How to access Oracle Cloud Instance via SSH

Oracle is one of the popular computer software application company. You might have heard about it while using its popular opensource products such as Oracle Virtual Box and Mysql Database. However, here we are going to talk about Oracle Cloud Service which comes in two schemes one is forever free plan with the limited feature but workable computing resources while other is paid one with all computing power chargeable as you use them.

Recently, I signed up for a free Oracle cloud account and created an Ubuntu instance, well other Linux images are also available including Windows (only in paid service).  Indeed connecting a cloud instance via ssh is not rocket science, like most of the Cloud servers the same is here as well. However, with Oracle SSH private key you might face permission related problems that need to be addressed to control and manage the cloud instance via SSH.

Note: To use Oracle Cloud via SSH you ought to have downloaded SSH private key while creating the instance.

Once you have the Private SSH key to connect Oracle cloud instance using the Windows command terminal, you would see an error:

Permissions for 'C:\\Users\\xxx\\Desktop\\ssh-key-xx .key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "C:\\xxx\\Desktop\\ssh-key-xx.key": bad permissions
ubuntu@xx.xxx.xxx.xx: Permission denied (publickey).

Windows SSH: Permissions for 'private-key' are too open

The above error appeared when I tried to access the cloud VM using the downloaded SSH key. It was because being a private key it can’t be accessed by too many users. I mean the permission of this file should be limited to the only key users of the system that would be the Admin or the user of your system who is trying to connect the Oracle cloud via SSH.

Therefore, if you are on Windows 10/8/7, follow the below steps:

  1. First right click on the downloaded SSH.key file and select properties.
  2. Click on the Security Tab.
  3. Next, click on the Advanced button to change the permission of the file.
  4. Now, Disable the Inthertance for the file using the dedicated button given on the left side bottom.
  5. Select option: Convert Inherited permissions into explicit permissions to this object.
  6. After that, select the users available in the list and click on the Remove button.
  7. In this way, remove all the users except the one which you want to use to access the SSH key and connection established using it.
  8. Once you have done all this, click on the Apply button to make changes.
  9. Now open the Command Terminal on your Windows OS.
  10. Enter the SSH command syntax in the following way.
 ssh -i "ssh.key-filepath" cloud-instace-username@ip-address

for example in our case:

 ssh -i "C:\Users\Raj\Desktop\ssh-key-2020-07-14 (1).key" ubuntu@129.146.246.31

Screenshot for above-given steps:

Security Tab⇒Advanced

Select SSH key file properties

Click Disable inheritance button

Remove SSH provate key too open permission error min

Select ” convert inherited permissions….”

Disable Inheritence min

Except your current user remove all of them.

Remove Windows users min

Private SSH key to connect Oracle cloud instance

Using WSL or Linux

However, on WSL running above Windows 10 or in Linux platforms you don’t need to change the permission because using sudo is enough to run the SSH and connect the same without any error.

Note: See how to mount Windows drives in WSL

For example:

sudo  ssh -i ssh.key-filepath instace-username@ip-address

Whereas those don’t want to use sudo on WSL, they can copy the file to WSL Linux app directory and then use chmod to change permission

sudo cp <path-to-your-key> /

Change the permission

sudo chmod 655 ssh-filename.key-path

Note: Replace- ssh-filename.key-path with your ley file path.

Run the ssh command without sudo now.

ssh -i ssh.key-filepath instace-username@ip-address

use Linux ssh to connect Oracle Cloud Instance

Read More:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.