By Joel Pérez ( Oracle ACED )
Purpose
This article guides you to replace the public/private key pair associated to an Oracle Public Cloud Service with a new pair.
Background
Most Oracle Public Cloud services provide their services with VMs that users can access through a secure shell (SSH). For an SSH access, when you create your Oracle Public Cloud service, you associate a public key to your service instance. Then when you want to access the VM for the service with Secure Shell, you provide the matching private key. This way, even if others know the IP address to your instance, there is no username and password involved. Instead anyone who wants to access their VM, has to provide their private key which makes it very secure.
The Oracle Public Cloud Service wizard can create the public/private key pair for you, if you don't have an already existing pair that you must use. In case you want to update the public/private key pair that is associated to your VM, you can do that through your Oracle Public Cloud Service's console page.
Some Oracle Public Cloud services such as Oracle Storage Cloud Service don't provide access to their VMs with Secure Shell. Instead you use REST API calls to access the service. This article is for cloud services that allow SSH access to their VMs and therefore, they provide you a public/private key pair for SSH access.
For updating Public/Private Key Pairs we have to generate and update them. In this article Part I, we will focus in the process of generate them.
Generate the Keys
You already have a service instance that has a set of keys associated to it. In order to replace them, first you need a pair of new keys
1.- You already have a service instance that has a set of keys associated to it. In order to replace them, first you need a pair of new keys
Go
2.- Provide your Identity Domain and click.
Note:
If you don't go to Oracle Cloud directly and use the link in your Welcome email instead, you don't need to provide your identity domain.
Sign In
3.- Enter your username and password and click.
My Services
Indashboard, click the menu option for your Oracle cloud service and then clickThis example in this article is for GoldenGate Cloud Service.
4.- In the Services page, click Create Service. (You will not create the service, you are just getting to the wizard's key generator.)
5.- In the wizard, there is a field for SSH Public key or a field with similar name. Click the Edit button. Note: If the first step of the wizard doesn't have a public key field, continue filling the fields to proceed to the next steps until you get an SSH Public Key field.
Create a New Key
6.- Selectand then click
Download.
7.- Click
8.- Click Save File in the opening sshkeybundle.zip window.
9.- Because the keys are generated every time in a compressed folder with the name of sshkeybundle.zip, change the name, so you don't get confused which folder has your keys. Browse to the location of your choice and save it for example, as sshkeybundle_Jack.zip.
10.- Click Done in the Download Keys popup menu.
11.- Click Cancel in the wizard to come out of the wizard.
Unzip
12.-the folder that contains the public/private key pair. For this example, sshkeybundle_Jack.zip.
Rename
13.-your public and private keys. For example, from publicKey and privateKey toandrespectively.
Note
: It's best if you use the Oracle generated keys for Oracle cloud services. For example, if you use PuTTy to create the pair of keys, the ppk format of the keys may not be accepted for connecting to the VMs with SOCKS5 proxy server.
At the part II of this article we will perform the process of updating the keys.
About the Author
Joel Pérez is an Expert DBA ( Oracle ACE Director, Maximum Availability OCM, OCM Cloud Admin. & OCM12c/11g ) with over 17 years of Real World Experience in Oracle Technology, specialized in design and implement solutions of: High Availability, Disaster Recovery, Upgrades, Replication, Cloud and all area related to Oracle Databases. International consultant with duties, conferences & activities in more than 50 countries in 5 continents and countless clients around the world. Habitual and one of leading writers of Technical Oracle articles for: OTN Spanish & OTN Portuguese. Regular Speaker in worldwide Oracle events like: OTN LAD (Latin America), OTN MENA(Middle East & Africa), OTN APAC ( Asian Pacific), DTCC China and more. Joel has always been known for being a pioneer in Oracle technology since the early days of his career being the first Latin American awarded as “OTN Expert” at year 2003 by Oracle Corp., one of the first “Oracle ACE” globally in the Oracle ACE Program at year 2004 and as one of the biggest professional achievement in his career he was honoured as one of the first “OCM Database Cloud Administrator” & Maximum Availability OCM in the world. Currently Joel works as Chief Technologist in “Yunhe Enmo (Beijing) Technology Co.,Ltd”., company located in Beijing, China www.Enmotech.com