Creating a Key Pair

Linux instances use an SSH key pair instead of a password to authenticate a remote user. A key pair file contains a private key and public key. You keep the private key on your computer and provide the public key when you create an instance. When you connect to the instance using SSH, you provide the path to the private key in the SSH command.

Caution

Anyone who has access to the private key can connect to the instance. Store the private key in a secure location.

If you're connecting to your instance from a computer that has OpenSSH installed, you can use a key pair that is generated by Oracle Cloud Infrastructure instead of creating your own key pair.

This topic describes how to create SSH format keys for connecting to the instance you create in this tutorial. To connect to an instance created by someone else, ask that person to add you to the instance (see Adding Users to an Instance ). To reference the instance in an API call, you will need a PEM format key instead (see Required Keys and OCIDs).

Before You Begin

  • If you will connect to your instance from a Windows system using OpenSSH or from a UNIX-based system, you can use a key pair that is generated by Oracle Cloud Infrastructure and skip this step. OpenSSH should be installed on Windows 10 and Windows Server 2019. Proceed to Choosing a Compartment.
  • If you already have an SSH-2 RSA key pair, you can use your existing key pair and skip this step. Proceed to Choosing a Compartment.
  • If you will connect to your instance from a Windows system that does not have OpenSSH, download and install the PuTTY Key Generator from http://www.putty.org.

Creating an SSH Key Pair on Windows Using PuTTY Key Generator

  1. Find puttygen.exe in the PuTTY folder on your computer, for example, C:\Program Files (x86)\PuTTY. Double-click puttygen.exe to open it.
  2. Specify a key type of SSH-2 RSA and a key size of 2048 bits:

    • In the Key menu, confirm that the default value of SSH-2 RSA key is selected.
    • For the Type of key to generate, accept the default key type of RSA.
    • Set the Number of bits in a generated key to 2048 if it is not already set.
  3. Click Generate.
  4. Move your mouse around the blank area in the PuTTY window to generate random data in the key.

    When the key is generated, it appears under Public key for pasting into OpenSSH authorized_keys file.

  5. A Key comment is generated for you, including the date and time stamp. You can keep the default comment or replace it with your own more descriptive comment.
  6. Leave the Key passphrase field blank.
  7. Click Save private key, and then click Yes in the prompt about saving the key without a passphrase.

    The key pair is saved in the PuTTY Private Key (PPK) format, which is a proprietary format that works only with the PuTTY tool set.

    You can name the key anything you want, but use the ppk file extension. For example, mykey.ppk.

  8. Select all of the generated key that appears under Public key for pasting into OpenSSH authorized_keys file, copy it using Ctrl + C, paste it into a text file, and then save the file in the same location as the private key.

    (Do not use Save public key because it does not save the key in the OpenSSH format.)

    You can name the key anything you want, but for consistency, use the same name as the private key and a file extension of pub. For example, mykey.pub.

  9. Write down the names and location of your public and private key files. You will need the public key when launching an instance. You will need the private key to access the instance via SSH.