Google Cloud – Connect to Linux VMs directly without Metadata or OS Login
In my previous two posts below we saw how we can connect to a Linux VM instance in Google Cloud using SSH Metadata or SSH OS Login.
In this post I want to show how you can connect to the instance directly with password or private/public SSH Key managed by yourself.
Connecting by using SSH Password or Private/Public Key Authentication for standard user and root user
When you connect to your Linux VM by using the Google Cloud Console or the Google Cloud CLI as shown in my previous posts, you can of course also add further local standard users or enable and permit the root user to login using SSH and password authentication by changing the SSH configuration as usual in the /etc/ssh/sshd_config file as shown below.
PermitRootLogin yes
PasswordAuthentication yes
You also have to set a password for the root user by running the command.
$ sudo passwd
Finally I can login from remote with the root user and password.
Note !!!
Nevertheless I would recommend to set up SSH private/public Key Authentication for the root user without using password authentication to secure remote access.Further I would also change the default SSH Port 22 to another one beyond the well-known ports range, which is from 0 through 1023. By doing this you will get rid of most annoying automatic brute-force attacks, they just trying the default SSH port 22. So if port 22 is closed, you get rid of all these automatic connection attempts.
About how to set up the SSH private/public key pair you can read my following post.
If you still want to use password authentication, at least you should set up Fail2ban to protect your servers from brute-force attacks.
Links
Connecting to instances as the root user
https://cloud.google.com/compute/docs/instances/connecting-advanced#rootAbout SSH connection
https://cloud.google.com/compute/docs/instances/ssh
