How to get the ssh keys for a new Google Compute Engine instance?
By default, a new Google Compute Engine (GCE) VM instance does not have SSH keys pre-assigned to it, so you cannot "retrieve" them as they don't exist—it's up to you to create them, or use a tool like gcloud (see below) which will prompt you to create them if you don't have SSH keys yet.
You have several options for connecting to your newly-created GCE VM.
One option is to connect using the "SSH" button in the Developer Console GUI next to the instance in the list of instances, which will open a browser window and a terminal session to the instance.
If you would like to connect via SSH client on the command-line, you can use gcloud tool (part of the Google Cloud SDK):
gcloud compute ssh example-instance
You can see the full set of flags and options on the gcloud compute ssh help page, along with several examples.
If you don't already have SSH keys, it will prompt you to create them and then connect to the instance. If you already have keys, you can use existing SSH keys, which it will transfer to the instance.
By default, gcloud expects keys to be located at the following paths:
$HOME/.ssh/google_compute_engine– private key$HOME/.ssh/google_compute_engine.pub– public key
If you want to reuse keys from a different location with gcloud, consider either making symlinks or pointing gcloud there using the --ssh-key-file flag.
Note: if you don't use gcloud at all, you have to manually add the SSH keys to the instance's metadata as described in Setting up ssh keys at the instance level which you can do via gcloud or manually via Google Cloud console.
You can also create your own keys using ssh-keygen which is what gcloud will also use under the covers. You can connect to the instance using ssh directly instead of gcloud but you will need to specify extra parameters to do so:
ssh -i KEY_FILE -o UserKnownHostsFile=/dev/null \
-o CheckHostIP=no -o StrictHostKeyChecking=no \
USER@IP_ADDRESS
which will require the following parameters:
KEY_FILE– [Required] The file where the keys are stored on the computer, e.g.,~/.ssh/google_compute_engine.USER– [Required] The username to log in that instance. Typically, this is the username of the local user runninggcloud compute.IP_ADDRESS– [Required] The external IP address of the instance.
For more details, see the SSH docs.
To login to instance using ssh- [All steps performed on Linux Ubuntu 16.04]
Create a SSH Key
ssh-keygen -t rsa -f ~/.ssh/gcloud_instance1 -C varunon9heregcloud_instance1is name of key file andvarunon9is usernamePrint the content of public key file
cd ~/.ssh && cat gcloud_instance1.pubClick on Edit VM instance details icon
Paste the content of public key file (output of
cd ~/.ssh && cat gcloud_instance1.pub) in ssh-keys text-area
Click on Save
From terminal now you can login to your instance via ssh
ssh -i gcloud_instance1 [email protected]wheregcloud_instance1is private key file (in .ssh directory) andvarunon9is username and35.200.201.56is external IP of your instance.
Easiest way for creating and using one pair of ssh keys for multiple instances:
Step 1: Install putty and puttyGen from https://putty.org/
Step 2: Open a terminal in your local desktop / laptop (in Windows 10 and later you use Windows Linux Subsystem)
Type: ssh-keygen
Enter a name for the filename at the prompt: e.g. google_key
2 files will be created google_key and google_key.pub
Step 3: Copy the entire contents of the google_key.pub
Note there is no new line character. It should all be in one line.
Step 4: Before creating any VM instance, go to Compute Engine -> Metadata
Select "SSH keys" tab and click "Add SSH" keys
Paste the contents of the google_key.pub. If you pasted the contents properly, you should see the username appear on the left label. Then hit save.
Step 5: Now create your favorite VM instance under google compute.
Copy the External IP vm_instance_external_ip
Go back to your linux terminal and type
ssh -i google_key.pub username@vm_instance_external_ip
Type "yes"
And now you should be good to go.
If you need video instructions, see here