Regain Access to Oracle Instance
If you lose access to an instance (e.g. by forgetting/losing your SSH keys, or a server update breaks SSH access due to file permission changes) then you can try the following options, in order of increasing effort.
For future reference, tailscale's wonderful ssh feature would mitigate this too since accessing your ssh server via tailscale's ssh feature safely bypasses key authentication anyway.
Use the OCI Console to login
If you followed best practices and created a password for a local account (with sudo rights) then use the OCI Console to connect to your instance from a browser, and fix the issue.
Boot into Single User Mode
You can use the instance's serial console to boot into Single User Mode, and from there you should have the access to fix whatever needs fixing.
Follow the instructions in Oracle's documentation:
Use a Bastion
Thanks to reddit user Need2Survive, this works nicely (original post):
- Create a bastion in the same VCN (it's free)
- Create a bastion session into the corrupted host by generating or adding a known key
- Copy the SSH command generated and connect by replacing the <privateKey> part (2 times)
- You will be logged into the instance.
- Fix the issue(s) e.g. by editing /home/opc/.ssh/authorized_keys
Using Another Instance
the least fun of all, but good as a last resort (assuming you can spin up a new instance or reuse an existing one). Again thanks to user Needs2Survive.
- Terminate instance preserving boot volume
- Bring up another Linux instance from scratch
- Attach the boot volume as additional volume, run attach commands and mount it
- Edit the file /home/opc/.ssh/authorized_keys to add the required key
- Disconnect and detach the additional volume
- Terminate the second instance
- Create new instance from the fixed boot volume