This article covers:
- How to access your Google Cloud VM instance when SSH login fails?
- How to use GCP Serial Console to address your SSH connection issues?
We had an issue with GC VM instance denied our SSH access even with the web console. It turned out to be a mistake made when editing
/etc/ssh/sshd_config AllowUsers wrong_username # This will deny all your ssh users!
Now we are going to show you how to gain SSH access when all common SSH login methods have failed. If you’re falling in this category, don’t try to attempt with generating/adding ssh keys or try to login with Google Cloud SDK, obvious nothing is going to work.
Luckily you can still use a startup script to create a sudo user, then use the Serial Console to login to your instance. Here is how to create the startup script:
Edit your VM instance, under Custom metadata add name startup-script and value as below:
#!/bin/bash sudo useradd -G sudo new_user_name sudo echo 'new_user_name:new_pass_word' | chpasswd
Then save the instance and perform a stop/start to allow the startup script to create this new user.
Once that’s done. Edit your instance again to enable connecting to serial ports by tick the checkbox under Remote access. Then save your instance.
Now you can click on Connect to serial console, then once the console is loaded (you’ll see a lot of output lines so be sure to type in your user name and password quickly to avoid disruption!)
Once you logged in successfully, you’re free to do whatever changes you want to make. In our case, we edited the sshd_config file and our SSH connection was restored.
/etc/ssh/sshd_config #AllowUsers wrong_username remove this line!
Here is one and only discussion about how to troubleshoot GC SSH login issue which appeared to be very buggy according to many GC users.
If your instant is not running at all and you need to rescue it, this is a good place to start: