According to Google Cloud documentation, if I am a project member with the "compute instance admin" role, I should be able to connect to any instance in my project using the gcloud tool.
On the project IAM page in the Google Cloud console, I have explicitly added my username with the "Compute Instance Admin (v1)" role, yet I am still unable to connect to an instance created by some of our automation.
[username]:~/src/infrastructure$ gcloud compute ssh [instance id]
Unauthorized use is strictly prohibited. All access and activity
is subject to logging and monitoring.
Permission denied (publickey).
ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].
The only instances I seem to be able to connect to are those created by me.
What might be going wrong here?
As a side note, according to this documentation, I should be able to add my RSA public key to the instance manually, then connect using SSH.
I added my public key from ~/.ssh/google_compute_engine.pub
to the instance metadata, then tried using SSH, with no luck.
[username]:~/src/infrastructure$ ssh -i ~/.ssh/google_compute_engine [public ip of instance]
Unauthorized use is strictly prohibited. All access and activity is subject to logging and monitoring.
Received disconnect from 35.197.127.143 port 22:2: Too many authentication failures for matts
Connection to 35.197.127.143 closed by remote host.
Connection to 35.197.127.143 closed.
As Google recommends, I do not want to manually manage SSH keys for instance access. I want gcloud compute ssh
to work, so I'm less focused on this second failure than I am on the first one (unless they're related).
If you want to use a password to access the SSH server, a solution for fixing the Permission denied error is to enable password login in the sshd_config file. In the file, find the PasswordAuthentication line and make sure it ends with yes . Find the ChallengeResponseAuthentication option and disable it by adding no .
"Permission denied (publickey)" and "Authentication failed, permission denied" errors occur if: You're trying to connect using the wrong user name for your AMI. The file permissions within the operating system are incorrect on the instance. The incorrect SSH public key (.
Connect through a browser from the GCP MarketplaceBrowse to the Google Cloud Platform console and sign in if required using your Google account. Find and select your project in the project list. Select the “Compute -> Compute Engine” menu item. Locate your server instance and select the SSH button.
I had this problem. I couldn't login with gcloud command, manual ssh with -i flag, or even using the web browser ssh client.
I also tried to manually add a new key in the ssh keys editor which seemed to go through fine but STILL didn't let me in.
Increasing the boot disk size and restarting the instance fixed the problem.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With