Before You Begin
Purpose
This tutorial shows you how to change your private key format, to use with PuTTY, which is a Secure Shell (SSH) client for Windows that can connect to a remote machine. If you're using SSH on Linux, then this tutorial isn't for you.
Time to Complete
Approximately 10 minutes
Background
PuTTY doesn't support the SSH private key format created by the Oracle Cloud wizards, so you have to convert the private key to the PuTTY required format. To connect to a remote machine with PuTTY, your private key should have a ppk
format.
What Do You Need?
- Windows
- PuTTY http://www.PuTTY.org
- An SSH private key file unzipped from the ssheybundle.zip, provided when you created an Oracle Cloud service instance
Run the PuTTYgen
After you download and install PuTTY:
- Make a copy of your private key just in case you lose it when changing the format.
- From the Start menu, go to All Programs then PuTTY and then PuTTYgen and run the PuTTYgen program.
- In the Parameters section:
- For Type of Key to generate, select SSH-2 RSA.
- For Number of bits in a generated key, leave the default value of
2048
.
- Click Load.
Changing the Format of the SSH Key
For this tutorial, we assume that you already created an Oracle Cloud service instance named DB12C-ABC. and that you have a privateKey
file unzipped from the sshkeybundle.zip
that's generated when creating the service instance.
If you don't have these, then create a cloud service instance and generate a public/private key pair for it.
Note: Some Oracle Public Cloud services such as Oracle Storage Cloud Service don't provide access to their VMs with private keys. Instead you use REST API calls to access the service. This tutorial is for cloud services that allow SSH access to their VMs and therefore, you create a public/private key for the SSH access.
- Change the PuTTY Private Key Files (*.ppk) drop-down menu option to All Files (*.*).
- Find and select the Private Key file that you unzipped from the sshkeybundle.zip file, after you created an Oracle Cloud service instance. In this example, it's called privateKey.
- Click Open.
- In the PuTTYgen Notice dialog box, click OK.
- Change the key comment from imported-openssh-key to something meaningful. This comment appears on your PuTTY screen when you connect to your VM.
- Click Save private key.
- In the PuTTYgen Warning dialog box, click Yes.
- Name the privateKey.ppk file and save as type .ppk (PuTTY Private Key Files), by entering the .ppk extension. This ensures that you aren't overwriting the original private key.
- Click Save, close the PuTTY Key Generator window and remember the location of the private key file for future use.
Another option is to convert the ppk format to an OpenSSH format using the PuTTygen program performing the following steps:
Note: The warning message suggests that you use a passphrase for extra privacy so no one can access the instance with just the private key. However, having a passphrase makes it complicated to automate, so decide whether or not to add a passphrase in the field.
If you decide to enter a passphrase, then remember it, because you can't access the instance without it.
Note: If you're planning to use the private key with the ppk format for a SOCKS5 proxy connection on Linux, then you must set a passphrase. An easier way is to use the private key without the ppk format.
- Run the puTTygen program.
- Click Load.
- Select your private key that ends in .ppk and then click Open.
- Click the Conversions menu option.
- Click Export OpenSSH key.
- If you want a passphrase, enter it in the Key passphrase field and confirm it. Ensure that you know this passphrase later, because it's not retrievable.
- If you didn’t choose a passphrase, confirm that you don’t want one.
- Give your private key a new name. For example SSHprivateKey and then click Save.
- Close the puTTygen program.
- Confirm that your new private key has been saved in the location that you specified.