Error while trying to ssh into Linux VM on GCP

Question

I'd like to know if you've come across this error and possible solution. I've gone through alot to fix this, but doesn't seem to work.

Permission denied (publickey,gssapi-keyex,gssapi-with-mic). ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].

You can find detailed answer on [this thread](https://serverfault.com/questions/890374/unable-to-ssh-onto-gce-vm-after-reboot) — D Saini, Jan 09 '18 at 02:58
You can find the detailed answer on [this thread](https://serverfault.com/questions/890374/unable-to-ssh-onto-gce-vm-after-reboot). — D Saini, Jan 09 '18 at 03:00

Victor M Perez · Answer 1 · 2018-01-31T06:24:32.337

You can use the guide on Connecting to Linux Instances. The different options are(see link for details):

Connecting using Compute Engine tools
Connecting using third-party tools
Connecting to instances that do not have external IP addresses

A very important issue with this last one, and the possible cause of your error is to set up the firewall rule, add a tag to it and then add this tag to your instance:

...

Note: Your Google Cloud Platform VPC network must have one or more firewall rules that allow SSH connections on port 22. The firewall rules must allow SSH connections for the IP ranges or specific IP addresses from which you want to connect.

...

See this doc about firewall rules and in step 8 of this codelab, you learn how to enable a rule. In you case your Destination protocol and port will be tcp:22 and not tcp:80.

Before setting the rule, if I try to connect using this command:

perezprado@trainingperezprado:~$ gcloud compute ssh perezdesktop

I receive the same error message:

ssh: connect to host 00.111.222.333 port 22: Connection timed out
ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].

On the other hand, this error:

Permission denied (publickey,gssapi-keyex,gssapi-with-mic)

has an answer here. Apparently:

.....someone else in your project set the per-instance metadata for sshKeys (which overrides the project-wide metadata)....

See the link for details.

score 0 · Answer 2 · answered Jan 08 '18 at 12:28

I am guessing you are using SSH command or some third party tool to get in into your Google compute instance. It accepts only SSH-key based logins. You will have to add those keys manually through a SSH console opened from Google Compute console website.

score 0 · Answer 3 · answered Sep 28 '19 at 14:16

I ran into the same problem when I added ssh-keys at the project level (Console: Compute Engine -> Metadata -> SSH Keys). The problem was resolved after I added ssh-keys at the os-login level:

gcloud compute os-login ssh-keys add \
    --key-file [KEY_FILE_PATH] \
    --ttl [EXPIRE_TIME]

Ref: https://cloud.google.com/compute/docs/instances/managing-instance-access#enable_oslogin

Error while trying to ssh into Linux VM on GCP

3 Answers3