I've just set up a new test instance on Google cloud… it's Debian, the default Google build.
I've been able to connect successfully to the instance using the SSH console (from Chrome) and the gcloud shell. Both use Google generated keys.
I want to access it from my Windows desktop using Putty so I can do things like setting up port forwarding. So I've followed Google's (very detailed and copious) instructions and tried in many ways to to this, so far without success. In general I've generated keys for various accounts using PuttyGen, and then uploaded those keys in various ways and places to Google cloud… but none of the combinations I've tried have worked. In each case when I try to log into the server I get "server refused our key" followed by "Putty Fatal Error: No supported authentication methods available (server sent: publickey)." I've enabled os login (by adding the enable-oslogin = TRUE flag to the metadata).
Here are some of the ways that I've tried uploading the public key:
- in project metadata using the console gui
- in vm metadata using the console gui
- directly in the instance by adding the keys to the instance using the console gui
- using the gcloud command shell (into the instance)
- in
~/.ssh/authorized_keys(pasted in).
I've done most of the above with several different accounts:
- my "owner" account (under my first name)
- a second account that incorporates the site domain name as well as my first name. (This account works perfectly using the other access methods.)
- the Google-generated service account
I did this by using the each of the account names in the "PuttyGen" comment field, and again in the account@ip.address in the Putty host field, one name per key. (The IP address I got from the Gcloud console and it appears to be working properly).
I've been pretty careful to follow the Google documented format for the keys, and the keys appear to be displayed correctly and successfully with the correct user names in the console. In the gcloud command shell they appear to be formatted correctly as well.
I've tried debugging by looking at /var/log/auth.log but nothing much is shown. I've also tried debugging in Putty but I don't get any more information.
I'm getting a little frustrated by this … I'm trying to be self-supporting but getting a bit frustrated. Any suggestions on other directions or approaches, or what I might be doing wrong?
I've tried the same thing on RHEL and got the same result. Forgot to mention that at the beginning of the first login process, Putty caches the server key as usual, so it is connecting, just not authenticating.
Has anyone run into a similar issue? I've seen similar issues reported in the past that were related to Google cloud bugs, but those bugs appear to have been fixed. I expected this to be pretty straightforward, I've used Putty before many times without trouble, but so far I'm a bit lost.
Thanks in advance for any help or suggestions.
Best Answer
I eventually found a solution to this.... It seems that I may have put a public key file in the wrong format into the instance data. I was able to use the gcloud shell to remove the file (ssh-keys remove), upload a properly formatted file to the gcloud shell, and then do ssh-keys add --file-name=<my_key_file> to install it. Then it worked on RHEL. My original Debian instance was still broken, but a new Debian instance seems ok, and I can PuTTY to it.