[英]Problem with Fedora SSH connection on Google Cloud
I am having problem with connecting to my new instance directly from the browser.我在直接从浏览器连接到我的新实例时遇到问题。 This is literally a new instance of Fedora OS so I have not configured anything.
这实际上是 Fedora OS 的一个新实例,所以我没有配置任何东西。 It doesn't work out of the box.
它开箱即用。
I have other servers with OS like Debian 10 (Buster) and they seem to work fine when connecting through SSH.我有其他服务器,操作系统为 Debian 10 (Buster),通过 SSH 连接时它们似乎工作正常。
Here are the server specs that I am using for the VM:以下是我用于 VM 的服务器规格:
Machine type: e2-medium (2 vCPUs, 4 GB memory)
CPU platform: Intel Broadwell
Zone: us-central1-a
OS Image: fedora-coreos-34-20210904-3-0-gcp-x86-64
Disk Size: 30GB
Disk Type: SSD
Here are the logs from the serial port: ( Link to entire log from serial port )以下是来自串行端口的日志:( 从串行端口链接到整个日志)
[ 545.747496] audit: type=2404 audit(1633250527.525:300): pid=1892 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:80:d3:1d:38:a5:96:e3:02:50:e1:55:11:ec:61:1b:65:89:6e:08:ad:4d:50:09:82:2d:a6:cb:c8:fa:35:6c:c7 direction=? spid=1893 suid=74 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
[ 545.780996] audit: type=1109 audit(1633250527.525:301): pid=1892 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:bad_ident grantors=? acct="?" exe="/usr/sbin/sshd" hostname=74.125.73.141 addr=74.125.73.141 terminal=ssh res=failed'
[ 545.806261] audit: type=2404 audit(1633250527.526:302): pid=1892 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:80:d3:1d:38:a5:96:e3:02:50:e1:55:11:ec:61:1b:65:89:6e:08:ad:4d:50:09:82:2d:a6:cb:c8:fa:35:6c:c7 direction=? spid=1892 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
[ 545.839942] audit: type=1112 audit(1633250527.526:303): pid=1892 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=74.125.73.141 terminal=ssh res=failed'
[ 564.968011] audit: type=2404 audit(1633250546.749:304): pid=1895 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:80:d3:1d:38:a5:96:e3:02:50:e1:55:11:ec:61:1b:65:89:6e:08:ad:4d:50:09:82:2d:a6:cb:c8:fa:35:6c:c7 direction=? spid=1895 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
[ 565.344660] audit: type=2407 audit(1633250547.122:305): pid=1894 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes128-ctr ksize=128 mac=hmac-sha2-256 pfs=diffie-hellman-group-exchange-sha256 spid=1895 suid=74 rport=32883 laddr=10.128.15.203 lport=22 exe="/usr/sbin/sshd" hostname=? addr=74.125.17.13 terminal=? res=success'
[ 565.382463] audit: type=2407 audit(1633250547.122:306): pid=1894 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes128-ctr ksize=128 mac=hmac-sha2-256 pfs=diffie-hellman-group-exchange-sha256 spid=1895 suid=74 rport=32883 laddr=10.128.15.203 lport=22 exe="/usr/sbin/sshd" hostname=? addr=74.125.17.13 terminal=? res=success'
[ 566.988544] audit: type=2404 audit(1633250548.769:307): pid=1894 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=1895 suid=74 rport=32883 laddr=10.128.15.203 lport=22 exe="/usr/sbin/sshd" hostname=? addr=74.125.17.13 terminal=? res=success'
[ 567.021621] audit: type=2404 audit(1633250548.800:308): pid=1894 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:80:d3:1d:38:a5:96:e3:02:50:e1:55:11:ec:61:1b:65:89:6e:08:ad:4d:50:09:82:2d:a6:cb:c8:fa:35:6c:c7 direction=? spid=1895 suid=74 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
[ 567.057403] audit: type=1109 audit(1633250548.800:309): pid=1894 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:bad_ident grantors=? acct="?" exe="/usr/sbin/sshd" hostname=74.125.17.13 addr=74.125.17.13 terminal=ssh res=failed'
[ 567.082647] audit: type=2404 audit(1633250548.800:310): pid=1894 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:80:d3:1d:38:a5:96:e3:02:50:e1:55:11:ec:61:1b:65:89:6e:08:ad:4d:50:09:82:2d:a6:cb:c8:fa:35:6c:c7 direction=? spid=1894 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
[ 567.116466] audit: type=1112 audit(1633250548.801:311): pid=1894 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=74.125.17.13 terminal=ssh res=failed'
Here's what I have tried so far:到目前为止,这是我尝试过的:
Following this question , I tried to manually add SSH key to my instance meta data but that doesn't seem to work as well.在这个问题之后,我尝试手动将 SSH 密钥添加到我的实例元数据中,但这似乎并不奏效。 When I try to connect through SSH, I get the following error:
当我尝试通过 SSH 连接时,出现以下错误:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
I have also tried to connect through Google's OS Login console and it still doesn't connect for some reason.我还尝试通过 Google 的操作系统登录控制台进行连接,但由于某种原因仍然无法连接。 Here's the console output for that:
这是控制台 output:
gcloud beta compute ssh --zone "us-central1-a" "instance-1" --project "XXX"
Warning: Permanently added 'compute.178891790600165087' (ECDSA) to the list of known hosts.
XXX@123.456.789.123: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
ERROR: (gcloud.beta.compute.ssh) [/usr/bin/ssh] exited with return code [255].
Adding public key to instance metadata by the username core
seems to solve the issue.通过用户名
core
将公钥添加到实例元数据似乎可以解决问题。 Any other username is rejected.拒绝任何其他用户名。
ssh-keygen -t ed25519
ssh-keygen -t ed25519
ssh -i <KEY_FILE> core@<INSTANCE_PUBLIC_IP>
ssh -i <KEY_FILE> core@<INSTANCE_PUBLIC_IP>
More information about this issue can also be found here .也可以在此处找到有关此问题的更多信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.