How to reset opc os user password on OCI DBSystems when SSH keys lost

Create "Console Connection" to Node OS of DB System

1. Go to required DB System in Oracle Cloud Console
2. Select "Console Connections" tab and click button "Create Console Connection"

3. Upload SSH public key (existent or generate new) e.g. recovery_key.pub

4. Once console connection "State" became "Active" go to "..." and click "Copy SSH string" in popup-menu for the active console connection

5. Execute in a local terminal(putty/bash) copied SSH string:

# path/to/recovery_key - it is private key of your public key recovery_key.pub
ssh -i path/to/recovery_key -o ProxyCommand='ssh -W %h:%p -p 443 ocid1.instanceconsoleconnection...' ocid1.instance...

# if you do not add private key to /ssh/keys on host of your terminal then use next command
ssh -i path/to/recovery_key -o ProxyCommand='ssh -i path/to/recovery_key -W %h:%p -p 443 ocid1.instanceconsoleconnection...' ocid1.instance...

🛈 Note: The terminal may appear hanging or blank. This is normal. Do not press any key or Enter. Go to next step below

Reboot OS on "Node" of DB system

1. Go to "Nodes" tab of DB System in Oracle Cloud Console and navigate to "..." against of first "Available" node and click "Reboot" in popup-menu

2. Immediately switch focus to the terminal window with active console connection
3. As the node restarts, you will see BIOS output

🛈 Note: On reboot: Power down, press ESC repeatedly until you're get in to the Boot Manager. Please press ESC more intensively/often

4. Choose Boot manager > EFI Internal Shell

5. Press ESC to interrupt the UEFI startup process

then enter

Shell>
FS0:
cd EFI
cd redhat

You should see a user.cfg file:

FS0:\EFI\redhat>
ls

Remove user.cfg

FS0:\EFI\redhat> rm user.cfg

then exit from "EFI Internal Shell"

FS0:\EFI\redhat> 
exit

6. Press ESC to return into EFI "Main Menu"

7. Select "Continue" and press Enter to get to Linux kernels menu for boot

8. You will be back in Boot manager, choose a kernel "Oracle Linux" (or whichever is the first option) and press ESC repeatedly and press E

you should be able to proceed with the next steps:

• Locate the line starting with linux/linuxefi/vmlinuz or kernel. Scroll to the very end of this line and append the string: rw init=/bin/bash

  load_video
  set gfx_payload=keep
  insmod gzio
  linux ($root)/vmlinuz-5.4.17-2136.326.6.el8uek.x86_64 root=/dev/mapper/vg00-ro\
  ot ro LANG=en_US.UTF-8 audit=1 console=hvc0 console=tty0 console=ttyS0,9600n8 \
  crashkernel=auto  ipmi_si.tryacpi=0 ipmi_si.trydefaults=0 ipmi_si.trydmi=0 lib\
  iscsi.debug_libiscsi_eh=1 loglevel=3 net.ifnames=1 netroot=iscsi:169.128.0.2::\
  :1:iqn.2015-02.oracle.boot:uefi network-config=e2NvbmZpZzogZGlzYWJsZWR9Cg== no\
  modeset nvme_core.shutdown_timeout=10 rd.dm=0 rd.iscsi_param=node.session.time\
  o.replacement_timeout=6000 rd.luks=0 rd.lvm.lv=vg00 rd.md=0 vconsole.font=lata\
  rcyrheb-sun16 vconsole.keymap=us numa=off transparent_hugepage=madvise biosdev\
  name=1 rd_NO_DM PRODUCT=ORACLE_SERVER_X5-2 TYPE=X5_2_LITE_IAAS intremap=off rd\
  .net.timeout.dhcp=10 ip=dhcp,dhcp6 rw init=/bin/bash
  initrd  ($root)/initramfs-5.4.17-2136.326.6.el8uek.x86_64.img $tuned_initrd
      

• Press Ctrl + X to boot

Reset the opc os user password

[root@localhost /] passwd opc

1. Go to DB System "Nodes" tab in Oracle Cloud Console restart node

🛈 Navigate to "..." against of first "Available" node and click "Reboot" in popup-menu

2. Check opc password:

ssh opc@xxx.xxx.xxx.xxx
opc@xxx.xxx.xxx.xxx's password:

[opc@ ~]$

Clean *.aud files

    sudo -i
    su - oracle
    cd  /u01/app/oracle/admin/orcl/adump
    du -sh
    find. -name "*.aud" -mtime +30 -delete
  

visudo - description of what each column means

su -
visudo

Description what each column means

#-----------------------------------------------
# john ALL = (ALL:ALL) NOPASSWD: ALL
#  ^    ^      ^   ^              ^
#  |    |      |   |              |
# user  | all users|              |
#     host         |       all commands
#              all groups
#-----------------------------------------------
oracle  ALL=(ALL)       NOPASSWD: ALL

Install btop on Oracle Linux 8

To install btop++ on Oracle Linux 8, you can use the dnf package manager after enabling the EPEL repository.

Method 1: Using the EPEL Repository (Recommended)

The easiest way to install btop++ is by using the Extra Packages for Enterprise Linux (EPEL) repository.
1. Install the EPEL repository:

sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

🛈 This command adds the EPEL repository configuration to your system.

2. Install btop
Once the repository is enabled, you can install btop (the executable name for btop++) using dnf:

sudo dnf install btop

3. Run btop:

btop

UTLcmd PL/SQL package as wrapper of Java RunTime.exec method with read stdin, stdout, stderr outputs

Go to required Container(PDB)

SQL>
DEFINE s_container='CDB$ROOT';
--DEFINE s_container='PDB1';
--DEFINE s_container='PDB2';


ALTER SESSION SET container = &&s_container;

show con_name

Original UTLcmd PL/SQL package as wrapper of Java RunTime.exec method

• Oracle PL/SQL Programming by Steven Feuerstein - UTLcmd PL/SQL package

/*
   Build by Vadim Loevski of Quest Software.
*/   
CREATE OR REPLACE AND RESOLVE JAVA SOURCE NAMED "UTLcmd" AS
import java.lang.Runtime;
public class UTLcmd
{
  public static void execute (String command)
  {
   try
      {
       Runtime rt = java.lang.Runtime.getRuntime();
       rt.exec(command);
      }
   catch(Exception e)
   {
    System.out.println(e.getMessage());
    return;
   }
  }
}
/

CREATE OR REPLACE PACKAGE UTLcmd IS
  PROCEDURE execute (cmd IN VARCHAR2) AS LANGUAGE JAVA NAME
           'UTLcmd.execute(java.lang.String)';
END;
/


/*======================================================================
| Supplement to the fifth edition of Oracle PL/SQL Programming by Steven
| Feuerstein with Bill Pribyl, Copyright (c) 1997-2009 O'Reilly Media, Inc. 
| To submit corrections or find more code samples visit
| http://oreilly.com/catalog/9780596514464/
*/

Improved version of UTLcmd PL/SQL package as wrapper of Java RunTime.exec method with read stdin, stdout, stderr outputs

CREATE OR REPLACE AND RESOLVE JAVA SOURCE NAMED "UTLcmd" AS
import java.lang.Runtime;
import java.lang.Process;
import java.io.BufferedReader;
import java.io.InputStreamReader;
public class UTLcmd
{
  public static void execute (String command)
  {
   try
      {
        Runtime rt = java.lang.Runtime.getRuntime();
        Process proc = rt.exec(command);

        BufferedReader stdInput = new BufferedReader(new 
             InputStreamReader(proc.getInputStream()));
        
        BufferedReader stdError = new BufferedReader(new 
             InputStreamReader(proc.getErrorStream()));
        
        // Read the output from the command
        System.out.println("Here is the standard output of the command:\n");
        String s = null;
        while ((s = stdInput.readLine()) != null) {
            System.out.println(s);
        }
        
        // Read any errors from the attempted command
        System.out.println("Here is the standard error of the command (if any):\n");
        while ((s = stdError.readLine()) != null) {
            System.out.println(s);
        }       
      }
   catch(Exception e)
   {
    System.out.println(e.getMessage());
    return;
   }
  }
}
/
 
CREATE OR REPLACE PACKAGE UTLcmd IS
  PROCEDURE execute (cmd IN VARCHAR2) AS LANGUAGE JAVA NAME
           'UTLcmd.execute(java.lang.String)';
END;
/

🛈 Create Java source "UTLcmd" and PL/SQL package ULTcmd in required schema (SCOTT for example). In this article both versions like "Original" & "Improved with read stdin, stdout, stderr outputs" was created and tested in SYS/SYSTEM schemas, in this case provide next grant to required user/schema to able execute PL/SQL UTLcmd package:

GRANT EXECUTE ON UTLcmd TO SCOTT;

Example of using improved version of UTLcmd PL/SQL package with read stdin, stdout, stderr outputs

CALL DBMS_JAVA.SET_OUTPUT (1000000);
exec UTLcmd.execute('du -hs /u01');

Here is the standard output of the command:
141G	/u01

exec UTLcmd.execute('ls -lht /u01');

Here is the standard output of the command:

total 24K
drwxr-xr-x 9 oracle oinstall 4.0K Jan 26  2026 app

Next command don't works, I don't know why but looks like it don't understand "*"

exec UTLcmd.execute('du -hs /u01/*');

Here is the standard output of the command:

Here is the standard error of the command (if any):

/bin/du: cannot access '/u01/*': No such file or directory

FILE_LIST_API.list - List Files in a Directory From PL/SQL and SQL using Java class FileListHandler

References:

• oracle-base.com - List Files in a Directory From PL/SQL and SQL: Java

I chose a variation suggested by Christian Antognini which passes back an array:

Java class FileListHandler

CREATE OR REPLACE AND COMPILE JAVA SOURCE NAMED "FileListHandler" AS
import java.io.File;
import java.lang.Exception;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.sql.Array;
import oracle.jdbc.OracleConnection;
import oracle.jdbc.OracleDriver;
 
public class FileListHandler
{
  public static Array list (String path) throws Exception {
    Path directory = Paths.get(path);
    if (!Files.isDirectory(directory))
      throw new Exception("path argument does not reference a directory (" + path + ")");
 
    File[] files = directory.toFile().listFiles();
    OracleConnection connection = (OracleConnection)(new OracleDriver()).defaultConnection();
    return connection.createOracleArray("T_VARCHAR2_ARR", files);
  }
};
/

PL/SQL package file_list_api with function list

CREATE OR REPLACE TYPE t_varchar2_arr AS TABLE OF VARCHAR2(500);
/


CREATE OR REPLACE PACKAGE file_list_api AS

FUNCTION list (p_path  IN  VARCHAR2) RETURN t_varchar2_arr
AS LANGUAGE JAVA
NAME 'FileListHandler.list (java.lang.String) return java.sql.Array';
 
END file_list_api;
/

Example of using:

SELECT * FROM table(FILE_LIST_API.list ('/u01/app/oracle/admin/orcl/adump/'));

Another implementing of FILE_LIST_API.list PL/SQL function in fDelete PL/SQL function as wrapper of Java JDelete.delete method for delete files from OS

fDelete PL/SQL function as wrapper of Java JDelete.delete method for delete files from OS

Define in PL/SQL Java source named JDeleteFile for Java class JDelete:

CREATE OR REPLACE AND RESOLVE JAVA SOURCE NAMED "JDeleteFile" AS
import java.io.File;
public class JDelete {
  public static int delete (String fileName) {
    File myFile = new File (fileName);
    boolean retval = myFile.delete();
    if (retval) return 1; else return 0;
  }
}
/

Create PL/SQL function fDelete as wrapper of Java JDelete.delete method

CREATE FUNCTION fDelete (file IN VARCHAR2)
  RETURN NUMBER
AS LANGUAGE JAVA NAME 'JDelete.delete (java.lang.String) return int';

Example of using:

SQL> EXEC DBMS_OUTPUT.PUT_LINE (fdelete('/u01/app/oracle/admin/orcl/adump/ora_some_file.aud'));

Before use fDelete function to avoid file permissions errors like:

ERROR at line 1:
ORA-29532: Java call terminated by uncaught Java exception: java.security.
AccessControlException: the
Permission (java.io.FilePermission /u01/app/oracle/admin/orcl/adump/ora_some_file.aud delete) has not been
granted to SCOTT. The PL/SQL
to grant this is dbms_java.grant_permission( 'SCOTT', 'SYS:java.io.FilePermission',
'/u01/app/oracle/admin/orcl/adump/ora_some_file.aud', 'delete' )

need grants permission to access files in a required directory:

CALL DBMS_JAVA.grant_permission(
  'SYSTEM',
  'SYS:java.io.FilePermission',
  '/u01/app/oracle/admin/orcl/adump/*',
  'read,write,delete'
);

fDelete function can delete just concrete specified file name (names which you know), if you want delete all files *.aud in directory then need use FILE_LIST_API.list described in List Files in a Directory From PL/SQL and SQL using Java class FileListHandler to get all file names list:

DECLARE
  res pls_integer;
BEGIN
  FOR rec in (SELECT * FROM table(FILE_LIST_API.list ('/u01/app/oracle/admin/orcl/adump/')) where rownum <= 10000)
  LOOP
    res := fdelete(rec.column_value);
    /*
    if res = 1 then
      DBMS_OUTPUT.PUT_LINE (rec.column_value || ' is ' || 'deleted');
    else
      DBMS_OUTPUT.PUT_LINE (rec.column_value || ' ' || 'not found/error');
    end if;
    */
  END LOOP;
END;
/

Note: Oracle9i Database Release 2 introduced an enhanced version of the UTL_FILE package that, among other things, allows you to delete a file using the UTL_FILE.FREMOVE procedure. It also supports file copying (FCOPY) and file renaming (FRENAME).