问题描述
我在一个新项目上设置了Google Compute Engine的新实例.我启动实例并使用命令gcloud init
连接到我的项目.然后,我使用命令sudo gcloud compute ssh instance-1
.它需要我完成SSH密钥对的生成:
I've set up a new instance of Google Compute Engine on a new project. I start the instance and use command gcloud init
to connect to my project. I then use command sudo gcloud compute ssh instance-1
. It takes me through SSH key pair generation:
WARNING: The private SSH key file for Google Compute Engine does not exist.
WARNING: You do not have an SSH key for Google Compute Engine.
WARNING: [/usr/bin/ssh-keygen] will be executed to generate a key.
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/username/.ssh/google_compute_engine.
Your public key has been saved in /Users/username/.ssh/google_compute_engine.pub.
The key fingerprint is:
SHA256:there_is_a_key_here_but_probably_should_not_show_it root@My-MacBook-Air-4.local
The key's randomart image is:
+---[RSA 2048]----+
| |
| |
| |
| |
| |
| |
| |
|There is an image|
|here |
+----[SHA256]-----+
Updating project ssh metadata...\Updated [link to the project].
Updating project ssh metadata...done.
Warning: Permanently added 'compute.1788786712041991164' (ECDSA) to the list of known hosts.
Permission denied (publickey).
Permission denied (publickey).
Permission denied (publickey).
Permission denied (publickey).
Permission denied (publickey).
Permission denied (publickey).
Permission denied (publickey).
Permission denied (publickey).
Permission denied (publickey).
Permission denied (publickey).
Permission denied (publickey).
Permission denied (publickey).
Permission denied (publickey).
ERROR: (gcloud.compute.ssh) Could not SSH to the instance. It is possible that your SSH key has not propagated to the instance yet. Try running this command again. If you still cannot connect, verify that the firewall and instance are set to accept ssh traffic.
很奇怪.我在Google Cloud Console中检查了元数据,它们在运行此命令后出现在其中.因此,它已成功生成,并且元数据已更新.我稍等片刻,然后再次尝试相同的命令:
Weird. I check the metadata in my Google Cloud Console, they key appeared there after running this command. So it was successfully generated and metadata was updated.I wait a little bit, and try again the same command:
My-MacBook-Air-4:~ myname$ sudo gcloud compute ssh instance-1
Permission denied (publickey).
ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255]. See https://cloud.google.com/compute/docs/troubleshooting#ssherrors for troubleshooting hints.
因此,我尝试了一些故障排除提示:
So I try some of the troubleshooting hints:
gcloud compute firewall-rules list
NAME NETWORK SRC_RANGES RULES SRC_TAGS TARGET_TAGS
default-allow-http default 0.0.0.0/0 tcp:80 http-server
default-allow-https default 0.0.0.0/0 tcp:443 https-server
default-allow-icmp default 0.0.0.0/0 icmp
default-allow-internal default 10.128.0.0/9 tcp:0-65535,udp:0-65535,icmp
default-allow-rdp default 0.0.0.0/0 tcp:3389
default-allow-ssh default 0.0.0.0/0 tcp:22
防火墙似乎很好.这发生在我在任何项目上创建的每个Google Compute Engine实例上.我不知道发生了什么,已经创建了密钥对,我在几个不同的项目上尝试了所有步骤几次,并且错误仍然存在.
Firewall seems fine. And that happens to EVERY Google Compute Engine instance I create on ANY project. I don't understand what is going on, the key pairs have been created, I tried all of the steps several times on several different projects and the error persists.
密钥出现在项目的SSH选项卡中,元数据"选项卡仍然为空.
The keys appeared in the SSH Tab of the project, the Metadata tab is still empty.
推荐答案
在这里使用sudo
是错误的.看来您已经在/Users/username/.ssh/google_compute_engine
中创建了一个密钥,但是由于它具有注释root@My-MacBook-Air-4.local
,因此它可能是用错误的所有权(即由root拥有)创建的.
Using sudo
is wrong here. It appears that you've created a key in /Users/username/.ssh/google_compute_engine
but since it has the comment root@My-MacBook-Air-4.local
, it's probably created with the wrong ownership (i.e. owned by root).
您也许可以通过以下方法解决此问题:
You might be able to fix this up with:
sudo chown $USER:$GROUPS ~/.ssh/google_compute_engine{,.pub}
然后不连接 sudo
gcloud compute ssh instance-1
或者,如果失败了,那就重新开始,但不要对任何东西使用sudo
.
Or if that fails just start over but don't use sudo
for anything.
这篇关于无法通过SSH连接到Google Compute Engine的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!