OCK Image User

Describes the ocne user set up in the OCK image, and how to configure it.

To interact directly with a node, use its console. For information on connecting to a node's console, see Accessing a Node's OS Console.

If a node fails and its console is inaccessible, you can SSH into the node as the ocne user. The ocne user is predefined in the OCK image.

Important:

When you SSH into a node, it returns the node's kubeconfig file and the SSH connection immediately closes. Full access to the node is only possible using its console.

By default, the ocne user authenticates with the cluster nodes through SSH using an RSA public key in $HOME/.ssh/id_rsa.pub.

To create an SSH2 RSA key pair, run the following command:

ssh-keygen

Follow the prompts to generate and store the RSA key pair:

Generating public/private rsa key pair.
      Enter file in which to save the key (/home/user/.ssh/id_rsa): <Enter>
      Created directory '/home/user/.ssh'.
      Enter passphrase (empty for no passphrase): password
      Enter same passphrase again: password
      Your identification has been saved in /home/user/.ssh/id_rsa.
      Your public key has been saved in /home/user/.ssh/id_rsa.pub.
      The key fingerprint is:
      5e:d2:66:f4:2c:c5:cc:07:92:97:c9:30:0b:11:90:59 user@host01
      The key's randomart image is:
      +--[ RSA 2048]----+
      |      .=Eo++.o   |
      |      o  ..B=.   |
      |          o.= .  |
      |         o + .   |
      |        S * o    |
      |       . = .     |
      |        .        |
      |       .         |
      |                 |
      +-----------------+

To authenticate using a different method, configure one of the following options in either the CLI defaults configuration file, or a cluster configuration file:

password

A hashed password for the OCK image user (ocne) to authenticate with cluster nodes. For example: 

password: $6$jfkldjfsd$n1YMnpdxlGXO...

Surrounding the password with quotes is optional.

You can use the openssl utility to create a hashed password. For example, to generate a hashed password with the SHA512 algorithm and an automatic salt: 

openssl passwd -6 -salt password

To generate a SHA512 hashed password using the provided salt phrase:

openssl passwd -6 -salt saltphrase password
sshPublicKey

The public key of an RSA key pair for the OCK image user (ocne). Paste the contents of the public key file.

For example:

sshPublicKey: | 
    ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAA...
sshPublicKeyPath

The path to the public key of an RSA key pair for the OCK image user (ocne) to authenticate with cluster nodes. 

sshPublicKeyPath: /home/username/.ssh/id_rsa.ocne

For information about these configuration file options, see Cluster Configuration Files and Oracle Cloud Native Environment: CLI.