before asking this question i looked through google and tried different alternatives none of which were successful for me, sadly. I'm a little above the noob level. What i want is to basicaly host a wordpress site on a google cloud debian machine.
I was doing good installing services through their SSH access until i got to the point where i installed an ftp service and wanted to access it through a remote computer(my own) i only got as far as to:
Status: Waiting to retry...
Status: Connecting to 104.197.183.19...
Response: fzSftp started
Command: open "root#104.197.183.19" 22
Error: Connection timed out
Error: Could not connect to server
I kept on looking and trying new ways until i found the gcloud documentation for ftp but it is not aimed at new ones, so my questions are:
Where do i input the commands for gcloud, on my computer or on the SSH console(Google cloud machine)?
Do i need to use gcloud for ftp remote access or can i do it entirely through my computer and their SSH machine?
Do i really need to add an ssh authorization file to FileZilla or is there a way i can disable that check on my vps so it lets me sign in with just a username and a password?
What i already tried and didn't work for me:
gCloud documentation for ssh and ftp
Google cloud documention for setting up a wordpress site
Many others
Basically what i need in short is to manage to access the vps through ftp so i can continue with my learning.. Been stuck there two days.
To get access to a users public area, ie. public_html
Go to the accounts Cpanel area and under Security > SSH Access you can import a key file.
You can use PuttyGen to make one, you will need both a private and public key.
Past the keys into the box's.
You may get a warning message about the private key, this is ok.
Go to Manage under public key and authorize it.
Or
Make on using the interface in Cpanel and download both Keys.
Then in FileZilla
Host: IP of server
Protocol: SFTP
Logon Type: Key File
Key File: the PPK you made.
(if you asked Cpanel to make the file select the one that does not end in .pub and FileZilla will convert it for you to a .ppk file.
After clicking connect you should be in
If you still have an error make sure the SSH port (22) is open in your filewalls both Google cloud.google.com > Networks and WHM > LDF/CSF plugin
Use SSH File Transfer Protocol.
No need to install ftp service.
Use winscp for connecting with sftp.
The recommended way of transferring files to a Unix-based Google Compute Engine VM is via the gcloud compute copy-files command. For this, please install the Google Cloud SDK. Then, run a command such as the following:
gcloud compute copy-files --zone=<Compute Engine zone>/path/to/local/file.txt <Compute Engine instance name>:/path/to/destination/file.txt
If you'd like to use FileZilla, you'll have to configure it for access. The SSH daemon on Compute Engine VMs is set up for key-based authentication. This forum post indicates how this is possible in FileZilla. The catch is that you need to put your public key on the VM, which can be a little tricky. gcloud compute copy-files and gcloud compute ssh take care of this for you, which is why they are the recommended method.
Related
Problem:
I cannot connect via ssh to my vm instance on gcloud
Description:
I am using gcloud with my own domain as the user userid#mydomain.com
I created a vm instance on Google Cloud Engine
I installed "WordPress Multisite Certified by Bitnami" via Cloud Launcher
The vm is up and running, I can even access a wordpress page.
In the section "VM Instances", I click the button SSH, but cannot connect, the window prompts:
Transferring SSH keys to the VM.
Could not connect, retrying (1/3)...
The log does not contain any errors.
Attempt 1: Gcloud API
In the Windows CMD, I can successfully connect by calling
gcloud compute ssh userid_mydomain_com#MY_INSTANCE_NAME
It generates file in C:\Users\ACCOUNT_NAME.ssh, but the file google_compute_engine.pub contains my Windows account name at the end in the format HOST\account_name#host, not my gcloud user name (userid#mydomain.com)!
I retried the ssh button, but it still failed.
I then pasted the content from the file google_compute_engine.pub into the ssh key field, but it still doesnt work, perhaps due to the wrong user name? I changed the name, but that didnt help.
Attempt 2: PuttyGen
I also tried generating ssh key with PuttyGen as described here and used userid#mydomain.com in the key comment. With or without the newly generated public key in the vm instance configuraton, I can not ssh into the vm.
Question:
How can I access my vm on gcloud via the ssh button and via putty?
Update:
I can connect to my vm instance using Putty and WinSCP.
I entered the keyfile provided in the Bitnami launchpad and the user name 'bitnami'. The ssh buttons, however, still dont make me enter.
You might not be using the right credentials. However, it's pretty weird the Web Browser Terminal Google offers
you through the SSH button doesn't work.
Please take a look to the documentation below and try to follow the steps, it might help you:
https://docs.bitnami.com/google/faq/#how-to-connect-to-the-server-through-ssh
You can connect to a VM instance via many ways:
SSH from Google cloud console
Connect via Cloud shell
Connect via your local terminal with gcloud command with IAP by using --tunnel-through-iap parameter.
gcloud compute ssh userid_mydomain_com#MY_INSTANCE_NAME --tunnel-through-iap
I'm working on a project that requires me to run my code on a remote Unix server, that is not available to connect to directly (you first have to log in to the "gate" node and then to this server).
What's really bad is that they disabled key authentication, so each time I need to ssh into it, I have to type in my password twice. It's really annoying and I wonder what's the best way to transfer my local modifications of source files to this server, compile and run them without having to provide those passwords so many times.
I have no sudo access to any of those servers (neither to this "gate", nor to this target server). Any ideas on how to make the whole process more efficient?
EDIT: Martin Prikryl provided a great answer below, but it's suitable for Windows and I'm on a Mac :) I guess it might be a good thing to have it documented here also for *NIX systems.
You are looking for SSH tunneling.
WinSCP SFTP client supports one-hop SSH tunneling natively.
See the Tunnel page on WinSCP Advanced Site Settings dialog.
I assume that after you transfer the file, you need to open SSH terminal to compile the file.
You may be able to make use of WinSCP Console window for that step.
Alternatively, if you need/want to use a real SSH terminal client, make use of an existing SSH tunnel, created by WinSCP, and connect with PuTTY (or any other SSH client) over it.
In the Local tunnel port of WinSCP Tunnel page, select a fixed port number (instead of the default Autoselect). In PuTTY enter "localhost" to Host Name and the selected port in Port.
(I'm the author of WinSCP)
I'm playing with Google Compute Engine(GCE) as I'm planning to migrate the cloud service provider from Rackspace(reason: GCE has good upgrade plans with best discount price).
I have few issues with GCE and one of them is Ubuntu os/image not supported by default. But there is an alternate method to run any linux distro in GCE, which is called Building an image from scratch for uploading custom images and creating instances(servers) from uploaded image.
I could able to create and run the instances from the Ubuntu image I uploaded to GCE following the link hagikuratakeshi.hatenablog.com. This is simply running ubuntu in general. I didn't face any problem but google's gcutil tool prompts for ssh passphrase and adds the key in GCE meta data but accepts only password logins(then why it prompts for passphrase).
I want to strictly follow Building an image from scratch as recommended by google. But after following all the steps, I could not able to login to my server instance via SSH. I guess this happens when I install Google Compute Engine image packages: google-startup-scripts_1.1.2-1_all.deb, google-compute-daemon_1.1.2-1_all.deb & python-gcimagebundle_1.1.2-1_all.deb. These packages/scripts make some changes to the instance at the startup and also to SSH configuration which are Strongly recommended. Once I strictly follow the link or once I install these packages I could not able to establish SSH connection once the instance is rebooted. The error message similar to the one below is shown while trying to connect:
test#machine1:~$ gcutil --service_version="v1" --project="mypro-555" ssh --zone="asia-east1-a" "server-instance-1"
INFO: Running command line: ssh o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o StrictHostKeyChecking=no -i /home/test/.ssh/google_compute_engine -A -p 22 test#101.167.xxx.xxx -
ssh: connect to host 101.167.xxx.xxx port 22: Connection refused
NOTE: The user account test is available and common on both local and GCE server!.
My main problem is SSH connection when I strictly follow the steps. If I upload the fresh image and then follow the recommended steps connecting SSH, I could not do SSH again once I restart the instance (or) if I setup everything in the uploaded image before uploading, the created instance will be running but I could not able to connect atleast ones and the error is same.
Anybody using GCE with your custom image?, are you allowed to connected even after following the recommended settings?. Anyone already fixed this SSH issue?. Please post your comments!
EDIT 1
I could not figure out from the logs and here is the output of gcutil getserialportoutput server-instance-1.
The key here is that your ssh client says "connection refused". This indicates that there is indeed a machine at that IP address, but it's not accepting SSH connections. There are a few possible explanations:
The ssh daemon isn't running, or is listening on the wrong interface
Your instance is configured with a firewall that's denying SSH traffic
The GCE firewall rule to allow SSH traffic has been removed
I am using aws java sdk to launch EC2 instances (running Ubuntu 12.04) and run a distributed tool on them, the tool uses openMPI for message passing between the nodes and openMPI uses SSH to connect nodes with each other.
The problem is that the EC2 instances don't authenticate each other for SSH connections by default, this tutorial shows how to set up SSH by generating keys and adding them to nodes, However, when I tried to add the generated key to the slaves using the command
$ scp /home/mpiuser/.ssh/id_dsa.pub mpiuser#slave1:.ssh/authorized_keys
I still got permission denied. Also, after generating new keys, I was not able to log in using the ".pem" key that I got from amazon.
I am not experienced with SSH keys, but I would like to have some way of configuring each EC2 instance (when its firstly created) to authenticate the others, for example by coping a key into each of them. Is this possible and how It could be done?
P.S.: I can connect to each instance once it is launched and can execute any commands on them over SSH.
I found the solution, I added the amazon private key (.pem) in the image (AMI) that I use to create the EC2 instances and I changed the /etc/ssh/ssh_config file by adding a new identity file
IdentityFile /path/to/the/key/file
This made SSH recognize the .pem private key when it tries to connect to any other EC2 instance created with the same key.
I also changed StrictHostKeyChecking to no, which stopped the message "authenticity of host xxx can't be established" which requires users interaction to proceed with connecting to that host.
I purchased shared hosting from Vexxhost.I wanted to host my Rails application with them.I was given cpanel details.I generated SSH keys using the cPanel and converted it to .ppk format.Next, i downloaded the key.But when i try SSH login using Putty, i get the message Server Refused Our Key.Then i'm prompted for the password.When i enter password, message is displayed: Shell access is not available for your account.Contact support.I did contact support, but no reply.Am I doing any mistake in the procedure?
I haven't used cpanel to generate ssh keys, usually I do it at the ubuntu console. Is it possible that the ppk conversion has encoding issues? or it not done right?
Do you have access to a linux box? It would be simpler to test it there.
I have configured a server myself with ssh access, and if user does not have ssh access they are presented with user/pass. So it appears that your ssh credentials are denied, but your password is recognized as accurate. Authentication is happening.
About the issue of shell support. It could be that they enable shell support only if you connect with valid ssh credentials - in which case, you need to contact support.
Or, your account does not have ssh access, and you still need to contact support.
hope it helps