SSH Into Google Cloud Compute Engine Instance Using Secure Shell Client
I
need to set and test my web-app using Google cloud compute engine. How do I connect to an Instance Using ssh on Ubuntu Linux or Apple OS X based system?
By default, you can always connect to an instance using ssh. This is useful so you can manage and configure your instances beyond the basic configuration enabled by gcutil or the REST API. The easiest way to ssh into an instance is to use gcutil command from your local Linux / OS X based systems. The following steps are required
Install gcutil/google sdk
Authorize instance
Verify instance status
Create ssh keys
Connect using gcutil or ssh client
Step #1: Install gcutil
gcutil runs on UNIX-based operating systems such as Linux and Mac OS X. To use gcutil, you must have Python 2.6.x or 2.7.x installed on your computer. gcutil does not support Python 3.x. Python is installed by default on most Linux distributions and Mac OS X. Open the Terminal and type the following command or to grab gcutil tool visiting this url.
Debian / Ubuntu / RHEL / CentOS Linux/OS X UNIX user type the following commands:
Open a terminal and type:
Download IT ##
$ wget https://dl.google.com/dl/cloudsdk/release/google-cloud-sdk.tar.gz
$ tar -zxvf google-cloud-sdk.tar.gz
INSTALL IT ##
$ bash google-cloud-sdk/install.sh
Sample outputs:
Welcome to the Google Cloud SDK!
The Google Cloud SDK is currently in developer preview. To help improve the
quality of this product, we collect anonymized data on how the SDK is used.
You may choose to opt out of this collection now (by choosing N at the below
prompt), or at any time in the future by running the following command:
gcloud config set –scope=user disable_usage_reporting true
Do you want to help improve the Google Cloud SDK (Y/n)? n
This will install all the core command line tools necessary for working with
the Google Cloud Platform.
The following components will be installed:
——————————————————————————————-
| BigQuery Command Line Tool | 2.0.18 | < 1 MB |
| BigQuery Command Line Tool (Platform Specific) | 2.0.18 | < 1 MB |
| Cloud DNS Admin Command Line Interface | 2015.04.29 | < 1 MB |
| Cloud SDK Core Command Line Tools | 1 | |
| Cloud SDK Core Libraries (Platform Specific) | 2014.10.20 | < 1 MB |
| Cloud SQL Admin Command Line Interface | 2015.04.09 | < 1 MB |
| Cloud Storage Command Line Tool | 4.12 | 2.5 MB |
| Cloud Storage Command Line Tool (Platform Specific) | 4.6 | < 1 MB |
| Compute Engine Command Line Interface | 2015.04.29 | < 1 MB |
| Compute Engine Command Line Tool (deprecated) | 1.16.5 | < 1 MB |
| Compute Engine Command Line Tool (deprecated) (Platform Specific) | 1.16.5 | < 1 MB |
| Default set of gcloud commands | 2015.04.29 | < 1 MB |
| Native extensions for gcloud commands (Mac OS X, x86_64) | 0.15.0 | 4.0 MB |
——————————————————————————————-
|- Creating update staging area -|
|============================================================|
|- Installing: BigQuery Command Line Tool -|
|============================================================|
|- Installing: BigQuery Command Line Tool (Platform Spec… -|
|============================================================|
|- Installing: Cloud DNS Admin Command Line Interface -|
|============================================================|
|- Installing: Cloud SDK Core Command Line Tools -|
|============================================================|
|- Installing: Cloud SDK Core Libraries (Platform Specific) -|
|============================================================|
|- Installing: Cloud SQL Admin Command Line Interface -|
|============================================================|
|- Installing: Cloud Storage Command Line Tool -|
|============================================================|
|- Installing: Cloud Storage Command Line Tool (Platform… -|
|============================================================|
|- Installing: Compute Engine Command Line Interface -|
|============================================================|
|- Installing: Compute Engine Command Line Tool (depreca… -|
|============================================================|
|- Installing: Compute Engine Command Line Tool (depreca… -|
|============================================================|
|- Installing: Default set of gcloud commands -|
|============================================================|
|- Installing: Native extensions for gcloud commands (Ma… -|
|============================================================|
Creating backup and activating new installation…
Update done!
Modify profile to update your $PATH and enable bash completion? (Y/n)? y
The Google Cloud SDK installer will now prompt you to update an rc
file to bring the Google Cloud CLIs into your environment.
Enter path to an rc file to update, or leave blank to use
[/Users/veryv/.bash_profile]:
Backing up [/Users/veryv/.bash_profile] to [/Users/veryv/.bash_profile.backup].
[/Users/veryv/.bash_profile] has been updated.
Start a new shell for the changes to take effect.
See how to install gcutil tool to manage Google Compute Engine on Linux / Unix for more information.
Step #2: Authenticating to Google Compute Engine
The syntax is:
gcloud auth login
gcloud auth login –project=YOUR-PROJECT-ID-HERE
If your project id is “apache-cluster”, enter:
gcloud auth –project=apache-cluster
Sample outputs:
Fig.01: Authenticating to Google Compute Engine using gcutil command
Open a web browser, and go to the specified URL. Click the Grant Access link. The page will display an authorization code. Copy this code. Paste the authorization code into the waiting gcutil auth terminal and press enter. Type the following command to cache project-id:
gcloud config set project YOUR-PROJECT-ID-HERE
Step #3: Verify instance status
Type the following command:
$ gcloud compute instances list
Sample outputs:
NAME ZONE MACHINE_TYPE INTERNAL_IP EXTERNAL_IP STATUS
instance-1 asia-east1-c f1-micro 10.240.xx.yyy 104.155.xxx.zzz RUNNING
Note: instance-1 instance running in asia-east1-c zone.
Step #4: Create ssh keys
The syntax is:
gcloud compute ssh instance_name_here
gcloud compute ssh USER@instance_name_here
gcloud compute ssh USER@instance_name_here — arg1 arg2
gcloud compute –project PROJECT_ID_HERE ssh instance_name_here
In this example, connect to db1 instance using ssh:
$ gcloud compute ssh db1
WARNING: Consider passing –zone=us-central1-a to avoid the unnecessary zone lookup which requires extra API calls.
INFO: Zone for db1 detected as us-central1-a.
WARNING: You don t have an ssh key for Google Compute Engine. Creating one now…
Enter passphrase (empty for no passphrase): TYPE-YOUR-PASSPHRASE-HERE
Enter same passphrase again: TYPE-YOUR-PASSPHRASE-HERE
INFO: Updated project with new ssh key. It can take several minutes for the instance to pick up the key.
INFO: Waiting 300 seconds before attempting to connect.
gcutil creates local files to store your public and private key, and copies your public key to the project. By default, gcutil stores ssh keys in the following files on your local system:
$HOME/.ssh/google_compute_engine – Your private key
$HOME/.ssh/google_compute_engine.pub – Your public key
Step #5: Connect using gcutil or ssh client
The syntax is:
gcloud compute ssh instance_name_here
gcloud compute ssh USER@instance_name_here –zone NOZE_NAME_HERE
OR
ssh -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o StrictHostKeyChecking=no -i $HOME/.ssh/google_compute_engine -A -p 22 $USER@TYPE-GOOGLE-COMPUTE-ENGINE-PUBLIC-IP-HERE
In this example, connect to the ‘instance-1’ instance using gcloud tool:
gcloud compute ssh instance-1
Sample outputs:
For the following instances:
– [instance-1]
choose a zone:
[1] asia-east1-c
[2] asia-east1-a
[3] asia-east1-b
[4] europe-west1-d
[5] europe-west1-c
[6] europe-west1-b
[7] us-central1-c
[8] us-central1-b
[9] us-central1-a
[10] us-central1-f
Please enter your numeric choice: 1
Warning: Permanently added 104.155.xxx.zzz (RSA) to the list of known hosts.
[vivek@instance-1 ~]$
In this example, connect to the db1 (public ip 1.2.3.4) instance using ssh command:
ssh -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o StrictHostKeyChecking=no -i $HOME/.ssh/google_compute_engine -A -p 22 vivek@1.2.3.4
Sample sessions:
Fig.02: Connecting to an Instance Using ssh
To SSH into ‘db3’ in zone asia-east1-c, run:
gcloud compute ssh db3 –zone asia-east1-c
You can also run a command on the virtual machine. For example, to get a snapshot of the guest’s process tree, run:
gcloud compute ssh db3 –zone asia-east1-c –command ps -ejH
If you are using the Google container virtual machine image, you can SSH into one of your containers with:
gcloud compute ssh db3 –zone asia-east1-c –container CONTAINER
How do I login as root user?
For security reasons, the standard Google do not provide the ability to ssh in directly as root. The instance creator and any users that were added using the –authorized_ssh_keys flag or the metadata sshKeys value are automatically administrators to the account, with the ability to run sudo without requiring a password. Type the following command to switch to root user:
sudo -s
Sample session:
Fig.03: Root Access and Instance Administrators using the ‘sudo -s’ command on Google compute instance
Optional: Update your gcloud tools
Type the following command:
gcloud components update
Sample outputs:
The following components will be updated:
———————————————————————–
| BigQuery Command Line Tool | 2.0.18 | < 1 MB |
| Cloud DNS Admin Command Line Interface | 2015.04.29 | < 1 MB |
| Cloud SDK Core Libraries | 2015.04.29 | 1.8 MB |
| Cloud SDK Core Libraries (Platform Specific) | 2014.10.20 | < 1 MB |
| Cloud SQL Admin Command Line Interface | 2015.04.09 | < 1 MB |
| Cloud Storage Command Line Tool | 4.12 | 2.5 MB |
| Compute Engine Command Line Interface | 2015.04.29 | < 1 MB |
| Compute Engine Command Line Tool (deprecated) | 1.16.5 | < 1 MB |
———————————————————————–
The following components will be installed:
———————————————————————————-
| Default set of gcloud commands | 2015.04.29 | < 1 MB |
| Native extensions for gcloud commands (Mac OS X, x86_64) | 0.15.0 | 4.0 MB |
———————————————————————————-
Do you want to continue (Y/n)? y
Creating update staging area…
Uninstalling: BigQuery Command Line Tool … Done
Uninstalling: Cloud DNS Admin Command Line Interface … Done
Uninstalling: Cloud SDK Core Libraries … Done
Uninstalling: Cloud SDK Core Libraries (Platform Specific) … Done
Uninstalling: Cloud SQL Admin Command Line Interface … Done
Uninstalling: Cloud Storage Command Line Tool … Done
Uninstalling: Compute Engine Command Line Interface … Done
Uninstalling: Compute Engine Command Line Tool (deprecated) … Done
Installing: BigQuery Command Line Tool … Done
Installing: Cloud DNS Admin Command Line Interface … Done
Installing: Cloud SDK Core Libraries … Done
Installing: Cloud SDK Core Libraries (Platform Specific) … Done
Installing: Cloud SQL Admin Command Line Interface … Done
Installing: Cloud Storage Command Line Tool … Done
Installing: Compute Engine Command Line Interface … Done
Installing: Compute Engine Command Line Tool (deprecated) … Done
Installing: Default set of gcloud commands … Done
Installing: Native extensions for gcloud commands (Mac OS X, x86_64) … Done
Creating backup and activating new installation…
Done!
References:
$HOME/.bash_profile file example.
Google Compute Engine documentation.
Man pages: ssh(1),bash(1)
