I am just starting on google cloud, and have a trouble connecting to my instance via SSH. I ve launched a bitnami packaged magento site (runs on Debian 7). And when following google instructions (https://cloud.google.com/compute/docs/instances/connecting-to-instance) I run "gcloud compute ssh my-instance", it first generates keys on my local mashine, as said there, and also I ve mentioned that it generates keys in the compute engine metadata section. BUT then, when it is supposed to ask for a passphrase, it instead says: "Server refused our key. Fatal error: No supported authentication methods available (server sent: publickey)". That's it. If I type that command again, it just repeats. Did it many times, removed the keys, it generates them again, but makes no sense, as there is probably something I may have missed or didn't find in the instruction. I've found this question on stackoverflow: Cannot connect to Compute Engine instance via SSH, but I don't even get asked for the pass-phrase when generating key. It just jumps to an error. Will appreciate any help. Thanks! |
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAxVO9e18j+565X4pySFH/UfhJoHv9QIBAdoD7g8WtXs9z79rG8fQWi/xcGqf1mJiBTXHoejbPszgxjqlkiEwAFClpF3RdxrPiVqmG578XAplJbaF9hvT+8k/c4KhDY/k1E2GbzGnLFKLvN721BXaZ4xfkVVuDKhSewHX/Qzwb0bbw01ut10WP0R3krNjfvBA4XpidKmIjf64dvaOMCLulDakb15OZ0ie3THC6/9/KJdM1uoAJu1/N56ZFFkF0Dyeru3yix7bBwNkaB3UldBx5gcEpqzPf6fhBxWXbHMbKWYZgwexLWIlA82EP03jgQt7LjGCdaEThm8w2DYZMSqtIRQ== rsa-key-20160318 {"userName":"asdfasdf@gmail.com","expireOn":"2016-03-17T13:02:31+0000"}
ssh-keygen -t rsa -f ~/.ssh/my-ssh-key username
chmod 400 ~/.ssh/my-ssh-key
then I copy the content of my-ssh-key.pub file and paste it as a new item in the list of SSH keys.
now i am running below command but its not connecting to my instance -
ssh -i ~/.ssh/my-ssh-key [USERNAME]@[IP_ADDRESS]
cat ~/.ssh/<your-public-key>
--
© 2018 Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043
Email preferences: You received this email because you signed up for the Google Compute Engine Discussion Google Group (gce-dis...@googlegroups.com) to participate in discussions with other members of the Google Compute Engine community and the Google Compute Engine Team.
---
You received this message because you are subscribed to the Google Groups "gce-discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gce-discussio...@googlegroups.com.
To post to this group, send email to gce-dis...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gce-discussion/ae008878-e346-4be6-ad46-f9306d682b7e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Hello,It does not work for me. I tried many config and test my public/private key even in an other cloud and it's works.. (key generated in my linux machine on GCP I mean... )
Le jeu. 17 janv. 2019 à 18:47, Justin Reiners <jus...@hotlinesinc.com> a écrit :
a reboot should be fine.
On Thu, Jan 17, 2019 at 10:38 AM Youssouf Sakaly <ysa...@gmail.com> wrote:
--HelloI'am adressing the same issue on the GCP. I'am testing the plateform to know if we can use for our office ERP. No way to have access form Putty (Windows). Really disturbing beaucoup should be the first way for us to access to our machines.Want to understand what you mean buy reset : restart or complety reinit the VM...?Regards,
Le samedi 12 janvier 2019 00:50:38 UTC, Josh Wortman a écrit :Tomer is correct. I removed the enable-oslogin meta tag, reset my instance, and suddenly I could connect with Putty.OMG Thank you Tomer for figuring this out.
On Thursday, November 1, 2018 at 12:31:58 PM UTC-7, Tomer Sagi wrote:For me the issue was that I had a metadata setting enable-OS-login set to true which turns out disables private key login:https://cloud.google.com/compute/docs/instances/managing-instance-access
On Monday, October 23, 2017 at 4:03:49 PM UTC+3, Dima Medvedev wrote:Anything new? Has someone mananged to resolve this issue?
© 2018 Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043
Email preferences: You received this email because you signed up for the Google Compute Engine Discussion Google Group (gce-discussion@googlegroups.com) to participate in discussions with other members of the Google Compute Engine community and the Google Compute Engine Team.
---
You received this message because you are subscribed to the Google Groups "gce-discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gce-discussion+unsubscribe@googlegroups.com.
To post to this group, send email to gce-discussion@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gce-discussion/ae008878-e346-4be6-ad46-f9306d682b7e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Email preferences: You received this email because you signed up for the Google Compute Engine Discussion Google Group (gce-dis...@googlegroups.com) to participate in discussions with other members of the Google Compute Engine community and the Google Compute Engine Team.
---
You received this message because you are subscribed to the Google Groups "gce-discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gce-discussio...@googlegroups.com.
To post to this group, send email to gce-dis...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gce-discussion/ae008878-e346-4be6-ad46-f9306d682b7e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Cordialement,
Youssouf Sakaly
BP 403 Bamako Mali
Tel 223 66 72 18 59
--
© 2018 Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043
Email preferences: You received this email because you signed up for the Google Compute Engine Discussion Google Group (gce-dis...@googlegroups.com) to participate in discussions with other members of the Google Compute Engine community and the Google Compute Engine Team.
---
You received this message because you are subscribed to the Google Groups "gce-discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gce-discussio...@googlegroups.com.
To post to this group, send email to gce-dis...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gce-discussion/31647b0e-186d-4482-b0db-6470a5e7b1dc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Email preferences: You received this email because you signed up for the Google Compute Engine Discussion Google Group (gce-discussion@googlegroups.com) to participate in discussions with other members of the Google Compute Engine community and the Google Compute Engine Team.
---
You received this message because you are subscribed to the Google Groups "gce-discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gce-discussion+unsubscribe@googlegroups.com.
To post to this group, send email to gce-discussion@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gce-discussion/ae008878-e346-4be6-ad46-f9306d682b7e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Cordialement,
Youssouf Sakaly
BP 403 Bamako Mali
Tel 223 66 72 18 59
--
© 2018 Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043
Email preferences: You received this email because you signed up for the Google Compute Engine Discussion Google Group (gce-discussion@googlegroups.com) to participate in discussions with other members of the Google Compute Engine community and the Google Compute Engine Team.
---
You received this message because you are subscribed to the Google Groups "gce-discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gce-discussion+unsubscribe@googlegroups.com.
To post to this group, send email to gce-discussion@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gce-discussion/31647b0e-186d-4482-b0db-6470a5e7b1dc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
The short answer is yes. The Cloud SDK (gcloud) SSH command would achieve just that when OS-Login is enabled, and even when using a Windows machine. However, OS-Login verifies the user’s Google account for IAM permissions as detailed in this open source Github description. Hence, you would have to verify that the user has the necessary IAM roles as per this document. In addition, the user should authenticate his account on his local Windows machine against the SDK.
To further explain, and this is not limited to OS Login, the command is just a wrapper around an SSH client that “takes care of authentication and the translation of the instance name into an IP address” [1] . Using Linux, an SSH client is already built-in. However, using Windows, and depending on the Windows version, the SDK may either use the built in client, or use a third party client like Putty.
I reproduced the above in my test environment where the command propagated the keys automatically, and launched Putty for me. Here [2] is a debug output that should explain the wrapping. That said, if you are getting a particular error, please post your question at serverfault.com where you have access to a large community of enthusiasts and experts to share ideas with and get support from. I hope this helps.
[2]
gcloud compute ssh instance-1 --zone=us-central1-f --verbosity=debug
DEBUG: Running [gcloud.compute.ssh] with arguments: [--verbosity: "debug", --zone: "us-central1-f", [USER@]INSTANCE: "instance-1"]
Using OS Login user [REDACTED_google_com] instead of default user [REDACTED]
DEBUG: SSH Known Hosts File [C:\Users\REDACTED\.ssh\google_compute_known_hosts] could not be opened: Unable to read file [C:\Users\REDACTED\.ssh\google_compute_known_hosts]: [Errno 2] No such file or directory: u'C:\\Users\\REDACTED\\.ssh\\google_compute_known_hosts'
DEBUG: Running command [C:\Program Files (x86)\Google\Cloud SDK\google-cloud-sdk\bin\sdk\putty.exe -t -i C:\Users\REDACTED\.ssh\google_compute_engine.ppk REDACTED_...@35.x.x.x].
DEBUG: Executing command: [u'C:\\Program Files (x86)\\Google\\Cloud SDK\\google-cloud-sdk\\bin\\sdk\\putty.exe', u'-t', u'-i', u'C:\\Users\\REDACTED\\.ssh\\google_compute_engine.ppk', u'REDACTED_...@35.x.x.x']
1. Download the "Putty Gen"2. Generate Public and Private keys. NB: enter your username in the "Key Comment".3. Upload the Public Key to the "Project Metadata" from the cloud console, and into the instance "authorized keys" located in /home/USER/.ssh/authorized_keys4. Download "Putty" and select the .ppk key generated by "Putty Gen"5. SSH into the instance