 oracle +rac1-priv oracle +rac2-priv oracle +rac1 root +rac2 root +rac1-priv root +rac2-priv root
在CentOS系统编辑/etc/hosts文件
如下所示
[root@rac1 ~]# cat /etc/hosts # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost ::1 localhost6.localdomain6 localhost6 #public 192.168.2.101 rac1.localdomain rac1 192.168.2.102 rac2.localdomain rac2 #private 192.168.0.101 rac1-priv.localdomain rac1-priv 192.168.0.102 rac2-priv.localdomain rac2-priv #virtual 192.168.2.111 rac1-vip.localdomain rac1-vip 192.168.2.112 rac2-vip.localdomain rac2-vip
在CentOS系统编辑~/.rhosts
如下所示 [
root@rac1 ~]# cat ~/.rhosts rac1 root rac2 root rac1-priv root rac2-priv root
测试rlogin和rsh
是否可以不用输入密码登录其他节点
[root@rac1 ~]# rlogin rac2 connect to address 192.168.2.102 port 543: Connection refused Trying krb4 rlogin... connect to address 192.168.2.102 port 543: Connection refused trying normal rlogin (/usr/bin/rlogin) Last login: Wed Jan 13 08:39:17 from rac1 [root@rac2 ~]# hostname rac2.localdomain [root@rac2 ~]# exit logout rlogin: connection closed. [root@rac1 ~]# rsh rac2 connect to address 192.168.2.102 port 543: Connection refused Trying krb4 rlogin... connect to address 192.168.2.102 port 543: Connection refused trying normal rlogin (/usr/bin/rlogin) Last login: Wed Jan 13 08:47:22 from rac1 [root@rac2 ~]# hostname rac2.localdomain [root@rac2 ~]# exit logout rlogin: connection closed.
这样,我们就完成了在CentOS系统配置rsh,rcp,scp多节点互通,而且不需要密码。
二、相关排错
在多机集成环境中,Server将根据环境的配置与域内的Client协同工作,但是有些时候会出现一些让人摸不着头脑的错误。解决步骤如下:
- 注意,时候虽然进行了上述的配置,但是从客户端上进行连接的时候,仍然出现"No route to host"的错误?
解决方法:关闭防火墙。
- 在集群的所有节点都已经配置好了.rhosts和/etc/hosts的信息,并且rsh服务已经打开,防火墙已经关闭。rsh hostname已经通过测试,但是使用rsh hostname “rcmd” 来执行命令,未能通过。出现no route to host错误。
解决方法:关闭selinux
本文由主机测评网发布,不代表主机测评网立场,转载联系作者并注明出处:https://zhuji.jb51.net/yunwei/8318.html
