7

I have a Linux machine on Google Cloud, created with Bitnami.

It was working well, and it could be accessed through SSH, usign the web console or putty. However suddenly today it can not be accessed via SSH in any way. When I try to edit the VM and change the SSH keys or make any other change to it i get the following error message:

Editing VM instance:"***" failed.
Error:Supplied fingerprint does not match current metadata fingerprint

The VM still running and the services deployed on it still working, but no changes can be made. I have about 10 other VMs, and all of them still having SSH Access.

I have tried to follow several guides on GC docs, but almost none can be done without command line access.

Adolfo Martinez
  • 81
  • 1
  • 2
  • Thanks, however this particular problem is specific to the Edit VM on Google cloud platform. I have tried on ServerFault and it is more general –  Mar 09 '18 at 00:19
  • A. Are these other VMs on the same project? Asking in case this is a firewall issue. (It's probably not, but let's remove that variable.) B. When you go to edit the instance in the web console, is the existing public key formatted correctly? – ingernet Mar 10 '18 at 00:00
  • 1
    Try to delete the current SSH metadata entries at the project level. Then use gcloud compute ssh [instance_name]. This will create a new SSH key and should allow you to reconnect. – Patrick W Mar 12 '18 at 15:33
  • 1
    You can have access to the instance by enabling interactive access on the serial console: https://cloud.google.com/compute/docs/instances/interacting-with-serial-console#enabling_interactive_access_on_the_serial_console I leave here this guide on general advice to troubleshoot SSH issues on GCE https://cloud.google.com/compute/docs/troubleshooting/troubleshooting-ssh – Pauloba Apr 16 '18 at 09:44
  • 1
    Maybe this thread can be helpful too https://stackoverflow.com/questions/49001519/cannot-access-vm-using-gcloud-compute/49012827#49012827 – Pauloba Apr 16 '18 at 09:45
  • Having this issue as well. Trying to add a ssh key. – oligofren Mar 04 '19 at 14:07

1 Answers1

1

As suggested in the comments, you should check if SSH Keys set up for this VM are correct and Block project-wide SSH keys is un-checked.
If there are no SSH keys, you can generate your own pair:
run ssh-keygen -t rsa -b 4096 -C "your_email@domain.com" on your local machine and copy content of id_rsa.pub,
select Edit in VM details page, press Show and edit, then Add item and paste it.
Cloud console will check syntax of key automatically.
Save at the bottom and try accessing VM from local terminal or PuTTy.

If you are using different OS or need more information, you can find it here.

If manually created pair does not resolve the issue, you can try using serial console to access VM:

Start by enabling serial port access:

    --metadata serial-port-enable=TRUE

Then add a temporary account: select affected VM, press edit, and add custom metadata:
Key: startup-script Value: #!/bin/bash useradd --groups google-sudoers tempuser echo "tempuser:password" | chpasswd

Save your changes and press Connect to serial console

From there, you can check ssh service status or edit ~/.ssh/authorized_keys

If none of these steps help, you can clone your instance.

Sergiusz
  • 310
  • 2
  • 13