Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Setting up external authorized_keys on Google Compute

Tags:

ssh

google-compute-engine

google-cloud-platform

I am moving from AWS and I am using ansible for deployments to a Google Cloud compute instance. I am trying to setup a few users on the box with authorized keys. This used to work for AWS but seems like user management is a little different for Google Compute. Here's what I'm doing.

Created a ssh-key locally. Put this key (public) in ansible files and copying this to a new user created (using ansible) in /home/deploy/.ssh/authorized_keys

I'm still not able to login using this key from my local box.

$ ssh -i ~/.ssh/deploy_rsa deploy@<host>

Is there a list of users that are allowed to login to the box? Can I only configure the users to login to box from cloud console?

EDIT

$ ssh -i ~/.ssh/deploy_rsa deploy@<host>
... skipped some logs here ....
    Here's SSH logs from client side:
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug2: key: /Users/ankit/.ssh/gcloud-rsa (0x7ff1d16105e0),
    debug2: key: /Users/ankit/.ssh/deploy_rsa (0x0), explicit
    debug1: Authentications that can continue: publickey
    debug3: start over, passed a different list publickey
    debug3: preferred publickey,keyboard-interactive,password
    debug3: authmethod_lookup publickey
    debug3: remaining preferred: keyboard-interactive,password
    debug3: authmethod_is_enabled publickey
    debug1: Next authentication method: publickey
    debug1: Offering RSA public key: /Users/ankit/.ssh/gcloud-rsa
    debug3: send_pubkey_test
    debug2: we sent a publickey packet, wait for reply
    debug1: Authentications that can continue: publickey
    debug1: Trying private key: /Users/ankit/.ssh/deploy_rsa
    debug3: sign_and_send_pubkey: RSA SHA256:h+yezPKOVjeA2ZKOAN/1r1GRe2s1nyGKwG6wobm+Vh0
    debug2: we sent a publickey packet, wait for reply
    debug1: Authentications that can continue: publickey
    debug2: we did not send a packet, disable method
    debug1: No more authentication methods to try.
    Permission denied (publickey).

The other key the client is picking is from ~/.ssh/config

like image 819
Ankit Avatar asked Nov 08 '22 11:11

Ankit

1 Answers

I don't know much about Ansible, hope the following documentation help Connecting to Instance, Adding and Removing SSH Keys, Creating User Accounts for Linux Instances

BTW, it's also possible due to the firewall settings. In non-default networks, tcp:22 is not allowed by default.

like image 155
Dagang Avatar answered Nov 15 '22 07:11

Dagang
Sign in to Comment

Related questions

Git pull from Bitbucket server
BeagleBone Black not detected in network interface on Mac
Detect authentication attempts from ssh/console from an application for linux
Permission denied while connecting Amazon EC2 with GIT trought SSH
Build artifacts over ssh jenkins - PHP
Libssh - SSH MESSAGE Unimplemented
ssh_exchange_identification read connection reset by peer - Homestead Laravel
Configure port for git repository in jenkins
Using an SSH tunnel to accept incoming connections
How do I keep the fingerprint for the RSA key from changing after every vagrant up command?
Ansible Authenticate using Key with Passphrase
git rev-list hangs infinitely
Executing a command on a remote server with decoupling, redundancy, and asynchronous
SSH login shows Only console users are allowed to run the X server
Perl Net::SSH2 pubkey authentication issue
Run Python Selenium webdriver in ssh
can't push a new repo
Is it possible to use pip to install a package over ssh in a self-hosted gitlab?
AWS SSH connection error: Permission denied (publickey)
SSH error in connection to a new Domain

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!