gcloud compute ssh refuses connection (return code 255)

Question

I cannot get ssh access into the vm instance created by Google Cloud command line tool (gcloud).

Symptom:

sudo gcloud compute ssh myuser@ubuntu
ssh: connect to host 104.155.16.104 port 22: Connection refused
ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].

What I did:

1: Verify that firewall is open on port 22

gcloud compute firewall-rules list

returned

NAME                    NETWORK  SRC_RANGES    RULES                         SRC_TAGS  TARGET_TAGS
allow-rstudio           default  0.0.0.0/0     tcp:8787                                allow-rstudio
default-allow-http      default  0.0.0.0/0     tcp:80                                  http-server
default-allow-https     default  0.0.0.0/0     tcp:443                                 
https-server
default-allow-icmp      default  0.0.0.0/0     icmp
default-allow-internal  default  10.128.0.0/9  tcp:0-65535,udp:0-65535,icmp
default-allow-rdp       default  0.0.0.0/0     tcp:3389
default-allow-ssh       default  0.0.0.0/0     tcp:22

2: Renew public key

ssh-keygen -t rsa -f ~/.ssh/google_compute_engine -C myuser

3: Update metadata with new public key

sudo gcloud compute ssh myuser@ubuntu
Updating project ssh metadata...
Updating project ssh metadata...done.                                                                                                                                     
Waiting for SSH key to propagate.

Then, still the same error message:

ssh: connect to host 35.187.38.82 port 22: Connection refused
ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].

I should add that I could access ssh until today, and of course, I did authentication before with gcloud auth login

SSH from the Google Cloud web interface works! What is different there? Would be grateful for any help!!

Answer 1

My scenario was that I was running a nohup process on the instance, all of a sudden the process stopped working.

After spending a lot of time investigating, I found that the instance itself hung-up. We miss small things like that, getting caught debugging the bigger problem

Check if you're able to ping your instance. If not, restart it and ssh, it will work fine. This is one of the solutions.

Answer 2

For the poor, suffering souls who stumble upon this.

The following works for me with consistency:

On your machine in gcloud CLI run gcloud init and go through the prompts.

The end. I hope this helps you my dear, internet fellow-sufferer.

Answer 3

In my case, after I made an upgrade of the GCP instance (just added more processor and memory).

My Circle CI deploy started throwing:

Authentication failed.

Exited with code 255

After a couple of hours trying to figure out what messed up, I found that the contents of the /etc/ssh/sshd_config was emptied with no reason at all. What fixed my problem is to recreate this file and restart the ssh service.

Note: PasswordAuthentication should be set to:

   PasswordAuthentication no

Answer 4

After a long search, I finally found the underlying reason for this tricky problem. I hope that this will help some people in desperation...

The reason you may get your ssh connection refused is that accidentally, the internal routing for external ip requests was deleted. You can check this by:

gcloud compute routes list

If this does not return a list including the following entry:

default-internet       default     0.0.0.0/0       default-internet-gateway 1000

Then you must re-create this entry by:

gcloud compute routes create default-internet \
--destination-range 0.0.0.0/0 \
--next-hop-gateway default-internet-gateway