Port is up, firewall disabled, but connection is rejected with message:
"Read from socket failed: Connection reset by peer".
Other services in the same host are responding well.
SSH through Google Cloud Console gets the same error.
Is there any other method for Google Compute Engine to get shell?
Yes, there is a way to get shell, and it is through the serial port, a really useful feature Google Cloud provides.
There, I saw the error was about key file permissions:
Sep 30 10:51:02 localhost sshd: Permissions 0775 for '/etc/ssh/ssh_host_rsa_key' are too open.
And by assigning 0600 perms to this file everything went back to normal.
Related
I just created a new Instance on Google Cloud Compute engine but when I try connecting to terminal (via web SSH) it gets stuck into:
Connecting...
Could not connect, retrying (2/3)…
The VM serial console output may provide details to aid in troubleshooting connection problems. See our help document for other possible causes of this issue.
You can drastically improve your key transfer times by migrating to OS Login.
If I check the serial console I see:
instance-2 login: Dec 9 09:50:50 instance-2 google-accounts: INFO Adding user sirjack9601 to the Google sudoers group.
[ 27.313823] google_accounts_daemon[1526]: Adding user sirjack9601 to group google-sudoers
Dec 9 09:50:50 instance-2 google_accounts_daemon[1526]: Adding user sirjack9601 to group google-sudoers
Dec 9 09:51:16 instance-2 systemd[1]: systemd-hostnamed.service: Succeeded.
Using gcloud, you can use the following command:
gcloud compute ssh [YOUR_VM_NAME]
gcloud compute ssh works but web SSH does not work because your VM is IP restricted. Most likely your security does not want everyone who has access to the project to login to the VM.
The firewall rule allowing SSH access is enabled, but is not configured to allow connections from Cloud Console services. Source IP addresses for browser-based SSH sessions are dynamically allocated by Cloud Console and can vary from session to session. For the feature to work, you must allow connections either from any IP address or from Google's IP address range, which you can retrieve by using public SPF records.
See: https://cloud.google.com/compute/docs/ssh-in-browser
I migrated the vm from libvirt to Google Cloud Platform using Cloudendure. The initial sync is complete and is in Data Replication stage from over a week. Once the VM is launched using test mode and try to putty using ssh it throws Connection Refused exited with error code 255.
I tried to log in using my on-premise local machine username and SSH key with putty, As it is told in the Cloudendure documentation that I can log in to the replicated server using same credentials
The firewall rule in GCP and the machine allows port 22 for incoming connections. SSH key is also updated properly in metadata section and saying SSH key is not propagated properly.
I thought there is a problem with my local machine ufw rules and tried turning off firewall and replicated again but no use. Also tried adding SSH rule to ufw allow connections from 0.0.0.0/0 still I'm not able to connect to VM which is replicated and launched in test mode.
Steps tried:
I tried interactive console method where I tried to log in using serial-port, but the problem is it is asking for ID and password. Where I don't have PASSWORD and using only SSH keys to log-into.
Tried using Static IP for an instance. before replicating boot disk I added firewall rule allow SSH from that static-IP then I replicated and tried to login (assuming that it is blocking connection via this IP).
Followed this article to install Linux Guest OS.
Generated SSH key using ssh-keygen -t RSA -C "" in gcloud shell.
I cannot ssh into the Linux environment. Appreciate the help
Operating System: Ubuntu 18.04 LTS x64
ANy help would be greatful.
There's an issue with SSH access today ? Don't know why I can't access to my instances today, from a MobaXterm or the SSH webinterface in Google Cloud (impossible to connect port 22).
From Google Cloud Shell => ssh: connect to host XXXX port 22: Connection timed out
Global issue or only my account ?
I would advise you to try the following and check if you are able to connect:
Can you able to ping or SSH into VM instance using gcloud command ?
Could you also try running cloud shell in safe mode.
If you are still running the issue after trying 2 methods, please try to restart the cloud shell (This can be done by selecting restart option from hamburger menu on top right of your Cloud shell) and see if that fixes.
You can interact with the serial console so you can more easily troubleshoot instances that are not booting properly or that are otherwise inaccessible.
Please let me know of the results.
I created an Azure Container Registre some days ago, and now it's impossible to login to this registry with docker login command. I always get this error message:
Error response from daemon: Get https://XXXXXXXXX.azurecr.io/v2/: dial tcp: lookup XXXXXXXXX.azurecr.io on [::1]:53: read udp [::1]:52627->[::1]:53: read: connection refused
Docker client may throw such error when it is unable to connect to the local Docker daemon properly. So, Restart/Reinstall-Docker should mostly fix that.
before asking this question i looked through google and tried different alternatives none of which were successful for me, sadly. I'm a little above the noob level. What i want is to basicaly host a wordpress site on a google cloud debian machine.
I was doing good installing services through their SSH access until i got to the point where i installed an ftp service and wanted to access it through a remote computer(my own) i only got as far as to:
Status: Waiting to retry...
Status: Connecting to 104.197.183.19...
Response: fzSftp started
Command: open "root#104.197.183.19" 22
Error: Connection timed out
Error: Could not connect to server
I kept on looking and trying new ways until i found the gcloud documentation for ftp but it is not aimed at new ones, so my questions are:
Where do i input the commands for gcloud, on my computer or on the SSH console(Google cloud machine)?
Do i need to use gcloud for ftp remote access or can i do it entirely through my computer and their SSH machine?
Do i really need to add an ssh authorization file to FileZilla or is there a way i can disable that check on my vps so it lets me sign in with just a username and a password?
What i already tried and didn't work for me:
gCloud documentation for ssh and ftp
Google cloud documention for setting up a wordpress site
Many others
Basically what i need in short is to manage to access the vps through ftp so i can continue with my learning.. Been stuck there two days.
To get access to a users public area, ie. public_html
Go to the accounts Cpanel area and under Security > SSH Access you can import a key file.
You can use PuttyGen to make one, you will need both a private and public key.
Past the keys into the box's.
You may get a warning message about the private key, this is ok.
Go to Manage under public key and authorize it.
Or
Make on using the interface in Cpanel and download both Keys.
Then in FileZilla
Host: IP of server
Protocol: SFTP
Logon Type: Key File
Key File: the PPK you made.
(if you asked Cpanel to make the file select the one that does not end in .pub and FileZilla will convert it for you to a .ppk file.
After clicking connect you should be in
If you still have an error make sure the SSH port (22) is open in your filewalls both Google cloud.google.com > Networks and WHM > LDF/CSF plugin
Use SSH File Transfer Protocol.
No need to install ftp service.
Use winscp for connecting with sftp.
The recommended way of transferring files to a Unix-based Google Compute Engine VM is via the gcloud compute copy-files command. For this, please install the Google Cloud SDK. Then, run a command such as the following:
gcloud compute copy-files --zone=<Compute Engine zone>/path/to/local/file.txt <Compute Engine instance name>:/path/to/destination/file.txt
If you'd like to use FileZilla, you'll have to configure it for access. The SSH daemon on Compute Engine VMs is set up for key-based authentication. This forum post indicates how this is possible in FileZilla. The catch is that you need to put your public key on the VM, which can be a little tricky. gcloud compute copy-files and gcloud compute ssh take care of this for you, which is why they are the recommended method.