Removing an SSH Public Key

Should the need arise, you can remove an SSH public key from your Oracle Database Exadata Cloud Service environment. After you remove the public key, you can no longer use the matching private key to connect to a compute node using SSH as either the opc or the oracle user.

To remove an SSH public key you must edit the authorized_keys files for the opc and oracle users on every compute node in your Exadata Cloud Service environment.


The following describes the procedure for each compute node and must be repeated across your compute nodes.

To remove an SSH public key on a compute node:

  1. Connect to the compute node as the opc user.

    See Connecting to a Compute Node Through Secure Shell (SSH).

  2. Start a root-user command shell:

    $ sudo -s
  3. Delete the line containing the SSH public key that you want to remove from the authorized_keys files associated with the opc user (/home/opc/.ssh/authorized_keys) and the oracle user (/home/oracle/.ssh/authorized_keys).


    The authorized_keys files may contain numerous keys and altering or removing the wrong key may result in a loss of functionality. To minimize the likelihood of an error make a copy of each authorized_keys file before making any modification. Also, rather than deleting the line containing the public key that you wish to remove, you can disable the key by tagging it with the @revoked marker. For example:
    @revoked ssh-rsa AAAAB5W...
  4. Exit the root-user command shell:

    # exit