Skip to main content

Create New OS User, Enable SSH and Generate Key Pair in OCI Compute Instance


=> Here I am creating a user called xxtomcat under new group xxtomcat

Note: Below commands to be run as root user. Login as opc and switch to root

[opc@oci-compute-host-001 ~]# sudo su - root

[root@oci-compute-host-001 ~]# groupadd xxtomcat

[root@oci-compute-host-001 ~]# useradd -g xxtomcat -d /home/xxtomcat xxtomcat

[root@oci-compute-host-001 ~]# id xxtomcat

uid=54324(xxtomcat) gid=54332(xxtomcat) groups=54332(xxtomcat)

[root@oci-compute-host-001 ~]#


=> Create .ssh directory under $HOME directory and give 0700 permissions. 

Note 1 : Below commands should be run as xxtomcat user

Note 2 : These permissions are required for Public and Private Key authentication to work.

[xxtomcat@oci-compute-host-001 ~]$ mkdir .ssh

[xxtomcat@oci-compute-host-001 ~]$ chmod 0700 .ssh

[xxtomcat@oci-compute-host-001 ~]$ cd .ssh


=> Create authorized_keys under .ssh directory and give 0600 permissions

Note 1 : Below commands should be run as xxtomcat user

Note 2 : These permissions are required for Public and Private Key authentication to work.

[xxtomcat@oci-compute-host-001 .ssh]$ touch authorized_keys

[xxtomcat@oci-compute-host-001 .ssh]$ chmod 0600 authorized_keys

[xxtomcat@oci-compute-host-001 .ssh]$ ls -ltr

total 4

-rw------- 1 xxtomcat xxtomcat 398 Apr 12 12:28 authorized_keys

[xxtomcat@oci-compute-host-001 .ssh]$


=> Disable Password Expiry for xxtomcat user


[root@oci-compute-host-001 ~]# chage -m 0 -M 99999 -I -1 -E -1 xxtomcat

[root@oci-compute-host-001 ~]# chage -l xxtomcat

Last password change                                    : Apr 28, 2022

Password expires                                        : never

Password inactive                                       : never

Account expires                                         : never

Minimum number of days between password change          : 0

Maximum number of days between password change          : 99999

Number of days of warning before password expires       : 7

[root@oci-compute-host-001 ~]#


=> Enable SSH for the user

Note: Below commands to be run as root user. Login as opc and switch to root

Add the entry AllowUsers xxtomcat at the end of /etc/ssh/sshd_config file

[root@oci-compute-host-001 ~]# grep -i AllowUsers /etc/ssh/sshd_config

AllowUsers xxtomcat

[root@oci-compute-host-001 ~]#


=> Restart sshd service

[root@oci-compute-host-001 ~]# /sbin/service sshd restart


=> To login the server from Putty directly as xxtomcat user, you have to generate Public and Private Key Pair using Putty Key Gen Tool

Make sure below 3 default values are selected in PuttyGen Tool

















=> Click on Generate

Generate some randomness by hovering mouse on the blank area





 






















=> Copy the public key content and paste it in the authorized_keys file in the server as xxtomcat user $HOME/.ssh/authorized_keys

Note: Do not click on save public key, as this will save in putty supported format


=> Click on Save private key to save the private key in Putty supported format .ppk


=> Login to the server through putty as xxtomcat user by providing private key file 


=> Enter the server IP address



=> Select the Private Key : SSH => Auth => Private Key
















=> Login as xxtomcat user












Labels:

Comments

Post a Comment

Popular posts from this blog

Data Safe - Introduction

Oracle Data Safe - Practical Guide Oracle Data Safe learner guide Oracle Data Safe Assess risk, discover sensitive data, audit activity, and mask safely It focuses on what Data Safe helps you do operationally: review security posture, find risky identities, centralize auditing, locate sensitive data, and produce safer non-production copies. Contents 01 Why Data Safe matters 02 Where it fits 03 Capability map 04 Assessments 05 Activity Auditing 06 Discovery and Masking 07 Operating model 08 First 30 days 09 Knowledge check Section 01 Why Data Safe matters Database security work is often fragmented. One process checks configuration drift, another stores audit logs, another team scans for PII, and another team writes masking logic for test refreshes. Data Safe is useful because it turns those separate jobs into one security workflow. Key idea The best way to think about Data Safe is as a control plane for database security posture: assess the target, identify risky accounts, d...
Post a Comment
Read more

Testing Different Access Paths : Concatenated Index

Oracle Concatenated Indexes - Practical Deep Dive Oracle concatenated index deep dive Concatenated Indexes How composite indexes really work, why column order matters, and when skip scan changes the story Concatenated indexes, also called composite indexes, are easy to explain badly and surprisingly rich to explain well. The usual summary is “Oracle can use the index only when the leading column is present,” but that is only the starting point. To design them properly, you need to think about leading portions, equality versus range predicates, ordering requirements, skip scan eligibility, covering behavior, and whether one composite index can replace several single-column indexes in a given workload. Contents 01 What concatenated indexes are 02 Leading edge and leading portion 03 Why column order matters 04 Skip scan and when it helps 05 Access patterns and plan reading 06 Covering and sort elimination 07 Design rules that actually hold 08 Common mistakes 09 End-to-end demo 1...
Post a Comment
Read more

Database Replay - Real Application Testing (RAT)

Oracle Database Replay and RAT - Practical Deep Dive Oracle Database Replay deep dive Database Replay and Real Application Testing How to validate upgrades, patches, migrations, and risky changes with real workload behavior Database Replay is one of the most practical risk-reduction tools in the Oracle DBA toolbox. Instead of trusting synthetic benchmarks, isolated SQL tests, or intuition, you capture a real production workload, restore a test system to the same logical starting point, replay that workload, and analyze whether performance, errors, timing, and transactional behavior still look safe. Contents 01 What RAT actually is 02 Why Database Replay matters 03 End-to-end workflow 04 Capture design and prerequisites 05 Preprocess, calibrate, replay 06 Reading the results well 07 Pitfalls and unreplayable work 08 Database Replay vs SPA 09 Practical playbooks 10 Knowledge check Section 01 What Real Application Testing actually is Real Application Testing, usually shortened...
Post a Comment
Read more