Storage Foundation for Oracle® RAC 7.4.1 Configuration and Upgrade Guide - Solaris

Last Published:
Product(s): InfoScale & Storage Foundation (7.4.1)
Platform: Solaris
  1. Section I. Configuring SF Oracle RAC
    1. Preparing to configure SF Oracle RAC
      1.  
        About this document
      2. I/O fencing requirements
        1.  
          Coordinator disk requirements for I/O fencing
        2.  
          CP server requirements
      3. About planning to configure I/O fencing
        1.  
          Typical SF Oracle RAC cluster configuration with disk-based I/O fencing
        2.  
          Typical SF ORACLE RAC cluster configuration with server-based I/O fencing
        3.  
          Recommended CP server configurations
        4.  
          Preparing to configure server-based fencing for SF Oracle RAC
    2. Configuring SF Oracle RAC using the script-based installer
      1. Configuring the SF Oracle RAC components using the script-based installer
        1. Configuring the SF Oracle RAC cluster
          1.  
            Configuring the cluster name
          2.  
            Configuring private heartbeat links
          3.  
            Configuring the virtual IP of the cluster
          4. Configuring SF Oracle RAC in secure mode
            1.  
              Setting up trust relationships for your SF Oracle RAC cluster
          5. Configuring a secure cluster node by node
            1.  
              Configuring the first node
            2.  
              Configuring the remaining nodes
            3.  
              Completing the secure cluster configuration
          6.  
            Adding VCS users
          7.  
            Configuring SMTP email notification
          8.  
            Configuring SNMP trap notification
          9.  
            Configuring global clusters
        2.  
          Creation of SF Oracle RAC configuration files
        3.  
          Stopping and starting SF Oracle RAC processes
      2. Setting up disk-based I/O fencing using installer
        1.  
          Initializing disks as VxVM disks
        2.  
          Identifying disks to use as coordinator disks
        3. Checking shared disks for I/O fencing
          1.  
            Verifying Array Support Library (ASL)
          2.  
            Verifying that the nodes have access to the same disk
          3.  
            Testing the disks using vxfentsthdw utility
        4.  
          Configuring disk-based I/O fencing using installer
        5.  
          Refreshing keys or registrations on the existing coordination points for disk-based fencing using the installer
      3. Setting up server-based I/O fencing using installer
        1.  
          Refreshing keys or registrations on the existing coordination points for server-based fencing using the installer
        2. Setting the order of existing coordination points for server-based fencing using the installer
          1.  
            About deciding the order of existing coordination points
          2.  
            Setting the order of existing coordination points using the installer
      4.  
        Configuring SFDB
    3. Performing an automated SF Oracle RAC configuration
      1.  
        Configuring SF Oracle RAC using response files
      2.  
        Response file variables to configure SF Oracle RAC
      3.  
        Sample response file for configuring SF Oracle RAC
      4.  
        Configuring I/O fencing using response files
      5.  
        Response file variables to configure disk-based I/O fencing
      6.  
        Sample response file for configuring disk-based I/O fencing
      7.  
        Configuring CP server using response files
      8.  
        Response file variables to configure CP server
      9.  
        Sample response file for configuring the CP server on SFHA cluster
      10.  
        Response file variables to configure server-based I/O fencing
      11.  
        Sample response file for configuring server-based I/O fencing
  2. Section II. Post-installation and configuration tasks
    1. Verifying the installation
      1.  
        Performing a postcheck on a node
      2.  
        Verifying SF Oracle RAC installation using VCS configuration file
      3. Verifying LLT, GAB, and cluster operation
        1.  
          Verifying LLT
        2.  
          Verifying GAB
        3.  
          Verifying the cluster
        4.  
          Verifying the cluster nodes
    2. Performing additional post-installation and configuration tasks
      1.  
        Setting the environment variables for SF Oracle RAC
      2.  
        About enabling LDAP authentication for clusters that run in secure mode
      3. About configuring authentication for SFDB tools
        1.  
          Configuring vxdbd for SFDB tools authentication
      4.  
        Configuring Volume Replicator
      5.  
        Running SORT Data Collector to collect configuration information
      6.  
        Changing root user into root role
  3. Section III. Upgrade of SF Oracle RAC
    1. Planning to upgrade SF Oracle RAC
      1.  
        About the upgrade
      2.  
        Supported upgrade paths
      3.  
        Creating backups
      4.  
        Considerations for upgrading SF Oracle RAC to 7.4.1 on systems configured with an Oracle resource
      5.  
        Using Install Bundles to simultaneously install or upgrade full releases (base, maintenance, rolling patch), and individual patches
    2. Performing a full upgrade of SF Oracle RAC using the product installer
      1.  
        About full upgrades
      2.  
        Preparing to perform a full upgrade to SF Oracle RAC 7.4.1
      3. Upgrading to SF Oracle RAC 7.4.1
        1.  
          Upgrading SF Oracle RAC using the Veritas installation program
        2.  
          Upgrading SFDB
    3. Performing an automated full upgrade of SF Oracle RAC using response files
      1.  
        Upgrading SF Oracle RAC using a response file
      2.  
        Response file variables to upgrade SF Oracle RAC
      3.  
        Sample response file for upgrading SF Oracle RAC
    4. Performing a phased upgrade of SF Oracle RAC
      1.  
        About phased upgrade
      2. Performing a phased upgrade of SF Oracle RAC from version 6.2.1 and later release
        1.  
          Step 1: Performing pre-upgrade tasks on the first half of the cluster
        2.  
          Step 2: Upgrading the first half of the cluster
        3.  
          Step 3: Performing pre-upgrade tasks on the second half of the cluster
        4.  
          Step 4: Performing post-upgrade tasks on the first half of the cluster
        5.  
          Step 5: Upgrading the second half of the cluster
        6.  
          Step 6: Performing post-upgrade tasks on the second half of the cluster
    5. Performing a rolling upgrade of SF Oracle RAC
      1.  
        About rolling upgrade
      2.  
        Preparing to perform a rolling upgrade to SF Oracle RAC 7.4.1
      3.  
        Performing a rolling upgrade using the product installer
    6. Upgrading SF Oracle RAC using Live Upgrade or Boot Environment upgrade
      1.  
        About ZFS Boot Environment (BE) upgrade
      2.  
        Supported upgrade paths for Boot Environment upgrade
      3. Performing Boot Environment upgrade on Solaris 11 systems
        1.  
          Creating a new Solaris 11 BE on the primary boot disk
        2.  
          Upgrading SF Oracle RAC using the installer for upgrading BE on Solaris 11
        3.  
          Completing the SF Oracle RAC upgrade on BE on Solaris 11
        4.  
          Verifying Solaris 11 BE upgrade
        5.  
          Reverting to the primary BE on a Solaris 11 system
    7. Performing post-upgrade tasks
      1.  
        Relinking Oracle RAC libraries with the SF Oracle RAC libraries
      2.  
        Setting or changing the product license level
      3.  
        Resetting DAS disk names to include host name in FSS environments
      4.  
        Upgrading disk layout versions
      5.  
        CVM master node needs to assume the logowner role for VCS managed VVR resources
      6.  
        Switching on Quotas
      7.  
        Upgrading the disk group version
  4. Section IV. Installation and upgrade of Oracle RAC
    1. Before installing Oracle RAC
      1.  
        Important preinstallation information for Oracle RAC
      2.  
        About preparing to install Oracle RAC
      3. Preparing to install Oracle RAC using the SF Oracle RAC installer or manually
        1.  
          Identifying the public virtual IP addresses for use by Oracle
        2.  
          Setting the kernel parameters
        3.  
          Verifying that packages and patches required by Oracle are installed
        4.  
          Verifying the user nobody exists
        5.  
          Launching the SF Oracle RAC installer
        6. Creating users and groups for Oracle RAC
          1.  
            Creating the Oracle user and groups using the SF Oracle RAC script-based installer
          2.  
            Creating the Oracle user and groups manually
        7. Creating storage for OCR and voting disk
          1.  
            Creating storage for OCR and voting disk using the SF Oracle RAC script-based installer
          2. Creating storage for OCR and voting disk manually
            1.  
              Adding the storage resources to the VCS configuration
          3.  
            Configuring atleast resource dependency for OCR and voting disks
        8. Configuring private IP addresses for Oracle RAC 11.2.0.1
          1. Configuring the private IP address and PrivNIC resource
            1.  
              Configuring the private IP address and PrivNIC using the SF Oracle RAC script-based installer
            2.  
              Configuring the private IP address and PrivNIC resource manually
          2. Configuring the private IP address information and MultiPrivNIC resource
            1.  
              Configuring the MultiPrivNIC and private IP address information using the SF Oracle RAC script-based installer
            2.  
              Configuring MultiPrivNIC and private IP addresses manually
          3.  
            Verifying the VCS configuration for PrivNIC and MultiPrivNIC
        9. Configuring private IP addresses for Oracle RAC 11.2.0.2 and later versions
          1.  
            Using link aggregation or NIC bonding
          2. Using Oracle High Availability IP (HAIP)
            1.  
              Configuring static IP addresses for HAIP using the SF Oracle RAC script-based installer
            2.  
              Configuring static IP addresses for HAIP manually
        10.  
          Verifying that multicast is functional on all private network interfaces
        11.  
          Creating Oracle Clusterware/Grid Infrastructure and Oracle database home directories manually
        12.  
          Setting up user equivalence
        13.  
          Verifying whether the Veritas Membership library is linked to Oracle libraries
    2. Installing Oracle RAC
      1.  
        About installing Oracle RAC
      2. Installing the Oracle Clusterware/Grid Infrastructure software
        1.  
          Installing Oracle Clusterware/Grid Infrastructure using the SF Oracle RAC script-based installer
        2.  
          Installing Oracle Clusterware/Grid Infrastructure using the Oracle Universal Installer
      3.  
        Configuring LLT links in the GPnP profile
      4. Installing the Oracle RAC database software
        1.  
          Installing the Oracle RAC database using the SF Oracle RAC script-based installer
        2.  
          Installing the Oracle RAC database using the Oracle Universal Installer
      5. Verifying the Oracle Clusterware/Grid Infrastructure and database installation
        1.  
          Node numbering discrepancies in Oracle RAC 11g Release 2 and later versions
    3. Performing an automated Oracle RAC installation
      1.  
        About installing Oracle RAC using response files
      2.  
        Before you install
      3.  
        Installing Oracle RAC
      4.  
        Response file variable definitions for Oracle RAC
      5.  
        Sample response file for installing Oracle RAC
    4. Performing Oracle RAC post-installation tasks
      1.  
        Adding Oracle RAC patches or patchsets
      2. Configuring the CSSD resource
        1.  
          Configuring the CSSD resource using the SF Oracle RAC script-based installer
        2.  
          Configuring the CSSD resource manually
      3.  
        Preventing automatic startup of Oracle Clusterware/Grid Infrastructure
      4. Relinking the SF Oracle RAC libraries with Oracle RAC
        1.  
          Relinking the SF Oracle RAC libraries with Oracle RAC using the SF Oracle RAC script-based installer
        2. Relinking SF Oracle RAC libraries with Oracle RAC manually
          1.  
            Linking the ODM library
      5.  
        Creating the Oracle RAC database
      6. Configuring VCS service groups for Oracle RAC
        1.  
          Supported types of database management
        2. Sample service group configurations
          1.  
            Sample service group configurations with the VCS Oracle agent
          2.  
            Sample service group configurations without the VCS Oracle agent
        3.  
          Configuring VCS service groups manually for traditional Oracle databases
        4.  
          Configuring VCS service groups manually for container Oracle databases
        5.  
          Managing database restart after failure
        6.  
          Location of VCS log files
      7.  
        Preventing automatic database startup
      8.  
        Removing existing PrivNIC or MultiPrivNIC resources
      9.  
        Removing permissions for communication
    5. Upgrading Oracle RAC
      1.  
        Preparing to upgrade Oracle RAC
      2.  
        Upgrading Oracle RAC binaries
      3. Migrating the Oracle RAC database
        1.  
          Performing post-upgrade tasks
  5. Section V. Adding and removing nodes
    1. Adding a node to SF Oracle RAC clusters
      1.  
        About adding a node to a cluster
      2.  
        Before adding a node to a cluster
      3. Adding a node to a cluster using the Veritas InfoScale installer
        1. Preparing the new nodes for installing Oracle RAC using the installer
          1.  
            Creating Oracle user and groups on the new node
          2.  
            Configuring the PrivNIC resource for Oracle Clusterware
          3.  
            Configuring the MultiPrivNIC resource for Oracle Clusterware and Oracle UDP IPC
      4. Adding the node to a cluster manually
        1.  
          Starting Veritas Volume Manager (VxVM) on the new node
        2.  
          Configuring cluster processes on the new node
        3. Setting up the node to run in secure mode
          1.  
            Configuring the authentication broker on node sys5
        4.  
          Starting fencing on the new node
        5.  
          After adding the new node
        6. Configuring server-based fencing on the new node
          1.  
            Adding the new node to the vxfen service group
        7.  
          Configuring Cluster Volume Manager (CVM) and Cluster File System (CFS) on the new node
        8.  
          Configuring the ClusterService group for the new node
        9. Preparing the new node manually for installing Oracle RAC
          1.  
            Configuring the PrivNIC resource for Oracle Clusterware
          2.  
            Configuring the MultiPrivNIC resource for Oracle Clusterware and UDP IPC
          3.  
            Starting VCS on the new node
          4.  
            Creating Oracle Clusterware/Grid Infrastructure and Oracle database home directories on the new node
      5. Adding a node to the cluster using the SF Oracle RAC response file
        1.  
          Response file variables to add a node to an SF Oracle RAC cluster
        2.  
          Sample response file for adding a node to an SF Oracle RAC cluster
      6. Configuring private IP addresses for Oracle RAC 11.2.0.2 and later versions on the new node
        1.  
          Using link aggregation or NIC bonding
        2.  
          Using Oracle High Availability IP (HAIP)
      7.  
        Adding the new node to Oracle RAC
      8.  
        Adding nodes to a cluster that is using authentication for SFDB tools
      9.  
        Updating the Storage Foundation for Databases (SFDB) repository after adding a node
      10.  
        Sample configuration file for adding a node to the cluster
    2. Removing a node from SF Oracle RAC clusters
      1.  
        About removing a node from a cluster
      2.  
        Removing a node from a cluster
      3.  
        Modifying the VCS configuration files on existing nodes
      4.  
        Modifying the Cluster Volume Manager (CVM) configuration on the existing nodes to remove references to the deleted node
      5.  
        Removing the node configuration from the CP server
      6.  
        Removing security credentials from the leaving node
      7.  
        Updating the Storage Foundation for Databases (SFDB) repository after removing a node
      8.  
        Sample configuration file for removing a node from the cluster
  6. Section VI. Configuration of disaster recovery environments
    1. Configuring disaster recovery environments
      1.  
        Disaster recovery options for SF Oracle RAC
      2.  
        Hardware requirements for campus cluster
      3.  
        Supported replication technologies for global clusters
      4.  
        About setting up a campus cluster for disaster recovery
      5.  
        About setting up a global cluster environment for SF Oracle RAC
      6.  
        About configuring a parallel global cluster using Volume Replicator (VVR) for replication
  7. Section VII. Installation reference
    1. Appendix A. Installation scripts
      1.  
        Installation script options
      2.  
        About using the postcheck option
    2. Appendix B. Tunable files for installation
      1.  
        About setting tunable parameters using the installer or a response file
      2.  
        Setting tunables for an installation, configuration, or upgrade
      3.  
        Setting tunables with no other installer-related operations
      4.  
        Setting tunables with an un-integrated response file
      5.  
        Preparing the tunables file
      6.  
        Setting parameters for the tunables file
      7.  
        Tunables value parameter definitions
    3. Appendix C. Sample installation and configuration values
      1.  
        About the installation and configuration worksheets
      2. SF Oracle RAC worksheet
        1.  
          Cluster Server component information
        2.  
          I/O fencing information
        3.  
          SF Oracle RAC add user information
        4.  
          Global cluster information
      3.  
        Oracle RAC worksheet
      4.  
        Replicated cluster using VVR worksheet
      5.  
        Replicated cluster using SRDF worksheet
      6.  
        Required installation information for Oracle Clusterware/Grid Infrastructure
      7.  
        Required installation information for Oracle database
    4. Appendix D. Configuration files
      1.  
        About VCS configuration file
      2.  
        About the LLT and GAB configuration files
      3.  
        About I/O fencing configuration files
      4.  
        Packaging related SMF services on Solaris 11
      5. Sample configuration files
        1.  
          sfrac02_main.cf file
        2.  
          sfrac03_main.cf file
        3.  
          sfrac04_main.cf file
        4.  
          sfrac05_main.cf file
        5.  
          sfrac06_main.cf file
        6.  
          sfrac07_main.cf and sfrac08_main.cf files
        7.  
          sfrac09_main.cf and sfrac10_main.cf files
        8.  
          sfrac11_main.cf file
        9.  
          sfrac12_main.cf and sfrac13_main.cf files
        10.  
          sfrac14_main.cf file
        11.  
          sfrac15_main.cf and sfrac16_main.cf files
        12.  
          sfrac17_main.cf file
        13. Sample configuration files for CP server
          1.  
            Sample main.cf file for CP server hosted on a single node that runs VCS
          2.  
            Sample main.cf file for CP server hosted on a two-node SFHA cluster
          3.  
            Sample CP server configuration (/etc/vxcps.conf) file output
    5. Appendix E. Configuring the secure shell or the remote shell for communications
      1.  
        About configuring secure shell or remote shell communication modes before installing products
      2.  
        Manually configuring passwordless ssh
      3.  
        Setting up ssh and rsh connection using the installer -comsetup command
      4.  
        Setting up ssh and rsh connection using the pwdutil.pl utility
      5.  
        Restarting the ssh session
      6.  
        Enabling and disabling rsh for Solaris
    6. Appendix F. Automatic Storage Management
      1.  
        About ASM in SF Oracle RAC environments
      2.  
        ASM configuration with SF Oracle RAC
      3. Configuring ASM in SF Oracle RAC environments
        1.  
          Creating database storage for ASM
        2.  
          Creating ASM disk groups and instances
        3.  
          Verifying the ASM setup
        4.  
          Configuring VCS service groups for database instances on ASM
      4. Configuring Flex ASM in SF Oracle RAC environments
        1.  
          Creating storage for Flex ASM
        2.  
          Verifying the Flex ASM setup
        3.  
          Configuring VCS service groups for database instances on ASM for Flex ASM cluster
    7. Appendix G. Creating a test database
      1.  
        About creating a test database
      2. Creating a database for Oracle
        1.  
          Creating the database storage on CFS
    8. Appendix H. High availability agent information
      1. About agents
        1.  
          VCS agents included within SF Oracle RAC
        2.  
          VCS agents for Oracle included within SF Oracle RAC
      2. CVMCluster agent
        1.  
          Entry points for CVMCluster agent
        2.  
          Attribute definition for CVMCluster agent
        3.  
          CVMCluster agent type definition
        4.  
          CVMCluster agent sample configuration
      3. CVMVxconfigd agent
        1.  
          Entry points for CVMVxconfigd agent
        2.  
          Attribute definition for CVMVxconfigd agent
        3.  
          CVMVxconfigd agent type definition
        4.  
          CVMVxconfigd agent sample configuration
      4. CVMVolDg agent
        1.  
          Entry points for CVMVolDg agent
        2.  
          Attribute definition for CVMVolDg agent
        3.  
          CVMVolDg agent type definition
        4.  
          CVMVolDg agent sample configuration
      5. CFSMount agent
        1.  
          Entry points for CFSMount agent
        2.  
          Attribute definition for CFSMount agent
        3.  
          CFSMount agent type definition
        4.  
          CFSMount agent sample configuration
      6. CFSfsckd agent
        1.  
          Entry points for CFSfsckd agent
        2.  
          Attribute definition for CFSfsckd agent
        3.  
          CFSfsckd agent type definition
        4.  
          CFSfsckd agent sample configuration
      7. PrivNIC agent
        1.  
          Functions of the PrivNIC agent
        2. Attributes of the PrivNIC agent
          1.  
            Optional attributes of the PrivNIC agent
        3.  
          States of the PrivNIC agent
        4.  
          Sample service group configuration with the PrivNIC agent
        5.  
          Type definition of the PrivNIC resource
        6.  
          Sample configuration of the PrivNIC resource
      8. MultiPrivNIC agent
        1.  
          Managing high availability of private interconnects
        2.  
          Functions of the MultiPrivNIC agent
        3.  
          Required attributes of the MultiPrivNIC agent
        4.  
          States of the MultiPrivNIC agent
        5.  
          Sample service group configuration with the MultiPrivNIC agent
        6.  
          Type definition of the MultiPrivNIC resource
        7.  
          Sample configuration of the MultiPrivNIC resource
      9. CSSD agent
        1.  
          Functions of the CSSD agent
        2.  
          Attributes of the CSSD agent
        3.  
          States of the CSSD agent
        4.  
          Disabling monitoring of Oracle Grid Infrastructure processes temporarily
        5.  
          Sample service group configurations with the CSSD agent
        6.  
          Type definition of the CSSD resource
        7.  
          Sample configuration of the CSSD resource
      10. VCS agents for Oracle
        1. Oracle agent functions
          1.  
            Startup and shutdown options for the pluggable database (PDB)
          2.  
            Recommended startup modes for pluggable database (PDB) based on container database (CDB) startup modes
          3.  
            Monitor options for the Oracle agent in traditional database and container database
          4.  
            Monitor for the pluggable database
          5.  
            Info entry point for Cluster Server agent for Oracle
          6.  
            Action entry point for Cluster Server agent for Oracle
        2. Resource type definition for the Oracle agent
          1.  
            Attribute definitions for the Oracle agent
          2.  
            About the Sid attribute in a policy managed database
        3.  
          Netlsnr agent functions
        4. Resource type definition for the Netlsnr agent
          1.  
            Attribute definition for the Netlsnr agent
        5.  
          ASMDG agent functions
        6. Resource type definition for the ASMDG agent
          1.  
            Attribute definition for the ASMDG agent
      11. CRSResource agent
        1.  
          Functions of the CRSResource agent
        2.  
          States of the CRSResource agent
        3.  
          Attributes of the CRSResource agent
        4. VCS service group dependencies with the CRSResource agent
          1.  
            How CRSResource agent handles failures
          2. Fault configurations with CRSResource agent
            1.  
              Scenario 1: CRSResource fault at system startup
            2.  
              Scenario 2: CRSResource fault when resource is brought offline
        5.  
          Resource type definition for the CRSResource agent
        6.  
          Sample configuration for the CRSResource agent
    9. Appendix I. SF Oracle RAC deployment scenarios
      1.  
        SF Oracle RAC cluster with UDP IPC and PrivNIC agent
      2.  
        SF Oracle RAC cluster for multiple databases with UDP IPC and MultiPrivNIC agent
      3.  
        SF Oracle RAC cluster with isolated Oracle traffic and MultiPrivNIC agent
      4.  
        SF Oracle RAC cluster with NIC bonding, UDP IPC, and PrivNIC agent
      5. Configuration diagrams for setting up server-based I/O fencing
        1.  
          Two unique client clusters served by 3 CP servers
        2.  
          Client cluster served by highly available CPS and 2 SCSI-3 disks
        3.  
          Two node campus cluster served by remote CP server and 2 SCSI-3 disks
        4.  
          Multiple client clusters served by highly available CP server and 2 SCSI-3 disks

Setting up ssh and rsh connection using the pwdutil.pl utility

The password utility, pwdutil.pl, is bundled under the scripts directory. The users can run the utility in their script to set up the ssh and rsh connection automatically.

# ./pwdutil.pl -h
Usage:

Command syntax with simple format:

    pwdutil.pl check|configure|unconfigure ssh|rsh <hostname|IP addr> 
				[<user>] [<password>] [<port>]

Command syntax with advanced format:

    pwdutil.pl [--action|-a 'check|configure|unconfigure']
               [--type|-t 'ssh|rsh']
               [--user|-u  '<user>']
               [--password|-p '<password>']
               [--port|-P '<port>']
               [--hostfile|-f '<hostfile>']
               [--keyfile|-k '<keyfile>']
               [-debug|-d]
               <host_URI>

    pwdutil.pl -h | -?

Table: Options with pwdutil.pl utility

Option

Usage

--action|-a 'check|configure|unconfigure'

Specifies action type, default is 'check'.

--type|-t 'ssh|rsh'

Specifies connection type, default is 'ssh'.

--user|-u '<user>'

Specifies user id, default is the local user id.

--password|-p '<password>'

Specifies user password, default is the user id.

--port|-P '<port>'

Specifies port number for ssh connection, default is 22

--keyfile|-k '<keyfile>'

Specifies the private key file.

--hostfile|-f '<hostfile>'

Specifies the file which list the hosts.

-debug

Prints debug information.

-h|-?

Prints help messages.

<host_URI>

Can be in the following formats:

<hostname>

<user>:<password>@<hostname>

<user>:<password>@<hostname>:

<port>

You can check, configure, and unconfigure ssh or rsh using the pwdutil.plutility. For example:

  • To check ssh connection for only one host:

    pwdutil.pl check ssh hostname

  • To configure ssh for only one host:

    pwdutil.pl configure ssh hostname user password

  • To unconfigure rsh for only one host:

    pwdutil.pl unconfigure rsh hostname

  • To configure ssh for multiple hosts with same user ID and password:

    pwdutil.pl -a configure -t ssh -u user -p password hostname1 
hostname2 hostname3

  • To configure ssh or rsh for different hosts with different user ID and password:

    pwdutil.pl -a configure -t ssh user1:password1@hostname1
user2:password2@hostname2

  • To check or configure ssh or rsh for multiple hosts with one configuration file:

    pwdutil.pl -a configure -t ssh --hostfile /tmp/sshrsh_hostfile

  • To keep the host configuration file secret, you can use the 3rd party utility to encrypt and decrypt the host file with password.

    For example:

    ### run openssl to encrypt the host file in base64 format
# openssl aes-256-cbc -a -salt -in /hostfile -out /hostfile.enc
enter aes-256-cbc encryption password: <password>
Verifying - enter aes-256-cbc encryption password: <password>

### remove the original plain text file
# rm /hostfile

### run openssl to decrypt the encrypted host file
# pwdutil.pl -a configure -t ssh 'openssl aes-256-cbc -d -a 
-in /hostfile.enc'
enter aes-256-cbc decryption password: <password>

  • To use the ssh authentication keys which are not under the default $HOME/.ssh directory, you can use --keyfile option to specify the ssh keys. For example:

    ### create a directory to host the key pairs:
# mkdir /keystore

### generate private and public key pair under the directory:
# ssh-keygen -t rsa -f /keystore/id_rsa

### setup ssh connection with the new generated key pair under 
the directory:
# pwdutil.pl -a configure -t ssh --keyfile /keystore/id_rsa 
user:password@hostname

You can see the contents of the configuration file by using the following command:

# cat /tmp/sshrsh_hostfile
user1:password1@hostname1
user2:password2@hostname2
user3:password3@hostname3
user4:password4@hostname4

# all default: check ssh connection with local user
hostname5
The following exit values are returned:

0     Successful completion.
1     Command syntax error.
2     Ssh or rsh binaries do not exist.
3     Ssh or rsh service is down on the remote machine.
4     Ssh or rsh command execution is denied due to password is required.
5     Invalid password is provided.
255   Other unknown error.