Introduction:- In this article, we will resolve error adop-phaseprepare-error-ssh-is-not-enabled in EBS while executing adop phase=prepare.
Observation:-
In EBS R12.2, ssh should be enabled on primary and secondory node for multinode architecture. Here we will do the some action to enable ssh.
[applmgr@uatapps ~]$ adop phase=prepare
Enter the APPS password:
Enter the SYSTEM password:
Enter the WLSADMIN password:
Validating credentials.
Initializing.
Run Edition context : /oracle/EBSFS/fs1/inst/apps/UAT_uatapps/appl/admin/UAT_uatapps.xml
Patch edition context: /oracle/EBSFS/fs2/inst/apps/UAT_uatapps/appl/admin/UAT_uatapps.xml
Patch file system free spUAT: 473.98 GB
Validating system setup.
Node registry is valid.
Log: /oracle/EBSFS/fs1/inst/apps/UAT_uatapps/logs/appl/rgf/TXK/verifyssh.log
Output: /oracle/EBSFS/fs1/inst/apps/UAT_uatapps/logs/appl/rgf/TXK/out.xml
ssh is not enabled for the following node
UATapps
[UNEXPECTED]ssh is not enabled.
[UNEXPECTED]Available options are as follows.
[UNEXPECTED]- To enable ssh, run the following command:
perl /oracle/EBSFS/fs1/EBSapps/appl/ad/12.0.0/patch/115/bin/txkRunSSHSetup.pl enablessh
-contextfile=/oracle/EBSFS/fs1/inst/apps/UAT_uatapps/appl/admin/UAT_uatapps.xml
-hosts=UATapps,uatapps
Then try the adop command again.
[UNEXPECTED]- Otherwise, with ssh disabled you must run adop on each node:
On the admin node, run: adop phase=<desired phase> allnodes=no action=db
On the other nodes, run: adop phase=<desired phase> allndoes=no action=nodb
[UNEXPECTED]Error verifying ssh setup.
[STATEMENT] Please run adopscanlog utility, using the command
"adopscanlog -latest=yes"
to get the list of the log files along with snippet of the error message corresponding to each log file.
adop exiting with status = 2 (Fail)Solution:- Here will have to enable ssh first to continue the adop session.
[applmgr@uatapps ~]$ perl /oracle/EBSFS/fs1/EBSapps/appl/ad/12.0.0/patch/115/bin/txkRunSSHSetup.pl enablessh
> -contextfile=/oracle/EBSFS/fs1/inst/apps/UAT_uatapps/appl/admin/UAT_uatapps.xml
> -hosts=UATapps,uatapps
Enter SSH User password for the OS user applmgr:
Log: /oracle/EBSFS/fs1/inst/apps/UAT_uatapps/logs/appl/rgf/TXK/enablessh.log
Error in setting up ssh equivalence
FAILED: enableSSH
[applmgr@uatapps ~]$ perl /oracle/EBSFS/fs1/EBSapps/appl/ad/12.0.0/patch/115/bin/txkRunSSHSetup.pl enablessh -contextfile=/oracle/EBSFS/fs1/inst/apps/UAT_uatapps/appl/admin/UAT_uatapps.xml -hosts=UATapps,uatapps
Enter SSH User password for the OS user applmgr:
Log: /oracle/EBSFS/fs1/inst/apps/UAT_uatapps/logs/appl/rgf/TXK/enablessh.log
SSH equivalence setup successful.
Verification:-
[applmgr@uatapps ~]$ cat /oracle/EBSFS/fs1/inst/apps/UAT_uatapps/logs/appl/rgf/TXK/enablessh.log
Obfuscated password present
This script will setup SSH Equivalence from the host 'uatapps.UAT-cranes.com' to specified remote hosts.
ORACLE_HOME = /oracle/EBSFS/fs1/FMW_Home/Oracle_EBS-app1
JAR_LOC = /oracle/EBSFS/fs1/FMW_Home/Oracle_EBS-app1/oui/jlib
SSH_LOC = /oracle/EBSFS/fs1/FMW_Home/Oracle_EBS-app1/oui/jlib
OUI_LOC = /oracle/EBSFS/fs1/FMW_Home/Oracle_EBS-app1/oui
JAVA_HOME = /oracle/EBSFS/fs1/FMW_Home/Oracle_EBS-app1/jdk
Checking if the remote hosts are reachable.
ClusterLogger - log file location: /home/applmgr/Logs/remoteInterfUATs2021-06-17_12-26-08-PM.log
Failed Nodes : UATapps uatapps
Remote host reachability check succeeded.
All hosts are reachable. Proceeding further...NOTE :
As part of the setup procedure, this script will use ssh and scp to copy
files between the local host and the remote hosts. You may be prompted for
the password during the execution of the script.
AS PER SSH REQUIREMENTS, THIS SCRIPT WILL SECURE THE USER HOME DIRECTORY
AND THE .ssh DIRECTORY BY REVOKING GROUP AND WORLD WRITE PRIVILEDGES TO THESE
directories.
ClusterLogger – log file location: /home/applmgr/Logs/remoteInterfUATs2021-06-17_12-26-09-PM.log
Logfile Location : /oracle/EBSFS/fs1/inst/apps/UAT_uatapps/logs/appl/rgf/TXK/enablessh2021-06-17_12-26-09-PM.log
Checking binaries on remote hosts…
Doing SSHSetup…
Please be patient, this operation might take sometime…Dont press Ctrl+C…
Validating remote binaries..
Remote binaries check succeeded
Local Platform:- LINUX
————————————————————————
Verifying SSH setup
===================
The script will now run the date command on the remote nodes using ssh
to verify if ssh is setup correctly. IF THE SETUP IS CORRECTLY SETUP,
THERE SHOULD BE NO OUTPUT OTHER THAN THE DATE AND SSH SHOULD NOT ASK FOR
PASSWORDS. If you see any output other than date or are prompted for the
password, ssh is not setup correctly and you will need to resolve the
issue and set up ssh again.
The possible causes for failure could be:
1. The server settings in /etc/ssh/sshd_config file do not allow ssh
for user applmgr.
2. The server may have disabled public key based authentication.
3. The client public key on the server may be outdated.
4. ~applmgr or ~applmgr/.ssh on the remote host may not be owned by applmgr.
5. User may not have passed -shared option for shared remote users or
may be passing the -shared option for non-shared remote users.
6. If there is output in addition to the date, but no password is asked,
it may be a security alert shown as part of company policy. Append the
additional text to the <OMS HOME>/sysman/prov/resources/ignoreMessages.txt file.
————————————————————————
–UATapps:–
Running /usr/bin/ssh -x -l applmgr UATapps date to verify SSH connectivity has been setup from local host to UATapps.
IF YOU SEE ANY OTHER OUTPUT BESIDES THE OUTPUT OF THE DATE COMMAND OR IF YOU ARE PROMPTED FOR A PASSWORD HERE, IT MEANS SSH SETUP HAS NOT BEEN SUCCESSFUL. Please note that being prompted for a passphrase may be OK but being prompted for a password is ERROR.
Thu Jun 17 12:26:44 IST 2021
————————————————————————
–uatapps:–
Running /usr/bin/ssh -x -l applmgr uatapps date to verify SSH connectivity has been setup from local host to uatapps.
IF YOU SEE ANY OTHER OUTPUT BESIDES THE OUTPUT OF THE DATE COMMAND OR IF YOU ARE
PROMPTED FOR A PASSWORD HERE, IT MEANS SSH SETUP HAS NOT BEEN SUCCESSFUL.
Please note that being prompted for a passphrase may be OK but being prompted for a password is
ERROR.
Thu Jun 17 12:26:44 IST 2021
————————————————————————
SSH verification complete.
For information on adop related issue, you may click here.
If you are interested to see another article for same issue, click here.