Looking for something? Try here..

Thursday, November 24, 2011

SCP without password prompt

Many a times, we are in need of copying files from one server to another for our work to continue. SCP is a powerful unix utility to do file copy in a secure way. Each time when you do an scp, it prompts for the password of the target server's user. This is very good in terms of security, but might be annoying when you do a large set of file copy.

This password prompt would halt your work by some means. For e.g., you might had a script configured to pass files from source server to target server where scp does the file copy. Here if you want to pass the password each and everytime, the automated script is of no mean.
Let's see how to do scp without a password prompt.

This is to do scp without password in scripts.
First step is to create a key pair between the servers.

The syntax to create the key pair is:

$ ssh-keygen -t rsa

In response, you should see:

Generating public/private rsa key pair
Enter file in which to save the key ...

Press Enter to accept this.

In response, you should see:

Enter passphrase (empty for no passphrase):

You don't need a passphrase, so press Enter twice.

In response, you should see:

Your identification has been saved in ...
Your public key has been saved in ...

Note the name and location of the public key just generated. It always ends in .pub.

Below is an example from RHEL 8 box
[oracle@linux-8 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:1qKWyoZ9GN0jpOz0ikOv+dkQk9bVGY8PxcDfjp0Ho7Y oracle@linux-8.selvapc.com
The key's randomart image is:
+---[RSA 3072]----+
|         .oo.    |
|         ..*.    |
|        . =...   |
|     o.. . o. +  |
|   .=+..S . .= + |
|  ..=oo+o.  + + .|
| . *.++. . . . . |
|  o+**o     E    |
|  +=*o.          |
+----[SHA256]-----+
[oracle@linux-8 ~]$
[oracle@linux-8 ~]$ ls -lrt ~/.ssh/
total 12
-rw-r--r--. 1 oracle oinstall  699 Mar 10 00:23 known_hosts
-rw-------. 1 oracle oinstall 2622 Mar 11 01:49 id_rsa
-rw-r--r--. 1 oracle oinstall  580 Mar 11 01:49 id_rsa.pub
[oracle@linux-8 ~]$
Copy the public key just generated to all of your remote Linux boxes. You can use scp or FTP or whatever to make the copy. 
Assuming you're using root, the key must be contained in the file /root/.ssh/authorized_keys

Or, if you are logging in as a user, for example, oracle, it would be in ~/.ssh/authorized_keys. Notice that the authorized_keys file can contain keys from other PCs. So, if the file already exists and contains text, you need to append the contents of your public key file to what already is there.

On remote machine.. 

$ cat id_rsa.pub >>~/.ssh/authorized_keys
$ chmod 700 ~/.ssh/authorized_keys

With the above procedure completely done, you can copy your files without the prompt for the password.

Update: 11 Mar 2021
Added o/p of ssh-keygen from a RHEL 8 box

Thursday, November 3, 2011

Re-Linking Of Oracle Binaries

Today one of our servers crashed and the server (whole server) was restored from the backup. It took some time to be restored one by one. Meanwhile when things are set, I tried to startup the database, I got a different error that I have not seen that before.

/home/oracle /> sqlplus "/ as sysdba"
/usr/lib/pa20_64/dld.sl: Unsatisfied code symbol 'gethrtime' in load module '/mnt1/app/oracle/product/9.2.0/bin/sqlplus'.
Abort(coredump)

This surely is not due to a database fault. When searched for solutions, found that this is the problem with relinking of oracle binaries.

Relinking of oracle binaries takes place automatically when -

            - An Oracle product has been installed with an Oracle provided installer.
            - An Oracle patch set has been applied via an Oracle provided installer.

Let's look how to relink oracle binaries, if it requires at times. At times! Those times are when -
            - An OS upgrade has occurred.
            - A change has been made to the OS system libraries. This can occur during the application of an OS patch.
            - A new install failed during the relinking phase.
            - Individual Oracle executables core dump during initial startup.
            - An individual Oracle patch has been applied with explicit relink instructions or the relink is integrated into the patch install script.

Step 1 : Login as Oracle user and Set environment parameters such as $ORACLE_HOME, $ORACLE_BASE, $PATH, $LD_LIBRARY_PATH

Step 2 : Shut down all databases and listeners running on the server.

Step 3 : Relink the components as given below for different version of oracle

Oracle Version 7.3.x

For executables: oracle, exp, imp, sqlldr, tkprof
cd $ORACLE_HOME/rdbms/lib
make -f ins_rdbms.mk install

For executables: svrmgrl, svrmgrm
cd $ORACLE_HOME/svrmgr/lib
make -f ins_svrmgr.mk linstall minstall
linstall is for svrmgrl, minstall is for svrmgrm

For executables: sqlplus
cd $ORACLE_HOME/sqlplus/lib
make -f ins_sqlplus.mk install

For executables: dbsnmp, oemevent, oratclsh
cd $ORACLE_HOME/network/lib
make -f ins_agent.mk install

For executables: names, namesctl
cd $ORACLE_HOME/network/lib
make -f ins_names.mk install

For executables: tnslsnr, lsnrctl, tnsping, csmnl, trceval, trcroute
cd $ORACLE_HOME/network/lib
make -f ins_network.mk install

Oracle Version 8.0.x

For executables: oracle, exp, imp, sqlldr, tkprof, mig, dbv, orapwd, rman, svrmgrl, ogms, ogmsctl
cd $ORACLE_HOME/rdbms/lib
make -f ins_rdbms.mk install

For executables: sqlplus
cd $ORACLE_HOME/sqlplus/lib
make -f ins_sqlplus.mk install

For executables: dbsnmp, oemevent, oratclsh, libosm.so
cd $ORACLE_HOME/network/lib
make -f ins_oemagent.mk install

For executables: tnslsnr, lsnrctl, namesctl, names, osslogin, trcasst, trcroute
cd $ORACLE_HOME/network/lib
make -f ins_network.mk install

Oracle version 8.1.x (8i) or higher

A "relink" script is provided in the $ORACLE_HOME/bin directory and can be run as follows.

cd $ORACLE_HOME/bin
relink

$ relink >parameter<
accepted values for parameter: all, oracle, network, client, client_sharedlib, interMedia, precomp, utilities, oemagent

Or else you can even do individually one by one as done for version 8.0.x with a few changes stated below.
Others remain same.

For executables: names, namesctl
cd $ORACLE_HOME/network/lib
make -f ins_names.mk install

For executables: osslogin, trcasst, trcroute, onrsd, tnsping
cd $ORACLE_HOME/network/lib
make -f ins_net_client.mk install

For executables: tnslsnr, lsnrctl
cd $ORACLE_HOME/network/lib
make -f ins_net_server.mk install

Note : There are no "Relink success" messages displayed at the terminal. If the relink was failure, it will terminate with errors such as 'Fatal error', 'Ld: fatal', 'Exit Code 1.

For HP-UX servers, the relink may fail even when done manually. This is a bug and can be rectified by applying the following OS patches as per Oracle support.

For 11.0: HP/UX patches PHCO_23770, PHCO_23092 must be applied.
For 11.11: HP/UX patches PHCO_29029 and PHCO_25569 must be applied.