为什么 Google Cloud Compute Engine 实例在重启后拒绝 ssh 连接?
[英]Why Google Cloud Compute Engine instance gives ssh connection refused after restart?
问题描述
I stopped and restarted an ubuntu 14.04 Google Cloud Compute Engine instance, and now my ssh connection is refused with:
我停止并重新启动了一个 ubuntu 14.04 Google Cloud Compute Engine 实例,现在我的 ssh 连接被拒绝:
ssh: connect to host 146.148.114.98 port 22: Connection refused
This already happened a previous time, I thought there was a problem with the machine, I deleted it and recreated and it started working again.这已经发生过一次,我认为机器有问题,我删除它并重新创建它并再次开始工作。 I don't want to be recreating instances every time.我不想每次都重新创建实例。 The ssh troubleshooting page of google cloud is quite messy. google cloud 的 ssh 故障排除页面比较乱。 My firewall rules seem to be ok.我的防火墙规则似乎没问题。 Anyone has a solution for this?有人对此有解决方案吗?
NAME NETWORK SRC_RANGES RULES SRC_TAGS TARGET_TAGS
default-allow-http default 0.0.0.0/0 tcp:80 http-server
default-allow-https default 0.0.0.0/0 tcp:443 https-server
default-allow-icmp default 0.0.0.0/0 icmp
default-allow-internal default 10.128.0.0/9 tcp:0-65535,udp:0-65535,icmp
default-allow-rdp default 0.0.0.0/0 tcp:3389
default-allow-ssh default 0.0.0.0/0 tcp:22
This is the output for: ps aux | grep ssh这是输出: ps aux | grep ssh ps aux | grep ssh
root 29 0.0 0.4 55184 2860 ? Ss 11:26 0:00 /usr/sbin/sshd -p 22 -o AuthorizedKeysCommand=/google/devshell/authorized_keys.sh -o Author
izedKeysCommandUser=root
root 183 0.0 0.9 82692 5940 ? Ss 11:26 0:00 sshd: fbeshox [priv]
fbeshox 218 0.0 0.7 82692 4424 ? S 11:26 0:00 sshd: fbeshox@pts/0
fbeshox 522 0.0 0.3 12728 2200 pts/1 S+ 12:12 0:00 grep ssh
Here the verbose results of the ssh connetion attempt.这里是 ssh 连接尝试的详细结果。
ssh -i .ssh/keyname username@130.211.53.51 -vvv
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /Users/xxxx/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: /etc/ssh_config line 102: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 130.211.53.51 [130.211.53.51] port 22.
debug1: connect to address 130.211.53.51 port 22: Connection refused
ssh: connect to host 130.211.53.51 port 22: Connection refused
7 个解决方案
解决方案1
3 2016-06-28 01:38:17
It is possible that sshguard , a security tool installed on Ubuntu by default, is interfering with your connection. Ubuntu 上默认安装的安全工具sshguard可能会干扰您的连接。 Basically sshguard might have incorrectly decided that your IP address is 'attacking' your instance and blocked the IP.基本上 sshguard 可能错误地认为您的 IP 地址正在“攻击”您的实例并阻止了该 IP。
If you can log in from a different location, such as the Web SSH provided by the Cloud Console, try using sudo iptables -S to see if there are any firewall rules on the instance (different than the GCE firewall) created by sshguard.如果您可以从其他位置登录,例如 Cloud Console 提供的 Web SSH,请尝试使用sudo iptables -S查看 sshguard 创建的实例上是否有任何防火墙规则(不同于 GCE 防火墙)。 If so try disabling sshguard or adding your IP address on the whitlelist ( http://www.sshguard.net/docs/whitelist/ ).如果是这样,请尝试禁用 sshguard 或将您的 IP 地址添加到白名单 ( http://www.sshguard.net/docs/whitelist/ )。
解决方案2
1 2017-07-19 09:39:44
我知道这是一个老问题,但今天我遇到了类似的问题,问题很简单——重启后实例的 IP 发生了变化——所以我不得不相应地更新 ssh 字符串
解决方案3
1 2018-04-04 09:44:34
This issue often happens after you changed your default zone or region.在您更改默认区域或区域后,通常会发生此问题。 Then, you must update the ssh keys in your metadata by sudo gcloud compute config-ssh然后,您必须通过 sudo gcloud compute config-ssh 更新元数据中的 ssh 密钥
You can see also the changes in the web interface under Compute Engine |您还可以在 Compute Engine | 下查看 Web 界面中的更改。 Metadata |元数据 | SSH Keys. SSH 密钥。
解决方案4
0 2016-06-26 19:23:24
Try to SSH into the instance with a different username .Google Compute is a bit shaky at times .尝试使用不同的用户名通过 SSH 连接到实例。Google Compute 有时有点不稳定。 Try to SSH into the instance using VM instance page in Compute Engine .尝试使用 Compute Engine 中的 VM 实例页面通过 SSH 连接到实例。 If SSH takes too much time and refuses connection, then login with a different username in SSH .如果 SSH 花费太多时间并拒绝连接,则在 SSH 中使用不同的用户名登录。 You can login with a different name using a settings icon on top right corner of SSH window .您可以使用 SSH 窗口右上角的设置图标以不同的名称登录。 If these all these doesn't go well, I will advise you to re create one more instance, as it has also been my experience that Google Compute Engine instances are not stable in terms of SSH accessibility and tend to create problems .It's better to use putty as a client to SSH into Compute Engine than the SSH terminals Google provides .如果这些都不顺利,我会建议你重新创建一个实例,因为我的经验也是 Google Compute Engine 实例在 SSH 可访问性方面不稳定并且容易产生问题。最好是使用 putty 作为 SSH 进入 Compute Engine 的客户端,而不是 Google 提供的 SSH 终端。 Let me know if that helps you :)让我知道这是否对您有帮助:)
解决方案5
0 2017-07-20 14:32:48
I understood that my problem raised after detaching a disk from the console when the machine was stopped with that disk mounted.我知道当机器停止并安装该磁盘时,从控制台分离磁盘后出现了我的问题。 First unmount the disk, then detach it.首先卸载磁盘,然后将其分离。 Never seen the problem again.再也没有看到这个问题。
解决方案6
0 2019-10-22 12:12:10
Also make sure you did not recursively modify permissions for the /etc folder.还要确保您没有递归地修改/etc文件夹的权限。
For example:例如:
chmod -R 775 /etc
This will prevent you from logging back into the VM, even from the Web console and gcloud cli.这将阻止您重新登录到 VM,即使是从 Web 控制台和 gcloud cli 也是如此。
Instead, modify permissions on a more granular level eg /etc/nginx , etc.相反,在更精细的级别上修改权限,例如/etc/nginx等。
解决方案7
0 2022-06-27 07:58:28
I had the same problem and solved it by first connecting to the VM via browser SSH (from the "VM instances" web overview), which also fails, then choose the offered option of retrying without Cloud Identity-Aware Proxy which worked.我遇到了同样的问题,并通过首先通过浏览器 SSH (来自“VM 实例”Web 概述)连接到 VM 来解决它,这也失败了,然后选择提供的选项,即在没有 Cloud Identity-Aware Proxy的情况下重试有效。
Afterwards all SSH-connections work again (both in browser and local shell).之后所有 SSH 连接再次工作(在浏览器和本地 shell 中)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.