System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

SSH Publickey Authentication Fails

 
Highlighted
New Member

SSH Publickey Authentication Fails

SSH Publickey Authentication fails on Enterprise LINUX AS release 4 update 6
Kernel Version (2.6.9-67.0.0.0.1.ELhugemem)

The following attachment has the information when trying to connect to SSH on the same host before trying to connect to the another host, i am trying to implement RAC on NFS and for this i need this SSH publickey authentication to work fine for the ORACLE software can be installed without any problem.



8 REPLIES 8
Highlighted
Exalted Contributor

Re: SSH Publickey Authentication Fails

Shalom,

This is almost always ownership and permissions.

/home directory must be owned by target user.

.ssh directory must be owned by target user and have correct permissions.

http://www.hpux.ws/?p=10

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Highlighted
Honored Contributor

Re: SSH Publickey Authentication Fails

> The following attachment [...]

???

> This is almost always [...]

Your psychic powers must be greater than
mine. I've seen other kinds of problems,
such as mismatched key file formats, more
than I have ownership and permission
problems. When I _have_ seen ownership and
permission problems, I've usually seen error
messages which identify them pretty well.
Highlighted
Trusted Contributor

Re: SSH Publickey Authentication Fails

Also, I've seen a case where having /home or /home/user be a symlink to another location causes sshd by default to distrust the keys.

Just one more thing to look at.
Highlighted
Valued Contributor

Re: SSH Publickey Authentication Fails

Hi avskiran,

besides of your ssh problem, even if you do not explain what is your target I would never put ORACLE/RAC on NFS!

the biggest issue is (un)reliability of NFS and second one NFS performance. I would be surprised if it was supported by ORACLE at all.

try to looks rather for OCFS (ORACLE cluster file system.


emha.
Highlighted
Trusted Contributor

Re: SSH Publickey Authentication Fails

emha,

Oracle over NFS is supported by Oracle. It basically uses NFS with DIO to store datafiles. It is tested and supported by Oracle and HP both. If properly set up, it is very reliable.
Highlighted
Valued Contributor

Re: SSH Publickey Authentication Fails

Hi macosta,

ok, one always learns something new...

could you provide a link where ORACLE explicitly state this?

Because install guide (http://download.oracle.com/docs/cd/B19306_01/install.102/b15674/install_overview.htm#sthref70) says

[CIT]
Oracle Database 10g must be able to verify that writes to a disk are completed successfully. NFS file systems, including file systems on NAS devices, may not be able to guarantee that writes to a disk are completed successfully, and this may lead to possible data file corruption. Oracle recommends that you do not store files on NFS mounted file systems unless the storage vendor and storage device are listed in the Oracle Storage Compatibility Program list. This list is available from the following Web site
[/CIT]

and on the provided link to OSCP there is just a message that OSCP program has been discontinued and is moreless on customer responsibility that he is aware all the possible issues.

emha.
Highlighted
Trusted Contributor

Re: SSH Publickey Authentication Fails

We're getting off-topic here, but a simple search brings up an Oracle whitepaper of their DNFS implementation:
http://www.oracle.com/technology/deploy/performance/pdf/directnfsclient_11gr1_twp.pdf

Also, HP has an Oracle-validated product that does just this:
http://h18006.www1.hp.com/products/storage/software/polyserve/fs_utility/oracle/index.html

I would like to hear if the OP has resolved the ssh issues.
Highlighted
Honored Contributor

Re: SSH Publickey Authentication Fails

> I would like to hear if the OP has
> resolved the ssh issues.

I'd settle for a clear explanation of what
the original problem was. But my
expectations are low.