How To Connect To An Oracle Cloud Infrastructure(OCI) or OCI-Classic Linux Instance Using SSH Password Authentication Instead Of SSH Keys
How to use password based authentication instead of ssh keys to log into a Linux OCI or OCI-C instance.
Note
SSH key-pair authentication is more secure than password-based authentication, and it is the recommended configuration for a user logging in to an instance via ssh. It is assumed that the user account you want to change to using password-based authentication already exists and has previously been configured to use an SSH key-pair to log in to the instance.
SSH key-pair authentication is more secure than password-based authentication, and it is the recommended configuration for a user logging in to an instance via ssh. It is assumed that the user account you want to change to using password-based authentication already exists and has previously been configured to use an SSH key-pair to log in to the instance.
Note
Enabling password based authentication for a specific user does not prevent them from using a correctly configured SSH key-pair to log in to an instance via ssh, it just adds an additional method of authentication that the user can use when logging in via ssh to the instance.
Enabling password based authentication for a specific user does not prevent them from using a correctly configured SSH key-pair to log in to an instance via ssh, it just adds an additional method of authentication that the user can use when logging in via ssh to the instance.
- Log in to the instance using the regular SSH key-pair method with a user account with administration privileges, such as the opc user account.
- Set a password for the user account you want to configure to use password
authentication:
# sudo passwd <username> - Create a back up copy of /etc/ssh/sshd_config, in case you need to revert
back to the original
sshd_config.
# cp /etc/ssh/sshd_config ~/sshd_config.bak - Edit the /etc/ssh/sshd_config file and change the "PasswordAuthentication"
line to "yes":
PasswordAuthentication yes - Check that the user account you have set a password for has been added to
the "AllowUsers" line in /etc/ssh/sshd_config file.
AllowUsers opc username - Test the sshd_config file is valid by
running:
# sudo /sbin/sshd -t - If the sshd configuration is valid, this command should return no errors or
warnings. If no errors are returned, restart the sshd service.
- For Oracle Linux 6, the command to restart the sshd service
is:
# service sshd restart - For Oracle Linux 7, the command to restart the sshd service
is:
# systemctl restart sshd.service
- For Oracle Linux 6, the command to restart the sshd service
is: