Permission denied (publickey).
Whenever I tried to ssh from one of my Google Cloud VMs to another, I got an error message. SSH asks me if I want to continue connecting, and when I say "yes", I get:
Permission denied (publickey).
If I just type enter (fingerprint), I get
Host key verification failed.
Here I want to show you how to resolve this.
The reason for this error message is that password logins are disabled by default, and that is a very sensible default. So we have to use host keys. A host key consists of a public and a private part. Let's create it right away. Use any VM, log in via browser-ssh and issue:
ssh-keygen -t rsa
Confirm all the defaults (even a hen could do this if you put enough corns onto the Enter key).
Let's look at your public key:
$ cat .ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCWo9/5gZ6Du51Rz3T7MOqgJg3aHPqw8CzVw20+DxeUh5FEGuZWQmRpToI7yH+9pR6JgqThJQ/MUyFELKKuKN4uafpOzPwclrLqv9oP+CWp3dYv020u3847eqBxotltD1L8o5D5+O1REbKKOlGQxyrs0xdYVuA3vm2UYH5aFXxs0BDlJTrKXYjjAOy6a6wliSAd5AlDGa3X6N0+pGFjURq3bF+QdqxBxPfYkbOE4ldCSbWSVPL9wkRLriyOgkHCBnBumsN6y19LFZwPVIZetzatM6RuFF/995cvtMVpKnxAvRd2jVefRaI9SSFQ9WL3Coo9cbpa0j1DuugqIElLc+oP thorsten@instance-2
This guy must now go into authorized_keys and your ssh query will be accepted whereever this file contains this public key. To put it into authorized_keys, you must find out if OS Login is enabled or not. OS Login manages (and overwrites) the authorized_keys file inside the operating system for you.
To find out if OS Login is enabled, go to the project metadata in Cloud Console:
In the following picture it is disabled:If OS Login is disabled, log in via browser ssh to the target VM and add your key to authorized_keys:
$ cat id_rsa.pub >>~/.ssh/authorized_keys
thorsten@instance-2:~$ ssh 34.123.85.213 Welcome to Ubuntu 20.04.3 LTS (GNU/Linux 5.11.0-1022-gcp x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage System information as of Sat Jun 4 22:33:39 UTC 2022 System load: 0.0 Processes: 138 Usage of /: 84.3% of 9.52GB Users logged in: 1 Memory usage: 39% IPv4 address for ens4: 10.128.0.5 Swap usage: 0% 369 updates can be applied immediately. 245 of these updates are standard security updates. To see these additional updates run: apt list --upgradable Last login: Sat Jun 4 22:04:09 2022 from 34.122.183.250 thorsten@guacamole-2:~$
Comments
Post a Comment