linux配置SSH 互信

配置两个节点的ssh 互信，注意 .ssh上一层目录，也就是home目录的权限应为755，不能是777，如果是777则ssh不能配置互信。

在两个节点先执行：

> chmod 755 $HOME

配置过程：

node1:
cd $HOME
mkdir ~/.ssh
chmod 700 ~/.ssh
/usr/bin/ssh-keygen -t rsa
cat $HOME/.ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys
/usr/bin/ssh-keygen -t dsa
cat $HOME/.ssh/id_dsa.pub >> $HOME/.ssh/authorized_keys

node2:
cd $HOME
mkdir ~/.ssh
chmod 700 ~/.ssh
/usr/bin/ssh-keygen -t rsa
cat $HOME/.ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys
/usr/bin/ssh-keygen -t dsa
cat $HOME/.ssh/id_dsa.pub >> $HOME/.ssh/authorized_keys

node1:
ssh $NODE2 "cat .ssh/id_rsa.pub">>$HOME/.ssh/authorized_keys
ssh $NODE2 "cat .ssh/id_dsa.pub">>$HOME/.ssh/authorized_keys
scp $HOME/.ssh/authorized_keys $NODE2 :$HOME/.ssh

验证，无需输入密码则为配置成功：
[node1 .ssh]$ ssh node2 date
Thu Sep 15 09:26:52 CST 2016
[node2 .ssh]$ ssh node1 date
Thu Sep 15 09:26:47 CST 2016

注意

[node1 ~]$ /usr/bin/ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/paic/stg/oracle/11g/otzj11g/.ssh/id_dsa): /paic/stg/oracle/11g/otzj11g/.ssh/id_dsa
Enter passphrase (empty for no passphrase):     ##为空，直接回车
Enter same passphrase again:  ##为空，直接回车
Your identification has been saved in /paic/stg/oracle/11g/otzj11g/.ssh/id_dsa.
Your public key has been saved in /paic/stg/oracle/11g/otzj11g/.ssh/id_dsa.pub.
The key fingerprint is:
97:51:28:d9:15:4c:6a:9b:7e:f9:c1:70:72:fe:64:fa node1