How to SSH into a Google Compute Engine VM
Now that you've set up your Google VM (see What's the Cheapest Remote VM for Development? about how to do it), you want to connect to it using SSH, so you can do some work on it.
The easiest methods are SSH in web browser and using "gcloud" - but they are out of scope of this article. We will consider the methods of connecting from your local terminal.
Possible Methods
There are two methods of managing SSH access to your Google Compute Engine:
The latter one is enabled by default, but is less secure. It allows you to attach an SSH key to every particular VM that you are running, or to the whole project (and then it will be shared among all that project's VMs).
With the OS Login, on the other hand, you will attach the SSH key to your google account, and it will be shared among all your VMs.
Metadata-based SSH keys are easier to set up, and are enough for our purposes, so that's what we will be doing in this article.
First, you need to generate your SSH keys, and then associate them with your Google account.
Generating an SSH Key Pair
Please refer to my other article about how to do this - Generating an SSH Key Pair.
Adding SSH Key to Google
Access your project metadata in the following way:
Choose the tab "SSH Keys":
Click on "Add SSH Key":
In the "SSH Key" field, you will need to paste the whole contents of your "~/.ssh/id_rsa.pub" file:
Once you did that - click on the Save button:
After the Save operation is complete, your SSH key record will be displayed to you. Please take note of your username that you will use to connect via SSH:
By adding your public SSH key to the "SSH Keys" tab at the project level, the key will be applied to all VM instances within the project. This means you will be able to SSH into any VM instance in that project using the corresponding private key.
Configuring Your Hosts File
We are going to add all your Google VMs into your hosts file for easy configuration. It is not handy to remember all the IP addresses anyway.
We will make sure that all our Google Compute Engine VM host names start with "gce-", that way we can later have the same configuration for all of them with regard to SSH.
领英推荐
Go to VM Instances and notice the external IP address of your VM:
Now update your hosts file with that IP address, I will name that host "gce--spring-samples--hello-world":
sudo nano /etc/hosts
...and here is our hosts file, with the added configuration:
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
# Google Cloud Engine
34.133.166.114 gce--spring-samples--hello-world
To save the file in nano, click Ctrl+O, and the Ctrl+X to exit.
Warning: If you didn't buy a permanent IP address with Google, then your machine's IP address will change frequently, probably every time it restarts. Make sure to check your /etc/hosts has the right IP address for your instance!
Configuring Your SSH Config File
Create or edit your ~/.ssh/config file:
nano ~/.ssh/config
Add the following configuration:
Host gce-*
IdentityFile ~/.ssh/id_rsa
User olsido
UseKeychain yes
AddKeysToAgent yes
"UseKeychain yes" ensures that your SSH private key passphrase is stored in the macOS keychain, so you don't have to enter the passphrase every time you use the key.
"AddKeysToAgent yes" adds the SSH key to the ssh-agent, a program that caches your decrypted private keys and allows you to use them without re-entering the passphrase.
Adding SSH Key to the SSH Agent
You need add your key to SSH authentication agent, before every SSH session:
ssh-add ~/.ssh/id_rsa
But you can automate this step by adding it to your shell profile (e.g., .bashrc or .zshrc - you can use "echo $SHELL" to see which shell is used on your machine):
echo 'ssh-add ~/.ssh/id_rsa' >> ~/.bashrc
source ~/.bashrc
Connect to Your VM Using SSH
Now you can connect to your VM by simply using a command like this:
ssh gce--spring-samples--hello-world
You should be able to connect. Use "exit" to finish your SSH session.
Here is an output on my computer:
olgastrijewski@MacBook-Pro ~ % ssh gce--spring-samples--hello-world
Linux spring-samples--hello-world 6.1.0-21-cloud-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.90-1 (2024-05-03) x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Fri May 24 04:30:27 2024 from 99.239.177.122
olsido@spring-samples--hello-world:~$ ls -al
total 28
drwxr-xr-x 3 olsido olsido 4096 May 24 04:30 .
drwxr-xr-x 3 root root 4096 May 24 04:20 ..
-rw------- 1 olsido olsido 29 May 24 04:33 .bash_history
-rw-r--r-- 1 olsido olsido 220 Apr 23 2023 .bash_logout
-rw-r--r-- 1 olsido olsido 3526 Apr 23 2023 .bashrc
-rw-r--r-- 1 olsido olsido 807 Apr 23 2023 .profile
drwx------ 2 olsido olsido 4096 May 24 04:23 .ssh
olsido@spring-samples--hello-world:~$ exit
logout
Connection to gce--spring-samples--hello-world closed.
olgastrijewski@MacBook-Pro ~ %
Conclusion
In this tutorial, we configured SSH so we can connect to our Google Cloud VMs. Please let me know if you have any questions in the comments!