In this tutorial, we will configure a Linux Virtual Machine that is hosted on Google Cloud Platform (GCP) to accept remote connection through SSH using a public/private key. If you do not have a GCP Learn here how to create a Google Cloud Platform Account. For Windows users I recommend two steps before start:
- Install the ConEmu. It is a Windows terminal with a lot of enhancement.
- Install Hosts File Editor. It is a Editor for the Windows Host File.
- Go to the Google Cloud Platform (GCP) dashboard and start the VM Instance. (See this tutorial on how to create a VM Instance).
- Copy the External IP and check if you can reach the remote machine with a ping command. Warning : This IP address can change when restarting the VM instance.
- Open the software
Host File Editorand configure the Hostname for this IP address. It this example I gave the name
becloudnativedev. When the external UP address changes after a restart, update the host file with the new value. The software will edit the Windows host file, it is very similar to the Linux /etc/hosts file.
- Perform a
pingcommand to check whether you can reach re remote machine with the host name chosen.
\> ping becloudnativedev Pinging becloudnativedev [220.127.116.11] with 32 bytes of data: Reply from 18.104.22.168: bytes=32 time=188ms TTL=52 Reply from 22.214.171.124: bytes=32 time=186ms TTL=52 Reply from 126.96.36.199: bytes=32 time=185ms TTL=52 Reply from 188.8.131.52: bytes=32 time=189ms TTL=52 Ping statistics for 184.108.40.206: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 185ms, Maximum = 189ms, Average = 187ms
Generate the public and private key files with the command ssh-keygen.
ssh-keygen -t rsa -b 4096 -f %USERPROFILE%/.ssh/becloudnativedev.key
- When asked for the passphrase, keep blank and just type enter to confirm. The output will be similar to the following.
Generating public/private rsa key pair. Created directory 'C:\Users\eduardo/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in C:\Users\eduardo/.ssh/becloudnativedev.key. Your public key has been saved in C:\Users\eduardo/.ssh/becloudnativedev.key.pub. The key fingerprint is: SHA256:TsRNK0F7ybvCOC0mnzSpkBWDyiuvMVfu8i5mk5Yhs6E eduardo@notebook The key's randomart image is: +---[RSA 4096]----+ | .o . | | . . \* o | | . o = \* | |.. o . o . | |.. o S . | |+ o= B . | |=\*++o O = . | |E=Xo \* = . | |.=.\*= o | +----[SHA256]-----+
- Go to the
%USERPROFILE%/.sshfolder and check the created files
C:\Users\eduardo\.ssh λ ls -la total 45 drwxr-xr-x 1 eduardo 197121 0 Sep 19 00:01 ./ drwxr-xr-x 1 eduardo 197121 0 Sep 18 23:46 ../ -rw-r--r-- 1 eduardo 197121 3243 Sep 19 21:32 becloudnativedev.key -rw-r--r-- 1 eduardo 197121 743 Sep 19 21:32 becloudnativedev.key.pub -rw-r--r-- 1 eduardo 197121 175 Sep 19 00:01 known\_hosts
With the following steps, you can generate the keys using the software PuttyGen. You do not need to follow these steps if you followed the previous one.
- Donwload and open PuttyGen
- Click on
Generatebutton and keep moving the mouse while the progress bar fill out.
- Click on
Conversions -> Export OpenSSH keyand save this private key into a file named
- Copy the text of the public key from the PuttyGen and save into a file
- When try to test the SSH command, If you get a Permission denied error due a Bad permission you will need restrict the permission of the
becloudnativedev.keyfile . Check this thread on stackoverflow.
If you are on Linux you can generate the keys with the following steps. You do not need to follow these steps if you followed the previous one.
- Go to .ssh folder
- Generate a public and private key
ssh-keygen -t rsa -f ~/.ssh/becloudnativedev.key.
- Two files will be created at ~/.ssh.
- Change the permissions of the private key
chmod 600 becloudnativedev.key
Lets configure the VM instance to allow SSH connections using our keys.
- Go to VM Instances on GCP and click on the instance you created
- Click on
Editbutton and scroll down to
- In the session Click on
Show and editand paste into the text box the content of the file
- Scroll down and click on
Now it´s time to confirm that everything works and connect on our remote machine.
- Open the console go to the
%USERPROFILE%/.sshdirectory and connect remotely to the VM Instance using the command
ssh -i becloudnativedev.key eduardo@becloudnativedev
λ ssh -i becloudnativedev.key eduardo@becloudnative key\_load\_public: invalid format The authenticity of host 'becloudnative (220.127.116.11)' can't be established. ED25519 key fingerprint is SHA256:Zlbz3z6tObcWd3UQyCf+1giF4aJeZ11StwY4vMrPMmQ. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'becloudnative' (ED25519) to the list of known hosts. educostabra@cloud-native ~ $
It´s done! The remote machine accepted the SSH connection and used the private key to authenticate without the need to ask you password. Keep you private key safe and do not forget of shutdown your VM Instance in case you will not use.
Watch the following video and see the previous steps being executed on practice:
The post Configuring a remote connection on a Linux instance hosted on Google Cloud Platform appeared first on Be Cloud Native. If you have any doubts or questions feel free to drop a comment here or reach me out on Twitter @educostadev.