Lab 2: Setting up secure access Oracle Database Cloud Service Hands On Lab This lab is divided into 3 parts 1. Securely Connecting to DBCS instance using Putty 2. Configuring SQL Developer for Secure Access 3. Understand Port configuration Pre-Requisite You need a DBCS instance provisioned in the Oracle Public Cloud 1. Securely Connecting to a DBCS instance using Putty 1) Login to DBCS Service Console. For instructions refer Lab1. 2) Once you login to DBCS service Console, click on the DBCS service that you would like to connect to. 3) Note the Public IP Address that s shown for your service. You will need this IP address later in this lab.
Steps 4 9 apply only if you are connecting to a DBCS instance from a windows machine. If you are on Linux or Mac you can ssh into a DBCS instance from a terminal window. $ ssh i <private-key-file> oracle@ipaddress for eg. $ssh i /home/lab/documents/privkey oracle@140.86.12.37 You may skip steps 4 9 and move to the next section. 4) Download the Putty executable. 32 Bit https://the.earth.li/~sgtatham/putty/latest/w32/putty.exe 64 Bit https://the.earth.li/~sgtatham/putty/latest/w64/putty.exe 5) Double click on the downloaded executable and click on Run
6) On the Putty Console, enter the IP address 7) On the left pane, click on Data. Enter the Auto-login Username as opc
8) On the left pane, Under Connections, expand the ssh and click on Auth Click the browse button and use Private Key provided to you (If you do have the Private Key, Download it from http://oraclecloudlab.com & save it on your laptop) 9) Click on the Open button and this should connect you the OPC server hosting your DBCS instance.
2. Configuring SQL Developer for Secure Access to Database Cloud Service instance. 1) Download SQL Developer from http://www.oracle.com/technetwork/developer-tools/sqldeveloper/downloads/index.html It s a 401MB in download size. 2) Right click and unzip the downloaded file sqldeveloper-4.1.5.21.78- x64.zip and then navigate to the location where the file is unzipped. Click on sqldeveloper.exe
3) Once SQL Developer opens up, At the top left Click on View -> SSH. 4) This will open up a small tile on the left panel.
5) Now right click on SSH hosts and click on New SSH Hosts 6) A new window opens up. Let s enter below values a) Enter a Name for the connection : OOW17 b) Hosts: This is the Public IP address assigned to your Oracle Database Cloud Instance. c) Username : oracle d) Select the Check Box for Use Key File e) Click Browse and select the Private Key that you downloaded from http://oraclecloudlab.com f) Select the Check Box for Add a Local Port Forward g) Name : OOW17 h) Host : This is the Public IP address assigned to your Oracle Database Cloud Instance. i) Port : 1521 j) Select the radio button as Automatically Assign Local Port. k) Click Ok to Save.
7) On the left panel in SSH Hosts, you should see the SSH entry that we created. Now Right Click on Workshop02 and click on Test. 8) You should see a Connection Test Successful Message.
9) Now in the Connection Tile at the Top left, Click on the sign. Then select the new Connection 10) A new window will open up, lets enter the below details a) Connection Name : OOW17 b) Username : system c) Password : Labs123# <This is the password that was entered when we created the instance> d) In the drop down list select Connection Type : SSH e) Port Forward: Should automatically show OOW17 f) Select the Radio Button Service Name : Enter service name in the format PDB1.<domain_name>.oraclecloud.internal Use the domain name that was provided to you at the beginning of your lab session
11) Click on Connect, and now you should be able to view all objects inside the database. 3. Understand Port Configuration Access Control 1) Let s navigate to the Database Cloud Service Console.
2) Use OOW17 as the service. To the right you should see a hamburger icon. Let s do a left click on the Hamburger icon. A new menu opens up, click on Access Rules. 3) Let Observe the screen below. You can see the default rules that are configured for the Database Cloud Service. The icon The icon indicates the rule is Disabled. indicates the rule is Enabled. 4) Let try enabling the access rule ora_p2_dbconsole. Locate the Hamburger button to the right of the rule ora_p2_dbconsole. From the menu for the located rule, select Enable.
The rule ora_p2_dbconsole is used to controls access to port 1158, the port used by Enterprise Manager Database Control. 5) Once the Rule is enabled, you can see the icon changes to 6) Enable the access rule for ora_p2_httpssl. ora_p2_httpssl controls access to port 443, the port used for HTTPS connections, including Oracle REST Data Services, Oracle Application Express, and Oracle DBaaS Monitor. 7) You can access the DB Console securely over the https protocol. Verify the access to DB Console. Click on Hamburger icon. A new menu opens up. Click on Open DBaaS Monitor Console, It should open a new window and take you to the login screen.
You are now taken to the DBaaS Monitor login page. We will look at DBaaS Monitor in the next lab.