Reputation: 3597
How can we SSH to a Google Cloud VM from Mac terminal using public key generated on the VM?
We wanted to connect to a Google Cloud VM using a public key generated on the VM from a Mac Terminal. But we see the below error
konathal:.ssh konathal$ ssh -i ~/.ssh/runnhostkey1.pub [email protected]
Load key "/Users/konathal/.ssh/runnhostkey1.pub": invalid format
[email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
What we did?
Following the documentation at https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys#createsshkeys
1.We created a new public key on Google Cloud VM as
~/.ssh/runnhostkey1
~/.ssh/runnhostkey1.pub
2.Added the public key runnhostkey1.pub contents to VM > Edit > SSH Keys
3.Created a new file in local mac and copied the contents of the public key
$ vi ~/.ssh/runnhostkey1.pub
$ chmod 400 ~/.ssh/runnhostkey1.pub
We are not able to connect to the VM using $ ssh -i ~/.ssh/runnhostkey1.pub [email protected]
What are we missing?
Upvotes: 1
Views: 1944
Answers (2)
Reputation: 3597
We found the issue and the solution:
1)The owner & group of the keys (pubic and private) files should be owned by the user who is used to generate the keys. In our case, we were logged in as root but created the keys with user suren.
Solution
ssh-keygen -t rsa -f ~/.ssh/runnkey -C suren but we ran this logged in as root so the files has the owner as root. A quick fix was to change the ownership
chown suren:suren ~/.ssh/runnkey and chown suren:suren ~/.ssh/runnkey.pub
2)Add the public keys to /.ssh/authorised_keys.
Example cat ~/.ssh/runnkey.pub >> ~/.ssh/authorized_keys
3)Change the permissions for files
chmod 0700 /.ssh/authorised_keys
chmod 0600 /.ssh/runnkey
chmod 0600 /.ssh/runnkey
4)Add the keys to VM instance. Compute Engine > VM Instances > [VM you'd like to access] > Edit > SSH Keys. Copy the text (vi ~/.ssh/runnkey.pub copy) of public key and add paste here. Save.
5)Create files runnkey and runnkey.pub on your local mac under /.ssh folder and copy contents from respective files on the server.
Sample test commands:
ssh -i ~/.ssh/runnkey.pub [email protected]
scp -i ~/.ssh/runnkey.pub /Downloads/ship.png [email protected]:/home/temp
The above 1,2,3 are mentioned in document under section The permissions on $HOME or $HOME/.ssh directory of the connecting user are wrong.
Upvotes: 1
Reputation: 81464
You cannot use the public key to connect via SSH. You must use the private key.
The public key is used by the VM to verify your authorization to connect.
Most likely your private key is: ~/.ssh/runnhostkey1
Upvotes: 1
Related Questions
- Google Cloud Platform: SSH to Google cloud instance will have "Permission denied (publickey)"
- How to connect to GCP VM instance with password using SSH?
- Error Public Key when trying to ssh into Google Cloud Platform VM
- How to access SSH keys for a Google Cloud Platform Compute Engine VM instance?
- Can't connect to GCP VM Permission denied (publickey) error
- How to Add an SSH Key to Google Cloud using the CLI
- Google Cloud - accessing Linux VM via private key
- Is it possible to set up SSH to Google Cloud Platform VM just with user and password (no private/public keys)?
- SSH-ing to Google Compute Engine instance through Mac OS X terminal
- Permission Denied (public key)