Unable to SSH to Google Cloud

Question

I installed the Google Cloud SDK

Thought Web UI I created a new instance. I am not knowledgeable of SSH. I followed steps as described here: https://cloud.google.com/compute/docs/instances#sshkeys

I have Window 7 OS

I checked firewall rules as suggested here: https://cloud.google.com/compute/docs/troubleshooting#ssherrors I checked these through Web UI and found rule

"default-allow-ssh  0.0.0.0/0   tcp:22  Apply to all targets"

STEPS I FOLLOWED:

1) > gcloud auth login (default browser opens up and I authorize the Google Cloud SDK) Google SDK Shell outputs:

"Saved Application Credentails. You are now logged as [someuser@gmail]
Your current project is [some-project-999]. 

2) > gcloud compute ssh my-instance --zone us-central1-a Google SDK Shell outputs:

WARNING: You do not have an SSH key for Google Compute Engine.
WARNING: [C:\Program Files\Google\Cloud SDK\google-cloud-sdk\bin\..\bin\sdk\ssh-keygen.EXE] will be executed to generate
 a key.
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
The key fingerprint is:
ssh-rsa 2048 06:73:ac:e8:f2:31:c8:df:d4:b0:a2:3b:a2:53:6c:09
Your private key has been saved in C:\Users\First Last\.ssh\google_compute_engine.
Your public key has been saved in C:\Users\First Last\.ssh\google_compute_engine.pub.
Your putty key has been saved in C:\Users\First Last\.ssh\google_compute_engine.ppk.
Updated [https://www.googleapis.com/compute/v1/projects/arctic-depth-863].
Server refused our key
FATAL ERROR: Disconnected: No supported authentication methods available (server sent: publickey)
Server refused our key
FATAL ERROR: Disconnected: No supported authentication methods available (server sent: publickey)
Server refused our key
FATAL ERROR: Disconnected: No supported authentication methods available (server sent: publickey)
FATAL ERROR: Network error: Software caused connection abort
FATAL ERROR: Network error: Connection timed out
ERROR: (gcloud.compute.ssh) Could not SSH to the instance.  It is possible that your SSH key has not propagated to the i
nstance yet. Try running this command again.  If you still cannot connect, verify that the firewall and instance are set
 to accept ssh traffic.

On the browser's Web UI, I open the Broser's SSH and I navigate to .ssh folder

someuser_gmail_com@my-instance:~$ cd .ssh
someuser_gmail_com@my-instance:~$ cat authorized_keys
# Added by Google
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4OxYxWvIlp...F7As google-ssh {"userName":"someuser@gmail.com","expireOn":"2015-02-21T23:29:06+0000"}
# Added by Google
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzd...KRqcUZmvWr= google-ssh {"userName":"someuser@gmail.com","expireOn":"2015-02-21T23:28:55+0000"}

on Web UI, I navigate to Project's > Compute > Compute Engine > Metadata > SSH KEYS and I see three records

USERNAME KEY

• someuser_gmail_com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4...", "edpireOn":"2015-02-21T23:29:06+0000"}
• someuser_gmail_com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTIt...", "edpireOn":"2015-02-21T23:29:06+0000"}
• First Last ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAi...ZkpSpRt6RQ== First Last@MYPC

In my local computer, I navigate to Users/First Last/.ssh/google_compute_engine.pub and I see

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAit...mGhUKZRgFZkpSpRt6RQ== First Last@MYPC

QUESTIONS:

• Does white space in the user's folder path causes problems (i.e. "First Last")?
• When the key is created by the Google Cloud SDK, it sets the comment to First Last@MYPC. Is this the correct setting? (I have been reading and trying this and that and I suspect it should be something like someuser@my-instance-public-IP)

When I Google Cloud SDK > gcloud compute instances describe my-instance --zone us-central1-a --format yaml

canIpForward: false
creationTimestamp: '2015-02-21T14:53:37.276-08:00'
disks:
- autoDelete: true
  boot: true
  deviceName: my-instance
  index: 0
  interface: SCSI
  kind: compute#attachedDisk
  licenses:
  - https://www.googleapis.com/compute/v1/projects/ubuntu-os-cloud/global/licenses/ubuntu-1204-precise
  mode: READ_WRITE
  source: https://www.googleapis.com/compute/v1/projects/some-project-999/zones/us-central1-a/disks/my-instance
  type: PERSISTENT
id: '111812933445597333'
kind: compute#instance
machineType: https://www.googleapis.com/compute/v1/projects/some-project-999/zones/us-central1-a/machineTypes/g1-small
metadata:
  fingerprint: w3steEkuQUS=
  kind: compute#metadata
name: my-instance
networkInterfaces:
- accessConfigs:
  - kind: compute#accessConfig
    name: External NAT
    natIP: 112.134.99.170
    type: ONE_TO_ONE_NAT
  name: nic0
  network: https://www.googleapis.com/compute/v1/projects/some-project-999/global/networks/default
  networkIP: 10.356.252.66
scheduling:
  automaticRestart: true
  onHostMaintenance: MIGRATE
selfLink: https://www.googleapis.com/compute/v1/projects/some-project-999/zones/us-central1-a/instances/my-instance
serviceAccounts:
- email: 78111222333-compute@developer.gserviceaccount.com
  scopes:
  - https://www.googleapis.com/auth/devstorage.read_only
  - https://www.googleapis.com/auth/logging.write
status: RUNNING
tags:
  fingerprint: DLYFgkKTlB3=
  items:
  - http-server
zone: https://www.googleapis.com/compute/v1/projects/some-project-999/zones/us-central1-a

C:\Program Files\Google\Cloud SDK>

Answer 1

This is a known issue when using Cloud SDK from Windows.

Please download pageant.exe at [1] and use it to load your ppk key or use Putty (downloadable from the same link) to SSH to instance as documented at [2].

As a workaround you can even rename ssh.exe to ssh-bak.exe and ssh-term.exe to ssh.exe in C:\Program Files\Google\Cloud SDK\google-cloud-sdk\bin\sdk\

Link:
[1] - http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
[2] - https://cloud.google.com/compute/docs/console#sshkeys