Login to New OCI Linux Instance via Console

TLDR – Fresh Linux instance created on Oracle Cloud does not come with a password. You’re expected to login with a certificate the first time. The following covers resetting the password via console allowing you to login to the instance via the console.

Disclaimer – I work for Oracle in the cloud support group, this post is my point of view and not Oracles, but I work there so respect to the company!

Connecting to the Instance Console

I’m assuming you’ve created a fresh Linux instance. I, of course, picked Oracle Linux, because, work there, hello. I named my instance something with Happy in the name because everything is happy with me; Much like everything is awesome with Emmet.

Step 1. Open you Happy instance and click Create Console Connection.

Screen Shot 2019-03-07 at 10.33.46.png

If you don’t already have a key pair you’ll need to generate one. In a bash shell run SSH-KEYGEN to generate public and private key pair files. In the following image, I generate the key by running ssh-keygen from a /.ssh folder under my user folder. The only input I’m providing is a file name and a key phrase. You can see there are two files generated in the folder. HappyKey the private key, and HappyKey.pub the public key. Drag the public key file into cert box of the Create Console Connection box and click Create Console Connection.

Screen Shot 2019-03-07 at 10.44.45.png

Click on the three dots next to your console connection and select Connect with SSH. For me, I’m on MAC, so I select Linux/MAC OS. You could use this same command on Windows if you download and install Ubuntu from the Microsoft store, or you the enable the Linux for Windows bash console. Click the Copy button to copy the connection string.

Screen Shot 2019-03-07 at 10.50.21.png

The string you copy will not work based on the steps in this post. You have to modify the string. This bugs me and I am going to go on a mission to fix this page, give me time I’ve only been Oracle a month so far. The string assumes you’ve loaded the private certificate into your cert store and will be presented it from the from the store. Following the steps here and our documentation we don’t do that, you only generate the files.

To present the key from a file you have use -i option for the SSH command to present the key from a file. You need to add a -i in two places. Below you can see what you get, and what it looks like after you’ve added the -i and fixed the command.

ssh -o ProxyCommand='ssh -W %h:%p -p 443 ocid1.instanceconsoleconnection.oc1.eu-frankfurt[email protected]instance-console.eu-frankfurt-1.oraclecloud.com' ocid1.instance.oc1.eu-frankfurt-1.abtheljrgiyd4ccauxi2iybpq7b7uolaergswsfa3dcexwqn5jb62bpqlkvq

ssh -i ./.ssh/HappyKey -o ProxyCommand='ssh -W %h:%p -p 443 -i ./.ssh/HappyKey ocid1.instanceconsoleconnection.oc1.eu-frankfurt[email protected]instance-console.eu-frankfurt-1.oraclecloud.com' ocid1.instance.oc1.eu-frankfurt-1.abtheljrgiyd4ccauxi2iybpq7b7uolaergswsfa3dcexwqn5jb62bpqlkvq

Next Step. Take the fixed SSH string above and paste it into a console window. I’ve used this key before so it did not ask me for the passphrase in the screen capture. The first time you use the key you’ll need to enter the passphrase. You’ll also not see the login prompt until you hit enter a few times to get the attention of the console. Now we have a console connection where we could login with the OPC default user account. If only we knew the password. Sad face we don’t know what the password is yet.

Screen Shot 2019-03-07 at 11.07.01.png

Resetting the OPC user password via the console

With your open console connection, you want to go back to the webpage where you built the console connection and reboot your instance, by clicking on the Reboot button.
Once you click Reboot go back to the terminal window and click on it to make it the active application. You’ll see the Linux stop and reboot routine scroll past the console eventually you’ll see the GRUB menu – From the GRUB menu take the following steps:

  1. As soon as you see the GRUB boot menu, use the up/down arrows to stop the process, enabling you to use the boot menu.
  2. In the boot menu, highlight the top item in the menu, and press e to edit the boot entry.
  3. In edit mode, scroll down until you reach the line that starts with either linuxefi and add the following to the line: init=/bin/bash
    Screen Shot 2019-03-07 at 11.55.30.png
  4. You don’t need to save the file. Reboot the instance using keyboard shortcut CTRL+X.
  5. After the instance has rebooted, you’ll see the Bash prompt – Now you have cosmic powers to the instance, play safe and only do what you understand. Maybe even take a snapshot before if you care about the instance.
  6. Run the following command to load the Linux policies to preserve the files you’re about to modify: /usr/sbin/load_policy -i  //NOTE// If you skip this step you will not able to login to your instance via SSH or console and you’ll be sad.
  7. The following command will remount the root partition into read and write mode so you can modify the password files : /bin/mount -o remount, rw /
  8. The following command will reset the password of the OPC default user account: sudo passwd opc
  9. After the password has been reset you’re done. Reboot the machine with the following command : sudo reboot -fScreen Shot 2019-03-07 at 11.58.58.png

Now you’ve done all of the needful and you should be to login to your Linux instance from the console after the reboot. YEAH!!! life is good happy Linux stuff doing is now in your future.

Screen Shot 2019-03-07 at 12.01.21.png

Leave a Reply

%d bloggers like this: