I must thank my fellow DBA Sebastián D’Alessandro and Joel Pérez for his publication in Spanish OTN.
The objective of the article:-
In this article, we will see the steps necessary to generate and replace the set of SSH keys (public / private) associated with an Oracle Public Cloud Service, with a new one.
Background
Most “Oracle Public Cloud Services” provide their services based on virtual machines that users can access using SSH (Secure Shell) protocol. In order to use this communication protocol, when creating a new service in “Oracle Public Cloud”, we must associate a public key to the service instance. Then, when accessing the VM using SSH, we have to provide the corresponding private key. In this way, although others may know the IP address of the instance, there are no usernames or passwords involved. Conversely, anyone who wants to access the VM will have to provide their private key which makes this machine a highly secure communication method.
The Oracle Public Cloud Service wizard can generate the key pair (public / private) for us, which is useful if we do not have a game that we want to use. In case you want to update the pair of keys associated with a VM, we can do it through the console of “Oracle Public Cloud Service”.
Some “Oracle Public Cloud” services, such as “Oracle Storage Cloud Service”, DO NOT provide access to your virtual machines through “Secure Shell”. Instead, they use REST API calls to access the service. This article is oriented to cloud services that allow SSH access to their virtual machines and therefore require them to be provided a set of SSH keys (public / private).
To update the set of SSH keys we must first generate a new one and then replace it. In Part I of this article, we will focus specifically on the process of generating these keys.
Generation of keys
We assume that we already have a service instance with its associated set of keys. To replace them, we need to generate a new key pair first.
Process
1.- We already have a service instance that has a set of associated keys. In order to replace them, we need a new game.
2.- We provide our Identity Domain and press GO.
3.- Enter your username and password and then click “Sign In” to log in.
In the “MyServices” dashboard, click on the menu option for our Oracle Cloud service and then click on “Open Service Console”. In this article, we use as an example a service of Golden Gate Cloud Service (GGCS).
4.- In the “Services” page, click on “Create Service”. (We will not create the service, we just want to get to the key generator wizard).
5. In the service creation wizard, there is a field to enter the public key SSH (SSH Public key) or a field with a similar name. We click on the “Edit” button.