I am unable to ssh to my GCP instance.
When I contacted support they are saying that sshguard is blocking the request and asked me to include –
#! /bin/bash
sudo apt-get remove --auto-remove sshguard
sudo apt-get purge --auto-remove sshguard
in custom metadata under key startup-script.
I restarted several times but doesn't work.
When I try to ssh to that instance it says connection refused on port 22.
Suspecting that ssh is not running, I also tried adding
sudo service ssh start
in startup-script, but din't work.
I have checked firewall already rules and I am running ubuntu-14.04
I tried gclod shell and web ssh too, but nothing works.
Best Answer
First we have to make sure that OpenSSH daemon is running and that it is able to respond to connections. That is to say that a local firewall on the instance does not deny SSH connections, or that the SSH daemon is not controlled by TCP Wrapper or SSH Guard.
You can test the response from SSH daemon with net cat (nc command), telnet or nmap on port 22 from the Cloud Shell. You might have to install the packages in the Cloud Shell session. this an example of install for NetCat tool:
If OpenSSH is running and not blocked you should have a response showing OpenSSH version of the daemon.
In order to check local firewalling it would be interesting to stop iptables in your startup script with the command:
In the case that SSH would be controlled by TCP Wrapper, entries would be added in /etc/hosts.allow and /etc/hosts.deny files. You could flush those files in your startup script after keeping them as backup:
You tried to start SSh daemon on the startup script, which is fine but please note that sudo command must not be used in the startup script as it runs with root credentials. In the startup script all commands issued with sudo are rejected.
You can then set the following startup script and reboot the instance: