Cannot connect to Compute Engine instance via SSH - google-compute-engine

I've just created an instance using Google Cloud Platform's Compute Engine and tried to connect to it via SSH connection but it failed.
I'm following the quick start here.
I have generated the SSH key on my PC and have entered the pass-phrase when asked. Though I fail to succeed a log in :-(
I got the PuTTY SSH's error as below snapshots.
Then I get the PuTTY window inactive.

I have the same problem but found a workaround to connect via PuTTY manually.
In brief
Generate SSH key for the machine instance
Add SSH public key to the instance
Prepare to log in - acquiring information for IP, login name, pass phrase, private SSH key
Connect to the instance via SSH client, e.g. PuTTY in Windows
Detail steps
For me the gcloud quick start had already:
launched my instance
created my public and private RSA keys (in C:\Users\USER_NAME\.ssh\)
Public Key - C:\Users\USER_NAME\.ssh\google_compute_engine.pub
Private Key - C:\Users\USER_NAME\.ssh\google_compute_engine.ppk
Go to the Google Developers Console in your browser
Select your project and in the left hand nav bar click: Compute -> Compute Engine -> VM instances
Your running instance(s) will be linked below the CPU usage chart
Click the one you want and find the Add SSH key link and click it
Paste the entire contents of google_compute_engine.pub into the field that appears
Click Save and after a few seconds the key details will appear on the page (if you get an error you pasted from the wrong key file or didn't copy all the text)
The first word in those details is your (case sensitive) username
Find the External IP above on the page
Open PuTTY and paste the external IP into Host Name (port is the default of 22)
In the left hand nav expand: Connection -> SSH and then click Auth
Next to "Private key file for authentication" click "Browse"
Select "C:\Users\USER_NAME\.ssh\google_compute_engine.ppk" and click Open
Scroll the left hand nav back up and click the top item "Session"
Under "Saved Sessions" enter a name and click "Save"
Accept the warning message and you should be prompted to login with the username from above step
Input your passphrase
Done
Hope this helps. If someone has a solution for the gcloud issue I'd love to hear it too.

A non-discussed answer is that you should have at least the standard memory on your VM instance (3.75GB) - do NOT use Micro VM instances.
I could only log in with SSH via browser console or gcloud command line, but not with Putty or Mac terminal SSH.
I spent an hour on the phone with support and we found this to be the problem.

To get identified by ssh you need to run this command, which add gcloud ssh key in the list of ssh keys
ssh-add google_compute_engine C:\Users\USER_NAME\.ssh\

You can also connect to your VM instance using embedded in-browser SSH client, see here for how to do that. That's pretty much a couple of mouse click to do.

Not sure why, if the user already existed (eg: already SSH logged in google web console), it doesn't work when I manually added SSH keys into metadata on google web console. I have tried hundred of times from the steps below.
I found out you have to manually add your ssh key through web SSH CONSOLE -> ssh in on google web console and copy ssh pub key on your local machine (usually is in ~/.ssh/) and append (edit and paste to the end) it to ~/.ssh/authorized_keys.

1) SSh into the vm by cloud console.
2) Change the root password sudo passwd
3) set below parameters to yes by nano /etc/ssh/sshd_config
PasswordAuthentication
PermitRootLogin
PasswordAuthentication
4) restart sshd service sshd restart

Related

Lost access to Google Compute Windows VM

I was having issues with internet access on a Windows Server 2012 VM, and accidentally disabled the NIC via RDP. Now I can't access the VM.
I tried editing the instance from console; I wanted to add a 2nd NIC, but couldn't do so. I saw something about having to add another "network" but couldn't figure it out.
Is there any way to re-access this VM??
You can re-enable the network interface on the Windows VM using the Serial port.
Try these steps:
Open the VM instance page from the Google Cloud Platform Console.
Click Edit on the top bar.
Enable the Enable connecting to serial ports option and click Save.
Start the VM if it isn't already running.
You will be taken back to the VM's info page and now you can select Connect to Serial port dropdown, select Port 2.
A new window will open up and you will get the Special Administration Console (SAC). Run cmd in this serial command prompt.
Open up Command prompt channel by pressing Esc + Tab.
You will have to login as admin on that instance using your admin credentials.
In the command prompt, you can enable back your network interface by running these commands:
Commands:
# List all network adapters - The name is important
netsh interface show interface
# Enable the network adapter
netsh interface set interface "MY_NETWORK_ADAPTER_NAME" admin=enable
Your instance's network adapter should now be enabled and you should have network access to your VM now.
I have observed similar problem on a windows server, where it was not able to resolve Metadata server and auto assigned an APIPA address 169.254.x.x
Performed troubleshooting steps as per Google documentation, also tried with restarting network related services, nothing worked. Finally reached to this post and tried the following and it got fixed..!
netsh interface set interface name="NAME OF INTERFACE" admin=disabled
netsh interface set interface name="NAME OF INTERFACE" admin=enabled
Not sure why windows behaves as such, Hope this helps

Google Compute Engine Cannot SSH using Owner Account

Since Google Compute Engine does not allow root user nor assign any password to the default Owner Account.
I though the SSH console in the Compute Engine backend can SSH to the instance regardless the SSH Config.
Obviously I was wrong, I modified sshd_config file and did not put the default owner account in the allowUsers parameter. Right now, I cannot SSH to the instance using owner account thus lost any SUDOER right and was stuck.
I however have set up a normal user which has no SUDOER rights but can SSH to the instance.
Is there any way to solve this or I have to rebuild the server?
You can get around by attaching the boot disk of the instance in question as a data disk to another instance and editing sshd_config file.

accidentally disabled network adapter on virtual machine

I accidentally disabled the network adapter on Windows virtual machine on compute engine. I tried delete-access-config and add-access-config through gcloud utility and that did not seem to make any difference. Any suggestions on how to enable the network adapter back so I can RDP back into VM or am I going to have to re-build the VM?
Thanks,
To those having this issue in 2017. I was just having same problem and spent a day trying to figure out a solution. I ended up successfully enabling network adapter using serial port connection. Here are the steps:
1) Open Google Compute VM instance from the console and click "Edit"
2) Scroll down to "Serial Port" and enable it. Save...
3) Select drop down next to "Connect to serial port" and chose "Port 2"
4) New window will open with serial command prompt. Run "cmd" command in it
5) Once executed switch to cmd channel by pressing ESC+Tab
6) Authenticate with user credentials that has admin rights on your instance
7) Now you have access to your instance command prompt. To enable your network interface run the following commands:
netsh interface show interface (this will show you all network adapter names, remember the name of the one you need to enable)
netsh interface set interface "network_adapter_name" admin=enable
(e.g netsh interface set interface "MyEthernet" admin=enable)
8) Show everyone around how happy you are to figure this one out.
At present, there's no way to enable a disabled network interface on a Windows GCE VM, therefore rendering RDP unusable. Recreating the VM anew seems like the only option.
In order not to lose data from your disabled instance, make sure "Delete boot disk when instance is deleted" is unchecked in the Developers Console configuration for this VM prior to deleting the instance. You can then attach the left-behind disk to your new instance, in order to retrieve data. Afterwards you may keep or delete the additional disk.

Accesing to a VM on Fi-lab

I’m training to get familiar with the Fi-Ware Cloud service.
I can create blueprints templates and instances but I cannot access in SSH or Connect to VM display.
I have the server up and running, I can see the page “It works” of Apache.
The problem I have are:
With SSH I don’t know what credential I have to use, I try with my Fi-Ware credential but the server always shows me “access denied”
Connect to VM display it never appears the login interface.
There is some tutorial where I can see an example of how to do it or a detailed documentation how to configure and access to in a Blueprints Instance?
I know this question was already answered but I tried these solution and only had success with additional detail after Creating, Downloading and chmod-ing the keypair file: using [user#]hostname] ssh parameter as root#Fi-lab-FloatingIPAddress ,
under root shell or
using sudo command to execute ssh -i kp.pem Fi-lab-FloatingIPAddress
Try to access without root username will results in ssh asks to password even including the keypair associated with that virtual machine.
In other words, the keypair to access fi-lab blueprint or instances only works with root username.
Usually, when you create a VM of Bluerpint, you should assign a keypair, that should be created previously. I suppose that you did it. Correct me if I am wrong. During the creation of the keypair, you could download en .pem file that it is used to access to the VM using ssh (ssh -i xxx.pem…).
I am just getting familiar with #Fiware Lab.
prerequisites :
Having in the private key you generated in the fiware cloud interface in the file fiware_rsa (text file beginning with -----BEGIN RSA PRIVATE KEY-----)
Associate your server with an external IP (internet) (note you can access other instances via the one which has inet access)
ssh -i fiware.rsa user#external-ip-address
try with root user, you should see a message advising the proper user name to use depending on the instance :
ubuntu#front:~$ ssh -i .ssh/fiware_rsa root#XXX.XXX.XXX.XXX
Please login as the user "centos" rather than the user "root".
You can find more information here : http://fr.slideshare.net/hmunfru/setting-up-your-virtual-infrastructure-using-fi-lab-cloud
BR

How to ssh into HA application gears?

As was explained in the answer to this question: https://stackoverflow.com/questions/11730590/what-are-some-of-the-tricks-to-using-openshift it should be possible to ssh into some of the other gears when using a scaled app with openshift.
Unfortunately the link mentioned there (https://openshift.redhat.com/community/faq/can-i-access-my-applications-gear) seems to be gone.
Via [my app url]/haproxy-status/ I can see the names of the other gears. They are long names like gear-[long number]-[app name]. Using that name I can no longer ssh into them when I'm ssh'ed into the main gear. ssh there just immediately returns without any error.
If I do ssh blala the same thing happened, so it looks like ssh had been replaced by a noop command on the primary gear?
When I examine the haproxy conf file, I see entries like;
server gear-[long number]-[app name] ex-std-node[number].prod.rhcloud.com:[number] check fall 2 ...
I tried ssh'ing into this ext-std-node... address as well, both from the main/primary application gear as well as from my desktop, but it didn't work in both cases.
How can I get shell access to my other gears?
This command shows how to access individual gears:
rhc app show <appname> --gears
The last column of output is the ssh URL. It is of the form $UUID#$UUID-$NAMESPACE.rhcloud.com . You can ssh into them directly, and they are also accessible via ssh from the "head" gear; they have to be, since git pushes are synchronized from the head gear to the others via ssh.