Reset the Google Compute engine VM Could not SSH into the instance

Question

I m using Past 3 years Google Compute Engine VM instance.Using Putty I generated a private key and public key.Public key added in instance SSH metadata.

So using the private key I can ssh using gcloud SDK installed on my local machine.also, I can access GCE VM instance via PHPSTROM & SFTP FileZilla.

After RESET VM instance recently I can't connect via SSH.

My Local Gcloud SDK Shell Logs:

C:\Users\admin>gcloud init

 Welcome! This command will take you through the configuration of gcloud.

    Settings from your current configuration [default] are:
    compute:
    region: asia-east1
    zone: asia-east1-a
    core:
    account: user@example.com
    disable_usage_reporting: 'True'
    project: instance-1

    Pick configuration to use:
    [1] Re-initialize this configuration [default] with new settings
    [2] Create a new configuration
    Please enter your numeric choice:  1

    Your current configuration has been set to: [default]

    You can skip diagnostics next time by using the following flag:
    gcloud init --skip-diagnostics

    Network diagnostic detects and fixes local network connection issues.
    Checking network connection...done.
    Reachability Check passed.
    Network diagnostic (1/1 checks) passed.

    Choose the account you would like to use to perform operations for
    this configuration:
    [1] user@example.com
    [2] Log in with a new account
    Please enter your numeric choice:  1

    You are logged in as: [user@example.com].

    Pick cloud project to use:
    [1] instance-2
    [2] instance-1
    [3] Create a new project
    Please enter numeric choice or text value (must exactly match list
    item):  2

    Your current project has been set to: [instance-1].

    Your project default Compute Engine zone has been set to [asia-east1-a].
    You can change it by running [gcloud config set compute/zone NAME].

    Your project default Compute Engine region has been set to [asia-east1].
    You can change it by running [gcloud config set compute/region NAME].

    Your Google Cloud SDK is configured and ready to use!

    * Commands that require authentication will use user@example.com by default
    * Commands will reference project `instance-1` by default
    * Compute Engine commands will use region `asia-east1` by default
    * Compute Engine commands will use zone `asia-east1-a` by default

    Run `gcloud help config` to learn how to change individual settings

    This gcloud configuration is called [default]. You can create additional configurations if you work with multiple accounts and/or projects.
    Run `gcloud topic configurations` to learn more.

    Some things to try next:

    * Run `gcloud --help` to see the Cloud Platform services you can interact with. And run `gcloud help COMMAND` to get help on any gcloud command.
    * Run `gcloud topic -h` to learn about advanced features of the SDK like arg files and output formatting

C:\Users\admin>ssh-keygen

 Generating public/private rsa key pair.
    Enter file in which to save the key (/c/Users/admin/.ssh/id_rsa): 1
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in 1.
    Your public key has been saved in 1.pub.
    The key fingerprint is:
    SHA256:weTBQM1j92Lx7iCtubzAZ2+4a5PHron3FDRIyOmb1iY admin@admin-PC
    The key's randomart image is:
    #ERROR!
    |     ooB+        |
    |      +=*oo      |
    |     . .=oo+     |
    |      .  oo.o    |
    |       +So.o     |
    |     .E + o..    |
    |     .oooB.o     |
    |       *O++ .    |
    |      .oO%+      |
    #ERROR!

C:\Users\admin>gcloud compute ssh lamp-bafs

 WARNING: The PuTTY PPK SSH key file for gcloud does not exist.
    WARNING: The public SSH key file for gcloud does not exist.
    WARNING: The private SSH key file for gcloud does not exist.
    WARNING: You do not have an SSH key for gcloud.
    WARNING: SSH keygen will be executed to generate a key.
    This tool needs to create the directory [C:\Users\admin\.ssh] before
    being able to generate SSH keys.

    Do you want to continue (Y/n)?  Y

    Updating project ssh metadata.../Updated [https://www.googleapis.com/compute/v1/projects/instance-1].
    Updating project ssh metadata...done.
    Waiting for SSH key to propagate.
    FATAL ERROR: Network error: Connection timed out
    ERROR: (gcloud.compute.ssh) Could not SSH into the instance.  It is possible that your SSH key has not propagated to the instance yet. Try running this command again.  If you still cannot connect, verify that the firewall and instance are set to accept ssh traffic.

I got the above issue. So I followed as per the below image steps

I ran the below command in Gcloud SDK Shell

C:\Users\admin>gcloud compute ssh lamp-bafs

I got network : connection timed out issue in PuTTy

I could not find solution SSH via Gcloud SDK Shell, Using Public key to connect VM instance via PhpStrom. I don't know What firewall blocking or any other new process I missed.

Please help to solve this

Answer 1

"Connection timed out" means that the problem is not that you are using the wrong key. Instead it means either:

1. The OS itself has crashed, e.g. boot failure
2. The SSH daemon (sshd) is not running on the machine
3. There is a firewall (either GCP or iptables) blocking your access to the instance.

If you look at the serial console for your instance (you should find a link to it from the Cloud Console's page for your VM) the log should give you a clue about which of these is at fault.

If you cannot find/fix the cause this way, I advise you to make a snapshot of the instance's disk, create a new disk from that snapshot, create a new instance from a fresh debian image with that disk as a secondary disk. You can then use that fresh instance to fix the disk or recover your data.