Skip to content

Instantly share code, notes, and snippets.

@smoser
Last active February 5, 2020 15:10
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save smoser/43fcec463b66ce7cffd4ae9e8a7bbe67 to your computer and use it in GitHub Desktop.
ssh config for oracle cloud vnc/ssh connection

Oracle cloud ssh config for using console access.

Oracle cloud provides serial console access to both bare metal and virtual machines. This is very helpful. Access is provided over ssh, and looks something like:

ssh \
    -o ProxyCommand='ssh -W %h:%p -p 443 ocid1.instCUT.oc1.phx.abyhCUT@instance-console.us-phoenix-1.oraclecloud.com' \
    ocid1.instance.oc1.phx.abyhqljCUT

If you looked away and left the console inactive for a while you might try to reconnect and find:

channel 0: open failed: administratively prohibited: console access is limited to one connection at a time
Connection to ocid1.instance.oc1.phx.abyhqljtuuc26gq2cq34ghnlbb32i2pvhm5kn3qos closed.

To avoid this I have been trying to use a ssh config like this:

Host ocid*.instance* instance-console.*oraclecloud.com
  ServerAliveInterval=10

If that wasn't working for you, you might try setting TCPKeepAlive, but my experience is that ServerAliveInterval is sufficient.

Notes

  • When I enter the initramfs 'ash' shell, I'm not able to exit the ssh connection with Enter ~ . (EscapeChar). I've had to resort to killing the ssh processes with kill. A google search lead me to this superuser.com article that suggested running cat. To my surprise this worked. Also working is using read which will just read one line. Then when you re-connect you can just hit Enter rather than Ctrl-D or Ctrl-C.
  • It seems like you might not need the ServerAliveInterval on the "inside" connection as data passing over it thought the "outside" connection should probably keep it alive. I haven't fully investigated if that theory in practice.
  • Newer versions of ssh have a '-J' (ProxyJump) argument which allows you to write ssh -J ocid.instanceconsole<CUT>:443 ocid.instance.oc1.<CUT> . This is really just a handy shortcut to '-W'.
  • Since I use ControlMaster auto and ControlPath on wildcard * in my ssh config, I have to explicitly disable it on the console connections by setting ControlPath none.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment