Removing an SSH Public Key
Should the need arise, you can remove an SSH public key from your Oracle Database Exadata Cloud Service environment. After you remove the public key, you can no longer use the matching private key to connect to a compute node using SSH as either the opc
or the oracle
user.
To remove an SSH public key you must edit the authorized_keys
files for the opc
and oracle
users on every compute node in your Exadata Cloud Service environment.
Note:
The following describes the procedure for each compute node and must be repeated across your compute nodes.To remove an SSH public key on a compute node:
-
Connect to the compute node as the
opc
user.See Connecting to a Compute Node Through Secure Shell (SSH).
-
Start a root-user command shell:
$ sudo -s #
-
Delete the line containing the SSH public key that you want to remove from the
authorized_keys
files associated with theopc
user (/home/opc/.ssh/authorized_keys
) and theoracle
user (/home/oracle/.ssh/authorized_keys
).Caution:
Theauthorized_keys
files may contain numerous keys and altering or removing the wrong key may result in a loss of functionality. To minimize the likelihood of an error make a copy of eachauthorized_keys
file before making any modification. Also, rather than deleting the line containing the public key that you wish to remove, you can disable the key by tagging it with the@revoked
marker. For example:@revoked ssh-rsa AAAAB5W...
-
Exit the root-user command shell:
# exit $