About Network Access to Database Cloud Service

Network access to the compute nodes associated with Oracle Database Cloud Service is primarily provided by Secure Shell (SSH) connections on port 22. Other network protocols and services may also be used, but may require additional configuration.

SSH Access on Port 22

SSH is a cryptographic network protocol that uses two keys, one public and one private, to provide secure communication between two networked computers. Port 22 is the standard TCP/IP port that is assigned to SSH servers, and on Database Cloud Service instances this port is accessible to external clients by default.

When creating a database deployment, you specify the public key on the Service page of the Create Instance wizard by:

  • Uploading a public key file.

    You can specify a file on your local system that contains the public key value.

  • Pasting the public key value.

    You can paste the public key value into a box provided by the wizard. If you do so, make sure the value does not contain line breaks or end with a line break.

  • Having the wizard generate a key pair for you.

    You can have the wizard create an SSH key pair and use the generated public key value. You download a zip file containing both the public key file and the private key file.

When you access a compute node using SSH, you must provide the private key that matches the public key specified when the database deployment was created.

To generate the SSH public/private key pairs needed to access Database Cloud Service, see Generating a Secure Shell (SSH) Public/Private Key Pair.

Access to Other Ports

Not Oracle Cloud Infrastructure This topic does not apply to Oracle Cloud Infrastructure.

Additional configuration may be required to access network protocols and services on a compute node by using a port other than port 22. You may:

  • Enable network access to the port

    You can use the Oracle Database Cloud Service console to enable access to a port on a compute node. See Enabling Access to a Compute Node Port

  • Create an SSH tunnel to the port

    Creating an SSH tunnel enables you to access a specific compute node port by using an SSH connection as the transport mechanism. To create the tunnel, you must have the SSH private key file that matches the public key specified during the database deployment creation process. See Creating an SSH Tunnel to a Compute Node Port.