为什么我不能通过“默认"以外的网络通过SSH连接到Google VM实例? [英] Why can't I connect to a Google VM instance via SSH over a network other than "default"?
问题描述
使用Google Developer Console计算引擎",我正在尝试通过SSH连接到Google VM实例. 它不起作用.由于网络关联"的问题,我在创建实例时遇到了麻烦. 这是我的问题和解决方案:为什么是";创建在Google Compute Engine VM实例中被禁用?
Using the Google Developer Console "Compute Engine" I am trying to connect to a Google VM instance via SSH. It doesn't work. I had trouble creating the instance to begin with due to a problem with the "network association". Here was my question and solution for that: Why is "Create" disabled in Google Compute Engine VM instances?
现在我的SSH问题可能是什么原因?
What are the likely causes for my SSH issue now?
推荐答案
原来是防火墙问题.与默认"网络不同,当您手动添加一个网络时,它不会自动打开端口22来使ssh正常工作.
It turned out to be a firewall issue. Unlike the "default" network, when you add one manually, it doesn't automatically open port 22 for ssh to work.
解决此问题的最简单方法是通过Google Developer Console的网络"页面.如果转到网络"部分并选择要使用的自定义网络,则可以选择添加防火墙规则.对我来说不幸的是,直到我使用Google Cloud Shell进行操作时,我才发现这一点...这是我漫长的路要走"的方法,实际上,这将使您对整个Google VM管理有更多的控制和见识.模型.它还可以确保您可以通过Google Cloud Shell进行连接,以备将来需要时再次使用:
The easiest way to fix this is via the Google Developer Console "Networking" page. If you go to the networks section and select the custom network you are using, it has the option to add firewall rules. Unfortunately for me, I didn't figure this out until I did it with the Google Cloud Shell... Here's how I did it the "long way", which will in fact give you more control and insight into this whole Google VM management model. It will also ensure you can connect via the Google Cloud Shell in case you need to again in the future:
在计算引擎"中,转到"VM"部分,然后选择您的VM.在屏幕的左上角是一个"SSH"按钮和一个省略号("...")按钮.单击"...",然后选择查看gcloud命令".当该窗口打开时,将命令复制到剪贴板.然后关闭窗口,然后点击屏幕右上角的> _"(激活Google Cloud Shell)按钮.
In the "Compute Engine" go to the VM section and select your VM. In the top left corner of the screen is an "SSH" button and an ellipsis ("...") button. Click the "..." and select "View gcloud command". When that window opens, copy the command to the clipboard. Then close the window and click the ">_" (Activate Google Cloud Shell) button in the upper right corner of the screen.
在加载外壳时,粘贴命令(使用Ctrl + V).尝试连接后,如果您遇到此防火墙问题,它将最终超时.
When the shell loads, paste in the command (with Ctrl+V). After attempting to connect, it will eventually time out if you have this firewall problem going on.
要显示正在使用的网络上的防火墙规则,请输入以下内容:
To display the firewall rules on the network you are using enter the following:
gcloud compute firewall-rules list
要更详细地检查规则,请使用以下方法:
To inspect a rule in more detail use this:
gcloud compute firewall-rules describe [rule name]
检查后缀为"allow-ssh"的规则,或更具体地说,后缀为打开端口22的规则.可能缺少该规则.
Check for a rule with a suffix of "allow-ssh", or more specifically one that opens up port 22. It is probably missing.
如果您实际上是在默认"网络上,则可以使用以下在Google文档中找到的命令:
If you were in fact on the "default" network, you could use the command you'll find in the Google documentation for this:
gcloud compute firewall-rules create default-allow-ssh --allow tcp:22
但是,如果您在备用网络上,请使用以下更明确的命令:
But, if you are on an alternate network, use this more explicit command:
gcloud compute firewall-rules create [network name]-allow-ssh --allow tcp:22 --network [network name] --source-ranges 0.0.0.0/0 --description "Allow SSH from anywhere."
用您的文字值替换[网络名称].
Replace [network name] with your literal value.
执行完之后,再次尝试连接命令.它应该现在就可以工作!
After executing that, try the connection command again. It ought to work now!
这篇关于为什么我不能通过“默认"以外的网络通过SSH连接到Google VM实例?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
