Accessing a VM Through a Secure Shell (SSH)
You can access the service instance's VMs by logging into the VM as the opc
user through SSH. You can use any SSH utility you want. For example, if you are using Windows, you might use PuTTY; if you are using Linux, you might use OpenSSH.
Note:
Only the opc
user can remotely connect to your VMs. You can not use SSH to connect to a VM as the oracle
user. After successfully connecting to a VM, tasks such as starting and stopping the server and accessing the administrative logs should only be performed by the oracle
user.
Understanding SSH Keys
To access an Oracle API Platform Cloud Service - Classic virtual machine (VM) with a secure shell (SSH) client, you must create a public/private key pair and configure the service instance with the public key.
When you create an Oracle API Platform Cloud Service - Classic instance, you are prompted to supply the public key. You can either provide an existing public key that you previously created with an external tool, or Oracle API Platform Cloud Service - Classic can create a new key pair for you. To connect to a VM in an Oracle API Platform Cloud Service - Classic instance, you supply the paired private key when logging in to the machine using an SSH client.
You may also use the same SSH public/private key pair that you used for creating an Oracle Database Cloud Service database deployment.
See also:
Generating a Secure Shell (SSH) Public/Private Key Pair
Several tools exist to generate SSH public/private key pairs. The following sections show how to generate an SSH key pair on UNIX, UNIX-like and Windows platforms.
Connecting to an Administration Server or Load Balancer VM
You can access an Administration Server or a Load Balancer VM through a secure shell (SSH) utility.
To access a VM through SSH:
Connecting to a Managed Server VM
You can access a Managed Server VM through a secure shell (SSH) utility by using the Administration Server VM as a proxy.
Alternatively, you can connect to the Administration Server VM with SSH, and from within this SSH session start another SSH connection to the Managed Server VM.
To connect to a Managed Server VM by using the proxy method:
Creating an SSH Tunnel
An SSH tunnel to an Oracle API Platform Cloud Service - Classic VM enables you to connect to other non-public ports on the VM though a port your local machine.
If a resource provided by a VM uses a port that is not directly accessible through the Internet, you can access that resource by creating an SSH tunnel to the port.
In general an SSH tunnel may map a remote port to any available port number on your local machine. However, port 9001 on the Administration Server uses JMX/RMI for communication, which requires that the remote and local port numbers be the same value. Therefore, the following instructions configure the tunnel’s local port number to the same value as the VM’s port number.
To set up an SSH tunnel to a VM:
Applications running on your local machine can now communicate with the VM by using localhost:port
, where port is the local port number.
For example, after creating an SSH tunnel to port 9001 on the Administration Server VM, launch a web browser and connect to http://localhost:9001/console
.
Note:
After your work with the SSH tunnel is complete, perform a<ctrl> C
to shut down the SSH tunnel.
Switching VM Users
You can change users on an Oracle API Platform Cloud Service - Classic VM in order to perform specific administration tasks.
You must SSH to a VM only as the opc
user. This user has root privileges on the OS running in the VM. For example, opc
can be used to create other OS users on a VM. Simply prefix root operations with the sudo
command. For example:
sudo useradd myuser
Note:
There is no default password for theopc
user.
Switching to Oracle
The oracle
VM user has regular OS user permissions. It is intended to be used to start and stop Oracle products that have been installed on the VM, or to run other Oracle applications and utilities on the VM.
Type the following to become the oracle
user:
sudo su - oracle
Note:
There is no default password for theoracle
user.
Switching to Root
An alternative to using the sudo
command to perform root OS operations with the opc
user is to switch to the root
user.
Type the following to become the root
user:
sudo -s
Note:
Avoid using theroot
user except to perform privileged OS administration tasks.