Geek Answers Handbook

How is SSH in a GCE instance created from a user image?

I am having problems using ssh to log in to a virtual machine created from a user image.

I followed the steps to create an image from an existing GCE instance .

I successfully created an image, uploaded it to Google Cloud Storage and added it as an image to my project, but when I try to connect to a new image, I get a "Connection refused" message.

I see other applications running on other ports for a new image, so it seems that this only applies to ssh.

The steps I did are below:

...create an image from existing GCE instance (one I can log into fine via ssh)..then: gcutil --project="river-ex-217" addimage example2 http://storage.googleapis.com/example-image/f41aca6887c339afb0.image.tar.gz gcutil --project="river-ex-217" addinstance --image=example2 --machinetype=n1-standard-1 anothervm gcutil --service_version="v1" --project="river-ex-217" ssh --zone="europe-west1-a" "anothervm"

What outputs:

 INFO: Running command line: ssh -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o StrictHostKeyChecking=no -i /Users/mark1/.ssh/google_compute_engine -A -p 22 mark1@23.251.133.2 -- ssh: connect to host 23.251.133.2 port 22: Connection refused

I tried removing the sshKeys metadata, as suggested in another SO answer, and reconnecting it did:

 INFO: Updated project with new ssh key. It can take several minutes for the instance to pick up the key. INFO: Waiting 120 seconds before attempting to connect. INFO: Running command line: ssh -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o StrictHostKeyChecking=no -i /Users/mark1/.ssh/google_compute_engine -A -p 22 mark1@23.251.133.2 -- ssh: connect to host 23.251.133.2 port 22: Connection refused

Then I try to execute the first instance in another zone, it works fine with the new key:

 gcutil --service_version="v1" --project="river-ex-217" ssh --zone="europe-west1-b" "image1"

Both instances work on the same network by default with port 22 running, and ssh works for the first instance from which the image is created.

I tried the nc command from another instance and my local computer, it does not show output:

 nc 23.251.133.2 22

... while the original ip VM shows this output:

 nc 192.157.29.255 22 SSH-2.0-OpenSSH_6.0p1 Debian-4

I tried redoing the image again and re-adding the instance, no difference.

I tried to log into the first instance and switched the user to one on this computer (which should be the same as on the second computer?) And ssh from there.

 WARNING: You don't have an ssh key for Google Compute Engine. Creating one now... Enter passphrase (empty for no passphrase): Enter same passphrase again: INFO: Updated project with new ssh key. It can take several minutes for the instance to pick up the key. INFO: Waiting 300 seconds before attempting to connect. INFO: Running command line: ssh -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o StrictHostKeyChecking=no -i /home/mark/.ssh/google_compute_engine -A -p 22 mark@23.251.133.2 -- --zone=europe-west1-a ssh: connect to host 23.251.133.2 port 22: Connection refused

I have no ideas, any help is much appreciated :) Crazy muddy - I see that the new virtual machine is working with the finished application, I just need to add several files to it and create several cronjob. I suppose I could make this preview image, but I would like to be able to log in later and change it, without having to do 1 hour to create the images and start new instances every time.

Regards, Mark

+6
source share
1 answer

This question seems to be about how to debug SSH connectivity issues with images, so here is my answer to this question.

It looks like your instance cannot start the SSH server correctly. Maybe something is wrong with the prepared image.

You might need some helpful debugging questions:

  • Did you use gcimagebundle to compose the image or did it manually? Consider using this tool to make sure that you have not missed.
  • Did you change anything about the ssh server configuration before linking the image?
  • When the instance boots up, check its console output for ssh messages - it should mention key recovery, starting the sshd daemon and listening on port 22. If it does not respond or complain about something related to ssh, you should monitor it what.

You have covered them, but for completeness you should also check:

  • Can you otherwise reach the virtual machine after it appears? Does it respond to web server ports (if any) or does it respond to ping?
  • Double-check that the network on which the virtual machine is installed allows you to access SSH (port 22) from the host from which you are connecting.

You can compare your ssh setup with the working image:

  • Create a new disk (disk-mine-1) from your image.
  • Create a new disk (disk-upstream-1) from any boot image, such as debian wheezy.
  • Attach both of these files to a virtual machine that you can access (either on the console or in cli mode).
  • SSH in VM.
  • Install both images (sudo mkdir / mnt / {mine, upstream} & sudo mount / dev / sdb1 / mnt / mine & sudo mount / dev / sdc1 / mnt / upstream). Please note that regardless of whether your image depends on sdb or sdc on the images you attached!
  • Find the differences between the ssh configuration (diff -waur / mnt / {mine, upstream} / etc / ssh). There should not be any if you do not need them.
  • Also check if your image has the correct scripts /mnt/mine/etc/init.d/{ssh,generate-ssh-hostkeys}. They should also be associated with / mnt / mine / etc / rc {S, 2} .d (S10generate-ssh-hostkeys and S02ssh respectively).
+4
source

More articles:


All Articles