google-cloud-platform - 无法使用 gcloud SSH 进入计算引擎实例
问题描述
我已经在 Mac 上安装了 GCP 的云 SDK,并且我拥有所有者的角色,我正在尝试使用此命令 ssh 进入其中一个计算引擎实例。
gcloud compute ssh user@instance-name
不幸的是,我遇到了一个错误。这是我在执行该命令时得到的输出。
External IP address was not found; defaulting to using IAP tunneling.
ERROR: (gcloud.compute.start-iap-tunnel) Error while connecting [[Errno 1] Operation not permitted].
kex_exchange_identification: Connection closed by remote host
ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].
奇怪的是,我可以使用 cloud shell ssh 进入实例。所以我认为 IAP 隧道设置正确。我的一位同事也能够使用他的 mac 上的 cloud sdk 进行 ssh。
我相信我的 cloud sdk 设置可能有问题,但我不确定。
编辑:我尝试用冗长执行命令:
gcloud compute ssh --verbosity=debug instance-name
查看输出,我认为我的网络套接字可能有问题。也许我的笔记本电脑的防火墙设置禁止它。虽然我不确定:
gcloud compute ssh --verbosity=debug instance-name
DEBUG: Running [gcloud.compute.ssh] with arguments: [--verbosity: "debug", [USER@]INSTANCE: "instance-name"]
DEBUG: Starting new HTTPS connection (1): compute.googleapis.com:443
DEBUG: https://compute.googleapis.com:443 "POST /batch/compute/v1 HTTP/1.1" 200 None
DEBUG: https://compute.googleapis.com:443 "POST /batch/compute/v1 HTTP/1.1" 200 None
External IP address was not found; defaulting to using IAP tunneling.
DEBUG: Starting new HTTPS connection (1): oslogin.googleapis.com:443
DEBUG: https://oslogin.googleapis.com:443 "GET /v1/users/myid@some-org.com/loginProfile?alt=json&projectId=myproject-id HTTP/1.1" 200 None
INFO: Using OS Login user [myid_someorg_com] instead of default user [sahil]
DEBUG: SSH Known Hosts File [/Users/sahil/.ssh/google_compute_known_hosts] could not be opened: Unable to read file [/Users/sahil/.ssh/google_compute_known_hosts]: [Errno 2] No such file or directory: '/Users/sahil/.ssh/google_compute_known_hosts'
DEBUG: Running command [/usr/bin/ssh -t -i /Users/sahil/.ssh/google_compute_engine -o CheckHostIP=no -o HostKeyAlias=compute.5622012345678901234 -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/Users/sahil/.ssh/google_compute_known_hosts -o ProxyCommand /Users/sahil/gcloud/google-cloud-sdk/platform/bundledpythonunix/bin/python3 /Users/sahil/gcloud/google-cloud-sdk/lib/gcloud.py compute start-iap-tunnel instance-name %p --listen-on-stdin --project=myproject-id --zone=us-central1-a --verbosity=debug -o ProxyUseFdpass=no myid_someorg_com@compute.5622012345678901234].
DEBUG: Executing command: ['/usr/bin/ssh', '-t', '-i', '/Users/sahil/.ssh/google_compute_engine', '-o', 'CheckHostIP=no', '-o', 'HostKeyAlias=compute.5622012345678901234', '-o', 'IdentitiesOnly=yes', '-o', 'StrictHostKeyChecking=no', '-o', 'UserKnownHostsFile=/Users/sahil/.ssh/google_compute_known_hosts', '-o', 'ProxyCommand /Users/sahil/gcloud/google-cloud-sdk/platform/bundledpythonunix/bin/python3 /Users/sahil/gcloud/google-cloud-sdk/lib/gcloud.py compute start-iap-tunnel instance-name %p --listen-on-stdin --project=myproject-id --zone=us-central1-a --verbosity=debug', '-o', 'ProxyUseFdpass=no', 'myid_someorg_com@compute.5622012345678901234']
DEBUG: Loaded Command Group: ['gcloud']
DEBUG: Loaded Command Group: ['gcloud', 'beta']
DEBUG: Loaded Command Group: ['gcloud', 'compute']
DEBUG: Loaded Command Group: ['gcloud', 'compute', 'start_iap_tunnel']
DEBUG: Running [gcloud.compute.start-iap-tunnel] with arguments: [--listen-on-stdin: "True", --project: "myproject-id", --verbosity: "debug", --zone: "us-central1-a", INSTANCE_NAME: "instance-name", INSTANCE_PORT: "22"]
DEBUG: Starting new HTTPS connection (1): compute.googleapis.com:443
DEBUG: https://compute.googleapis.com:443 "POST /batch/compute/v1 HTTP/1.1" 200 None
DEBUG: credentials type for _GetAccessTokenCallback is [<googlecloudsdk.core.credentials.google_auth_credentials.UserCredWithReauth object at 0x1104a3f10>].
DEBUG: Making request: POST https://oauth2.googleapis.com/token
DEBUG: Starting new HTTPS connection (1): oauth2.googleapis.com:443
DEBUG: https://oauth2.googleapis.com:443 "POST /token HTTP/1.1" 200 None
INFO: Connecting with URL ['wss://tunnel.cloudproxy.app/v4/connect?project=myproject-id&zone=us-central1-a&instance=instance-name&interface=nic0&port=22']
DEBUG: Error during WebSocket processing.
Traceback (most recent call last):
File "/Users/sahil/gcloud/google-cloud-sdk/lib/third_party/websocket/_app.py", line 254, in run_forever
proxy_type=proxy_type)
File "/Users/sahil/gcloud/google-cloud-sdk/lib/third_party/websocket/_core.py", line 223, in connect
options.pop('socket', None))
File "/Users/sahil/gcloud/google-cloud-sdk/lib/third_party/websocket/_http.py", line 120, in connect
sock = _open_socket(addrinfo_list, options.sockopt, options.timeout)
File "/Users/sahil/gcloud/google-cloud-sdk/lib/third_party/websocket/_http.py", line 189, in _open_socket
raise error
File "/Users/sahil/gcloud/google-cloud-sdk/lib/third_party/websocket/_http.py", line 172, in _open_socket
sock.connect(address)
PermissionError: [Errno 1] Operation not permitted
INFO: Error during WebSocket processing:
PermissionError: [Errno 1] Operation not permitted
INFO: Client closed connection from [stdin].
DEBUG: (gcloud.compute.start-iap-tunnel) Error while connecting [[Errno 1] Operation not permitted].
Traceback (most recent call last):
File "/Users/sahil/gcloud/google-cloud-sdk/lib/googlecloudsdk/calliope/cli.py", line 982, in Execute
resources = calliope_command.Run(cli=self, args=args)
File "/Users/sahil/gcloud/google-cloud-sdk/lib/googlecloudsdk/calliope/backend.py", line 809, in Run
resources = command_instance.Run(args)
File "/Users/sahil/gcloud/google-cloud-sdk/lib/surface/compute/start_iap_tunnel.py", line 129, in Run
iap_tunnel_helper.Run()
File "/Users/sahil/gcloud/google-cloud-sdk/lib/googlecloudsdk/command_lib/compute/iap_tunnel.py", line 633, in Run
self._RunReceiveLocalData(_StdinSocket(), 'stdin')
File "/Users/sahil/gcloud/google-cloud-sdk/lib/googlecloudsdk/command_lib/compute/iap_tunnel.py", line 498, in _RunReceiveLocalData
store.LoadIfEnabled(use_google_auth=True)))
File "/Users/sahil/gcloud/google-cloud-sdk/lib/googlecloudsdk/command_lib/compute/iap_tunnel.py", line 466, in _InitiateWebSocketConnection
new_websocket.InitiateConnection()
File "/Users/sahil/gcloud/google-cloud-sdk/lib/googlecloudsdk/api_lib/compute/iap_tunnel_websocket.py", line 132, in InitiateConnection
self._WaitForOpenOrRaiseError()
File "/Users/sahil/gcloud/google-cloud-sdk/lib/googlecloudsdk/api_lib/compute/iap_tunnel_websocket.py", line 350, in _WaitForOpenOrRaiseError
raise ConnectionCreationError(error_msg)
googlecloudsdk.api_lib.compute.iap_tunnel_websocket.ConnectionCreationError: Error while connecting [[Errno 1] Operation not permitted].
ERROR: (gcloud.compute.start-iap-tunnel) Error while connecting [[Errno 1] Operation not permitted].
kex_exchange_identification: Connection closed by remote host
DEBUG: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].
Traceback (most recent call last):
File "/Users/sahil/gcloud/google-cloud-sdk/lib/googlecloudsdk/calliope/cli.py", line 982, in Execute
resources = calliope_command.Run(cli=self, args=args)
File "/Users/sahil/gcloud/google-cloud-sdk/lib/googlecloudsdk/calliope/backend.py", line 809, in Run
resources = command_instance.Run(args)
File "/Users/sahil/gcloud/google-cloud-sdk/lib/surface/compute/ssh.py", line 306, in Run
force_connect=properties.VALUES.ssh.putty_force_connect.GetBool())
File "/Users/sahil/gcloud/google-cloud-sdk/lib/googlecloudsdk/command_lib/util/ssh/ssh.py", line 1313, in Run
raise CommandError(args[0], return_code=status)
googlecloudsdk.command_lib.util.ssh.ssh.CommandError: [/usr/bin/ssh] exited with return code [255].
ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].
解决方案
推荐阅读
- javascript - 我的函数适用于增强的 for 循环,但不适用于普通的 for 循环
- ios - 如何在 iOS 11 中将 JPEG/RAW 图像数据保存到相机胶卷,无法访问处理后的图像数据
- c# - 如何使用 iTextSharp 在单行文本中添加多种字体
- android - getItem 函数在 FragmentStatePagerAdapter 中调用两次?
- python - 根据另一列的值在数组中添加列的编号
- python - Python - 从列中提取/复制分隔文本到新列 xlsx
- c# - 使用 Protobuf-net 对实现抽象类的对象进行序列化和反序列化
- swift - Swift 3.2 中的泛型函数和协议无法推断类型
- python - if...else 条件中的语法错误
- javascript - 无法在 Vue.js 中本地注册组件。“[Vue 警告]:未知的自定义元素”