TLDR – Fresh Linux instance created on Oracle Cloud does not come with a password. You’re expected to login with a certificate the first time. The following covers resetting the password via console allowing you to login to the instance via the console.
Disclaimer – I work for Oracle in the cloud support group, this post is my point of view and not Oracles, but I work there so respect to the company!
Connecting to the Instance Console
I’m assuming you’ve created a fresh Linux instance. I, of course, picked Oracle Linux, because, work there, hello. I named my instance something with Happy in the name because everything is happy with me; Much like everything is awesome with Emmet.
Step 1. Open you Happy instance and click Create Console Connection.
If you don’t already have a key pair you’ll need to generate one. In a bash shell run SSH-KEYGEN to generate public and private key pair files. In the following image, I generate the key by running ssh-keygen from a /.ssh folder under my user folder. The only input I’m providing is a file name and a key phrase. You can see there are two files generated in the folder. HappyKey the private key, and HappyKey.pub the public key. Drag the public key file into cert box of the Create Console Connection box and click Create Console Connection.
Click on the three dots next to your console connection and select Connect with SSH. For me, I’m on MAC, so I select Linux/MAC OS. You could use this same command on Windows if you download and install Ubuntu from the Microsoft store, or you the enable the Linux for Windows bash console. Click the Copy button to copy the connection string.
The string you copy will not work based on the steps in this post. You have to modify the string. This bugs me and I am going to go on a mission to fix this page, give me time I’ve only been Oracle a month so far. The string assumes you’ve loaded the private certificate into your cert store and will be presented it from the from the store. Following the steps here and our documentation we don’t do that, you only generate the files.
To present the key from a file you have use -i option for the SSH command to present the key from a file. You need to add a -i in two places. Below you can see what you get, and what it looks like after you’ve added the -i and fixed the command.
ssh -o ProxyCommand='ssh -W %h:%p -p 443 email@example.com' ocid1.instance.oc1.eu-frankfurt-1.abtheljrgiyd4ccauxi2iybpq7b7uolaergswsfa3dcexwqn5jb62bpqlkvq ssh -i ./.ssh/HappyKey -o ProxyCommand='ssh -W %h:%p -p 443 -i ./.ssh/HappyKey firstname.lastname@example.org' ocid1.instance.oc1.eu-frankfurt-1.abtheljrgiyd4ccauxi2iybpq7b7uolaergswsfa3dcexwqn5jb62bpqlkvq
Next Step. Take the fixed SSH string above and paste it into a console window. I’ve used this key before so it did not ask me for the passphrase in the screen capture. The first time you use the key you’ll need to enter the passphrase. You’ll also not see the login prompt until you hit enter a few times to get the attention of the console. Now we have a console connection where we could login with the OPC default user account. If only we knew the password. Sad face we don’t know what the password is yet.
Resetting the OPC user password via the console
With your open console connection, you want to go back to the webpage where you built the console connection and reboot your instance, by clicking on the Reboot button.
Once you click Reboot go back to the terminal window and click on it to make it the active application. You’ll see the Linux stop and reboot routine scroll past the console eventually you’ll see the GRUB menu – From the GRUB menu take the following steps:
- As soon as you see the GRUB boot menu, use the up/down arrows to stop the process, enabling you to use the boot menu.
- In the boot menu, highlight the top item in the menu, and press e to edit the boot entry.
- In edit mode, scroll down until you reach the line that starts with either linuxefi and add the following to the line: init=/bin/bash
- You don’t need to save the file. Reboot the instance using keyboard shortcut CTRL+X.
- After the instance has rebooted, you’ll see the Bash prompt – Now you have cosmic powers to the instance, play safe and only do what you understand. Maybe even take a snapshot before if you care about the instance.
- Run the following command to load the Linux policies to preserve the files you’re about to modify: /usr/sbin/load_policy -i //NOTE// If you skip this step you will not able to login to your instance via SSH or console and you’ll be sad.
- The following command will remount the root partition into read and write mode so you can modify the password files : /bin/mount -o remount, rw /
- The following command will reset the password of the OPC default user account: sudo passwd opc
- After the password has been reset you’re done. Reboot the machine with the following command : sudo reboot -f
Now you’ve done all of the needful and you should be to login to your Linux instance from the console after the reboot. YEAH!!! life is good happy Linux stuff doing is now in your future.
11 thoughts on “Login to New OCI Linux Instance via Console”
I tried your method, but my machine got stuck every time, another way to accomplish this is to use an init-cloud script, something like this:
Hope it helps someone,
I’ve run into a few instances where we could not get to the GRUB menu. I’ve been looking for a work around for that. I’ll try your sugestion and add pictures to the how too. Thanks for the suggestion.
Not sure if you ever tried it, but i just noticed that the indentation is all wrong on my comment, as is it will not work, you need to use the right indentation
just in case the comment box remove the indentation again, here is a link you can use: https://blog.scottlowe.org/2015/11/09/changing-passwords-cloud-init/
This is helpful in a sense that I no longer feel stupid and alone in this vain attempt to serve Larry’s vendetta against AWS. But it did not work… sorry I got a bunch of errors after step 4, and had to kill the instance. Going back to Amazon – can’t afford spending so much time on just trying to connect to this Gen2 nonsense. Thanks for trying though. The -i thing is fixed already, but the opc password remains a mystery, and the documentation and lack of any other help are very good signals against using Oracle infrastructure cloud in any foreseeable future.
What shape and OS were you working with, and what error did you run into? Maybe I can make my directions better.
Thanks Kevin! I was able to connect by re-reading instructions similar to yours at https://oracle.github.io/learning-library/oci-library/L200-LAB/Compute-Console-Connection/HOL-Console-Connection.html
I had to get to GRUB through VNC but then use SSH for actually seeing the bash prompt. Otherwise, VNC was giving me a bunch of what seemed like load errors (I mentioned earlier). So after that I was able to reset the opc password. I was connecting from Windows system… Why none of this stuff is in Oracle official doc’s?
That really helped, thanks
Hello. I had the same problem. I had to recover the access to the instances and GRUB menu was hidden as well so I couldn’t do it from console connection. So the only way that worked for me was to stop the instance and detach the boot volume. Then you can attach that boot volume to another instance with similar operating system, as a data volume to troubleshoot it. Mount the boot volume attached in a temprary folder of the host machine and finally create a new ssh keys pairs and put into the .ssh folder. After resolving the issue, you can then deattach and reattach it to the original instance or use it to launch a new instance. Worked perfectly.
The full solution is described in these documents: https://support.oracle.com/knowledge/Oracle%20Linux%20and%20Virtualization/2336058_1.html
Using Oracle Linux Server 8.6 I never get shown the GRUB menu (be it VNC or ssh). Not quite sure what to do (other than inject the key at startup?)