I don't have outbound RDP access, and want to connect to a new VM created on google cloud.
Is there a built in console for controlling them?
You can access the VM serial console.
To access the VM serial console, you have to go to: https://console.cloud.google.com/compute/instances?project=[your-project-id] then click on the name of your virtual instance, then check the option "Enable connecting to serial ports". After that click on "Connect to serial port"
Related
I have disabled the network card of my virtual machine in Google Cloud (right clic - Disable). Now it is impossible for me to reconnect or reactivate it. I'm new to this and can't figure out how to reactivate it.
If anyone has the solution, it would be helpful.
You cannot reactivate the interface because the vm just lost control with Google cloud when you deactivated the network interfacte.
You need to connect to the machine using the machine serial port (like in the old days).
Open the VM from the web interface and click in "edit".
Then select "Enable connecting to serial ports " (it is the first thing you can choose), and save the changes.
Open again the VM and wou'll see in "Remote Access" you can SSH to the machine AND connect to the serial port.
Once you have serial port access, you can log in.
If you don't have a user in the VM (because you used your GCP user) you'll need to reboot the VM while you're connected to the VM using the serial console and do a root password recovery.
I was able to successfully SSH into the Google Cloud VM I had set up yesterday, but today for some reason I can't, and I didn't mess with any of the settings, especially not the Firewall settings. It keeps giving me these errors now:
Connection via Cloud Identity-Aware Proxy Failed
Code: 4003
Reason: failed to connect to backend
You may be able to connect without using the Cloud Identity-Aware Proxy.
Then when I click on "Connect without Identity-Aware Proxy" I get the following error:
Connection Failed
We are unable to connect to the VM on port 22. Learn more about possible causes of this issue.
I don't know what happened. Yesterday it was working fine and now it's not.
At first, try to disable Cloud Identity-Aware Proxy and connect to the VM instance via web Console.
After that, check logs:
Go to Compute Engine -> VM instances -> click on NAME_OF_YOUR_VM -> at the VM instance details find section Logs and click on Serial port 1 (console)
Reboot your VM instance.
Check full boot log for any errors or/and warnings.
If your VM instance doesn't start up verify that your disk has a valid file system and a valid master boot record (MBR) by following the documentation General troubleshooting.
If you found errors/warning related to disk space you can try to resize it accordingly to the documentation Resizing a zonal persistent disk, also accordingly to the article Recovering an inaccessible instance or a full boot disk:
If an instance is completely out of disk space or if it is not running
a Linux guest environment, then automatically resizing your root
filesystem isn't possible, even after you've increased the size of the
persistent disk that backs it. If you can't connect to your instance,
or your boot disk is full and you can't resize it, you must create a
new instance and recreate the boot disk from a snapshot to resize it.
Otherwise try get access to your VM instance via serial console :
Enable serial console connection with gcloud command:
gcloud compute instances add-metadata NAME_OF_YOUR_VM_INSTANCE \
--metadata serial-port-enable=TRUE
or go to Compute Engine -> VM instances -> click on NAME_OF_YOUR_VM_INSTANCE -> click on EDIT -> go to section Remote access and check Enable connecting to serial ports
Create temporary user and password to login: shutdown your VM and set a startup script by adding at the section Custom metadata key startup-script and value:
useradd --groups google_sudoers tempuser
echo "tempuser:password" | chpasswd
and then start your VM.
Connect to your VM via serial port with gcloud command:
gcloud compute connect-to-serial-port NAME_OF_YOUR_VM_INSTANCE
or go to Compute Engine -> VM instances -> click on NAME_OF_YOUR_VM_INSTANCE -> and click on Connect to serial console
Check what went wrong.
Disable access via serial port with gcloud command:
gcloud compute instances add-metadata NAME_OF_YOUR_VM_INSTANCE \
--metadata serial-port-enable=FALSE
or go to Compute Engine -> VM instances -> click on NAME_OF_YOUR_VM_INSTANCE -> click on EDIT -> go to section Remote access and uncheck Enable connecting to serial ports. Keep in mind that accordingly to the documentation Interacting with the serial console:
Caution: The interactive serial console does not support IP-based access
restrictions such as IP whitelists. If you enable the interactive
serial console on an instance, clients can attempt to connect to that
instance from any IP address. Anybody can connect to that instance if
they know the correct SSH key, username, project ID, zone, and
instance name. Use firewall rules to control access to your network
and specific ports.
If you weren't able to connect via serial console, try follow the documentation Troubleshooting SSH section Inspect the VM instance without shutting it down and inspect the disk of your VM on another VM. Same way you can transfer your data to another working VM instance.
I had had the same issue while running composer update.
In my case an rebooting of the VM-Instance has solved it.
Beased on these error messages, I guess that your project has Identity-Aware Proxy (IAP) enabled, which sometimes may affect the ability to SSH into an instance, depending on the configuration.
In order to rule out this, you may try the following:
Create the firewall rules for allowing IAP to connect to your instances
Grant the necessary permissions to use IAP
Tunnel the SSH connection through IAP
Pressing Windows + R on Azure Bastion connection to Windows VM results in run dialogue displaying on my local Windows PC instead of the remote VM. Is there a way to use the Windows key shortcuts on the remote VM?
I don't think there is a way to use the Windows key shortcuts on the remote VM via the Azure Bastion connection as the Azure Bastion service is a new fully platform-managed PaaS service. It provides secure and seamless RDP/SSH connectivity to your virtual machines directly in the Azure portal over SSL.
When you connect to remote VM via Azure Bastion, Azure Bastion uses an HTML5 based web client that is automatically streamed to your local device, so that you get your RDP/SSH session over SSL on port 443 enabling you to traverse corporate firewalls securely. In fact, in this case, you are not directly connecting to the remote VM in an RDP session. Currently, Azure Bastion also does not help direct the windows key to the remote VM.
As a workaround, you can use the Windows key shortcuts on the remote VM via KeyBoard redirection on the remote desktop connection. As the picture displayed, select the Apply Windows key combinations on the remote computer when you directly connect to the remote Azure VM with the remote desktop connection.
Easiest way (& only) I've found is by using the on-screen keyboard
The Windows key is sticky, so it's just two mouse clicks
I setup a Google Cloud VM instance with Windows and connected to it through RDP, which worked fine. Though when I quit the session and tried to access it again, I obtained the following error message:
Chrome RDP could not connect to '35.246.214.127'. Please try again.
Error message by Chrome RDP
The instance is running (green light and stats are flashing on the dashboard).
I already checked the firewall settings as suggested and the required port permissions are granted.
The connection through SSH was also possible. But I need RDP to access running software on the GUI.
To use RDP in a GCE Windows VM:
Go to Compute Engine, and click in the arrow next to "RDP" > "Download RDP file".
Then click in the arrow next to "RDP" > "Set Windows password" > "Set" > and copy the password.
Then go to https://remotespark.com/view/rdp.html upload the file, set the user password, and connect.
Other option is enter in this VM > "Edit" > check "Enable connecting to serial ports" > "Save" > and then you can connect the VM through the serial port.
You can also try to restart the VM. Maybe your session still open and you could have a limit of only one user.
https://community.dynamics.com/365/b/dynamics365enterprisecloudfronts/posts/setup-simultaneous-remote-login-for-multiple-users
I logged to my ssh in google cloud Linux Machine by mistake i changed firewall rule and i lost ssh connection. now i am not able login to ssh(22), Is there any way to recover that ?
I know I can take shanpshots of my machine and create new instances using that snapshot. but is there anyway to get again ssh login in same machine or i have to delete it.
Try connecting to the instance via the serial console: https://cloud.google.com/compute/docs/instances/interacting-with-serial-console. From there you should be able to repair the firewall rules.
pjhsea I tried your steps and it is connecting to serial port but it asks passphrase. I was not sure where I have given this passphrase. If you try to access serial port on gcloud console then it always asks for passphrase.
So I tried below steps and I was able to connect to serial port to change firewall setting on my ubuntu VM.
Goto Compute Engine -> VM Instances fro left side menu.
Click on name of the VM you are facing issue connecting using SSH.
It will open VM Instance details page.
On details tab under VM name there will be two dropdown for remote access.
SSH and Connect to serial console.
Click on serial console and select serial port 1(console)
This connect to serial console without any passphrase and I was able to change my firewall rules using below command.
ufw allow 22
Now you should be able to connect using SSH.