The doc link at https://docs.oracle.com/en-us/iaas/Content/Compute/References/serialconsole.htm#serialconsole_topic_prerequisites fails to specify for Linux/MAC/WSL to use rsa-sha2-256 or rsa-sha2-512. It should.
The default SSH encryption on WSL/OLE8 and certain versions of MAC is RSA+SHA1. This is not supported by the console's SSH server instance when running for either the DB system or for local console connections to VMs. The error returned by the console service in this case is “Permission denied (publickey)”. Other errors when running ssh in full debug mode include: “debug2: match not found” and “debug3: gss kex names ok: [gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-]”, which indicate that an unsupported version of RSA encryption is being used by the SSH client.
The best option is for the user to create a config file in the user's home directory within the .ssh subdirectory as follows:
Host *
PubkeyAcceptedKeyTypes +ssh-rsa
I recommend you test this and add a warning box to https://docs.oracle.com/en-us/iaas/Content/Compute/References/serialconsole.htm#serialconsole_topic_prerequisites along with instructions as appropriate.
Thanks.