gcloud compute ssh returns Permission Denied (publickey)

ssh google-cloud-platform gcloud
13,804

Solution 1

I had this problem. I couldn't login with gcloud command, manual ssh with -i flag, or even using the web browser ssh client.

I also tried to manually add a new key in the ssh keys editor which seemed to go through fine but STILL didn't let me in.

Increasing the boot disk size and restarting the instance fixed the problem.

Solution 2

This problem may happen if you delete the .ssh/authorized_keys file, and you may be able to fix the connection for the user with the problem if you have access to the machine through another user, usually that can be done with the following command ran by that other user:

gcloud compute ssh <machine-name> --project <project> --zone <zone>

Create the user's .ssh/authorized_keys file by adding the .ssh/google_compute_engine.pub key from the machine you are trying to connect from.

sudo -i

cd /home/<misconfigured-user>

# Optional, verify the keys are not already set.
cat .ssh/authorized_keys

touch .ssh/authorized_keys

Edit the file with your favorite editor and paste the local machine value.

Then just set the proper permissions for the file, it may not be necessary, but these are the default permissions.

chown <user> ~/.ssh/authorized_keys
chgrp <user> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
Share:
13,804
Matt Skone
Author by

Matt Skone

Updated on June 13, 2022

Comments

  • Matt Skone
    Matt Skone almost 2 years

    According to Google Cloud documentation, if I am a project member with the "compute instance admin" role, I should be able to connect to any instance in my project using the gcloud tool.

    On the project IAM page in the Google Cloud console, I have explicitly added my username with the "Compute Instance Admin (v1)" role, yet I am still unable to connect to an instance created by some of our automation.

    [username]:~/src/infrastructure$ gcloud compute ssh [instance id]
Unauthorized use is strictly prohibited. All access and activity
is subject to logging and monitoring.
Permission denied (publickey).
ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].

    The only instances I seem to be able to connect to are those created by me.

    What might be going wrong here?

    As a side note, according to this documentation, I should be able to add my RSA public key to the instance manually, then connect using SSH.

    I added my public key from ~/.ssh/google_compute_engine.pub to the instance metadata, then tried using SSH, with no luck.

    [username]:~/src/infrastructure$ ssh -i ~/.ssh/google_compute_engine [public ip of instance]
Unauthorized use is strictly prohibited. All access and activity is subject to logging and monitoring.
Received disconnect from 35.197.127.143 port 22:2: Too many authentication failures for matts
Connection to 35.197.127.143 closed by remote host.
Connection to 35.197.127.143 closed.

    As Google recommends, I do not want to manually manage SSH keys for instance access. I want gcloud compute ssh to work, so I'm less focused on this second failure than I am on the first one (unless they're related).

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

gcloud SSH connection asks for password instead of passphrase
Google Cloud Platform - SSH Connection Refused
default ssh is not working from GCP Console and browser crashes or hang
Dart Error: error: import of dart:mirrors is not supported in the current Dart runtime
Assigning scopes to a gcloud service account
How to run Google gsutil using Python
google compute engine tool gcloud is exceptionally slow
gcloud - ERROR: (gcloud.app.deploy) Permissions error fetching application
Unable to SSH to Google Cloud
Compute Engine SSH: You do not have sufficient permissions to SSH into this instance