How to Resolve INS-06006 Passwordless SSH connectivity not set up between the following node(s)

You might think the SSH connectivity has been setup correctly by Oracle Universal Installer, but INS-06006 eventually appeared when you tried to test it or enter the next step. In this post, I try to list some possibilities for you to think over, and probably you can find another way out of INS-06006.

Possible Causes of INS-06006

The error usually from the network problems, please check the following questions:

The host name resolutions wrongly registered on DNS?

Because OUI could take the wrong node as another to build a wrong connectivity. Hence, please check your DNS or /etc/hosts entries again and make sure entries of hostnames are all in one kind of letter case, either lowercase or uppercase.

I know the letter cases does not matter on name resolution, but there's a bug was reported by Oracle, which concerns about the letter case of hostname. For Linux platform, the lowercase would be better.

The network design is correct?

Did you put Public IP, VIP or SCAN IP in different subnets? Because Public IP, VIP and SCAN IP should be all in the same subnet, Private IP should go to a different subnet.

VIP or SCAN is bound into any NIC?

Don't bind VIP or SCAN into any NIC. Oracle clusterware will bind them into network interfaces automatically and dynamically at startup-time. You can only bind public and private IP into NICs.

OpenSSH 8.x Problem

Since Linux 8.1 adopts OpenSSH 8.x, related commands like scp functions a little different than ever. When installer of Grid infra 19.3 validats SSH connectivity, it always fails with INS-06006. Even though you establish the connectivity manually, it cannot pass the SSH validation.

To check the version of OpenSSH, you can do this:

[root@primary01 ~]# ssh -V
OpenSSH_8.0p1, OpenSSL 1.1.1c FIPS  28 May 2019

Workaround

The workaround is to disable strict filename checking by adding an option -T.

[root@primary01 ~]# cp -p /usr/bin/scp /usr/bin/scp-original
[root@primary01 ~]# echo "/usr/bin/scp-original -T \$*" > /usr/bin/scp
[root@primary01 ~]# cat /usr/bin/scp
/usr/bin/scp-original -T $*

Cancel the installation, then try it again.

Establish SSH Equivalency Manually

If you still get INS-06006, you can try to establish the connectivity manually. For your reference, the following post may provide some helps: How to Build SSH Equivalency between Two Servers to Work Around INS-06006. It contains steps to build and verify the connectivity, you can try it.

If you are still struggling in how to build a 12c RAC environment, please feel free to visit my posts:
How to Build 12c RAC (0/6) - An Overview

2 thoughts on “How to Resolve INS-06006 Passwordless SSH connectivity not set up between the following node(s)”

  1. Here’s another one you might run into with this, especially you are working with linux container technology or ultra-secure environments where stuff is locked-down for non-root.

    Check each node to be sure “ping” works for the “grid” user (or whatever user you are assigning to own the grid infrastructure deployment). In my case, I got this:

    ping: icmp open socket: Operation not permitted.

    Fix this as follows; as root run this on each node, then verify that “grid” user now has ability to ping:

    root$ chmod 4755 /bin/ping

Leave a Reply

Your email address will not be published. Required fields are marked *