Can Not Connect to Google Compute Engine via Ssh

Google Cloud Instance Could not connect

Using gcloud, you can use the following command:

gcloud compute ssh [YOUR_VM_NAME]

Google Compute Engine Unable to Access VM

From the error message that you got "Permission denied (publickey)" you can check this documentation for further troubleshooting.

Further more you can investigate also the Identity-Aware Proxy (IAP).
If you use Identity-Aware Proxy (IAP) for TCP forwarding, update your custom firewall rule to accept traffic from IAP, then check your IAM permissions.

1. Update your custom firewall rule to allow traffic from 35.235.240.0/20, the IP address range that IAP uses for TCP forwarding. For more information, see Create a firewall rule.

2. Grant permissions to use IAP TCP forwarding, if you haven't already done so.

For the error message "You cannot connect to the VM instance because of an unexpected error".

• The VM is booting up and sshd is not running yet. You can't connect to a VM before it is running.

  To resolve this issue, wait until the VM has finished booting and try to connect again.

• The firewall rule allowing SSH is missing or misconfigured. By default, Compute Engine VMs allow SSH access on port 22. If the default-allow-ssh rule is missing or misconfigured, you won't be able to connect to VMs.

  To resolve this issue, Check your firewall rules and re-add or reconfigure default-allow-ssh.

• sshd is running on a custom port. If you configured sshd to run on a port other than port 22, you won't be able to connect to your VM.

  To resolve this issue, create a custom firewall rule allowing tcp traffic on the port that your sshd is running on using the following command:

gcloud compute firewall-rules create FIREWALL_NAME \
  --allow tcp:PORT_NUMBER

For further troubleshooting on SSH you see this documentation on Common SSH errors.

Cannot connect to google compute engine VM

Problem solved.

It was my fault configuring date and time + locales.

Changed to Linux Debian 9 stretch and used dpkg-reconfigure to configure it. Works without problem.

(I used cp -p /usr/share/zoneinfo/Asia/Seoul /etc/localtime to change timezone. (I live in Korea) and changed locale settings by editing /etc/default/locale.)

How I changed it

Original :

#  File generated by update-locale
LANG="C.UTF-8"

My Version :

#  File generated by update-locale
LANG="ko_KR.UTF-8"
LANGUAGE="ko_kr:ko"

after these settings, I get problems what I explained before. (check the article above.)

But I downgraded to Debian 9 (strech) (for some reason with jdk)
and used dpkg-reconfigure tzdata and dpkg-reconfigure locales to change these settings.

After that I have no problems with the timezone and locales.

(Thank you W_B trying to help me.)

Can not connect to Google Compute Engine via SSH

I then use command sudo gcloud compute ssh instance-1

Using sudo is wrong here. It appears that you've created a key in /Users/username/.ssh/google_compute_engine but since it has the comment root@My-MacBook-Air-4.local, it's probably created with the wrong ownership (i.e. owned by root).

You might be able to fix this up with:

 sudo chown $USER:$GROUPS ~/.ssh/google_compute_engine{,.pub}

And then connect without sudo

 gcloud compute ssh instance-1

Or if that fails just start over but don't use sudo for anything.

Cannot connect to Google Compute Engine instance via SSH in browser

UPDATE

I'd like to post this update to mention that on June 2016 a new feature is released where you can enable interactive access to the serial console so you can more easily troubleshoot instances that are not booting properly or that are otherwise inaccessible. See Interacting with the Serial Console for more information.

-----------------------------------------------------------------------------------

It looks like you've added AllowUsers in /etc/ssh/sshd_config configuration file.

To resolve this issue, you'll need to attach the boot disk of your VM instance to a healthy instance as the second disk. Mount it, edit the configuration file and fix the issue.

Here are the steps you can take to resolve the issue:

1. First of all, take a snapshot of your instance’s disk, in case if a loss or corruption happens you can recover your disk.

2. In the Developers Console, click on your instance. Uncheck Delete boot disk when instance is deleted and then delete the instance. The boot disk will remain under “Disks”, and now you can attach the disk to another instance. You can also do this step using gcloud command:

   $ gcloud compute instances delete NAME --keep-disks all
   

3. Now attach the disk to a healthy instance as an additional disk. You can do this through the Developers Console or using the gcloud command:

   $ gcloud compute instances attach-disk EXAMPLE-INSTANCE --disk DISK --zone ZONE
   

4. SSH into your healthy instance.

5. Determine where the secondary disk lives:

   $ ls -l /dev/disk/by-id/google-*
   

6. Mount the disk:

   $ sudo mkdir /mnt/tmp
   $ sudo mount /dev/disk/by-id/google-persistent-disk-1-part1 /mnt/tmp
   

Where google-persistent-disk-1 is the name of the disk

7. Edit sshd_config configuration file and remove AllowUsers line and save it.

   $ sudo nano /mnt/tmp/etc/ssh/sshd_config
   

8. Now unmout the disk:

   $ sudo umount /mnt/tmp
   

9. Detach it from the VM instance. This can be done through the Developers Console or using the command below:

   $ gcloud compute instances detach-disk EXAMPLE-INSTANCE --disk DISK
   

10. Now create a new instance using your fixed boot disk.

Cannot connect to Compute Engine instance via SSH

I have the same problem but found a workaround to connect via PuTTY manually.

In brief

1. Generate SSH key for the machine instance
2. Add SSH public key to the instance
3. Prepare to log in - acquiring information for IP, login name, pass phrase, private SSH key
4. Connect to the instance via SSH client, e.g. PuTTY in Windows

Detail steps

For me the gcloud quick start had already:

• launched my instance
• created my public and private RSA keys (in C:\Users\USER_NAME\.ssh\)

Public Key - C:\Users\USER_NAME\.ssh\google_compute_engine.pub

Private Key - C:\Users\USER_NAME\.ssh\google_compute_engine.ppk

1. Go to the Google Developers Console in your browser
2. Select your project and in the left hand nav bar click: Compute -> Compute Engine -> VM instances
3. Your running instance(s) will be linked below the CPU usage chart
4. Click the one you want and find the Add SSH key link and click it
5. Paste the entire contents of google_compute_engine.pub into the field that appears
6. Click Save and after a few seconds the key details will appear on the page (if you get an error you pasted from the wrong key file or didn't copy all the text)
7. The first word in those details is your (case sensitive) username

8. Find the External IP above on the page

9. Open PuTTY and paste the external IP into Host Name (port is the default of 22)

10. In the left hand nav expand: Connection -> SSH and then click Auth

11. Next to "Private key file for authentication" click "Browse"
12. Select "C:\Users\USER_NAME\.ssh\google_compute_engine.ppk" and click Open
13. Scroll the left hand nav back up and click the top item "Session"
14. Under "Saved Sessions" enter a name and click "Save"
15. Accept the warning message and you should be prompted to login with the username from above step
16. Input your passphrase
17. Done

Hope this helps. If someone has a solution for the gcloud issue I'd love to hear it too.

---

Related Topics