Differences
This shows you the differences between the selected revisions of the page.
guide_google_compute_engine 2017-01-18 | guide_google_compute_engine 2024-05-22 (current) | ||
Line 1: | Line 1: | ||
- | ====== Connecting Securely to Google Compute Engine Server with SFTP ====== | + | ====== Connecting securely to Google Compute Engine server with SFTP ====== |
With WinSCP you can easily upload and manage files on your Google Compute Engine (GCE) instance/server over [[sftp|SFTP protocol]]. | With WinSCP you can easily upload and manage files on your Google Compute Engine (GCE) instance/server over [[sftp|SFTP protocol]]. | ||
Before starting you should: | Before starting you should: | ||
* [[guide_install|Have WinSCP installed]]; | * [[guide_install|Have WinSCP installed]]; | ||
- | * [[https://cloud.google.com/compute/docs/instances/|Have Google Compute Engine instance running]]. | + | * [[https://cloud.google.com/compute/docs/instances|Have Google Compute Engine instance running]]. |
First you need to generate your private key, if you do not have one yet: | First you need to generate your private key, if you do not have one yet: | ||
Line 14: | Line 14: | ||
Collect information about your GCE instance: | Collect information about your GCE instance: | ||
- | * IP address: Check //External IP// column on //Compute > Compute Engine > VM Instances// page of your project on [[https://console.developers.google.com/|Google Developers Console]]. | + | * IP address: Check //External IP// column on //Compute > Compute Engine > VM Instances// page of your project on [[https://console.cloud.google.com/|Google Cloud Platform]]. |
* Host key fingerprint: On the first connect you will be prompted to [[ssh_verifying_the_host_key|verify a server host key]]. | * Host key fingerprint: On the first connect you will be prompted to [[ssh_verifying_the_host_key|verify a server host key]]. | ||
- | * To securely acquire a fingerprint of the host key, use web-based SSH client in Google Developers Console (use //SSH// link on the //VM Instances// page). You will see the fingerprint as soon as you connect. To see the host key for other algorithms use following commands: \\ <code>ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key | + | * To securely acquire a fingerprint of the host key, use web-based SSH client in Google Cloud Platform (use //%%SSH%%// link on the //VM Instances// page). In the console, use ''[[https://man.openbsd.org/ssh-keygen|ssh-keygen]]'' command to display a fingerprint of any number of host keys algorithms. The following example shows SHA-256 and MD5 fingerprints of Ed25519 hostkey: \\ <code bash>sudo ssh-keygen -l -f /etc/<nohilite>ssh</nohilite>/ssh_host_ed25519_key |
- | ssh-keygen -l -f /etc/ssh/ssh_host_dsa_key | + | sudo ssh-keygen -l -f /etc/<nohilite>ssh</nohilite>/ssh_host_ed25519_key -E md5 |
- | </code> With OpenSSH 6.8 and newer, you need to add ''-E md5'' to display MD5 fingerprint. \\ \\ &screenshotpict(gce_hostkey) | + | </code> &screenshotpict(gce_hostkey) |
- | Set up SSH keys for your Google Compute account: | + | Set up %%SSH%% keys for your Google Compute account: |
* [[ui_puttygen#reloading|Load your private key]] to PuTTYgen; | * [[ui_puttygen#reloading|Load your private key]] to PuTTYgen; | ||
- | * Enter your GCE username((If you do not know your username, it's typically your Google account email address with all symbols replaced with underscore, i.e. username for ''martin@example.com'' is ''martin_example_com''.)) to //Key comment// box. | + | * Enter the username (an existing one or any other account name you want to be created) to the //Key comment// box. |
- | * Copy a contents of //Public key for pasting to OpenSSH authorized_keys file// to the clipboard (note that the contents includes your username); | + | * Copy a contents of //Public key for pasting into OpenSSH authorized_keys file// to the clipboard (note that the contents includes your username); |
- | * Go to //Compute > Compute Engine > Metadata// page of your project on Google Developers Console; | + | * Go to //Metadata// page of your project on Google Cloud Platform; |
- | * Go to //SSH Keys// tab and click //Edit//; | + | * Go to //%%SSH%% Keys// tab and click //Edit//; |
- | * Paste contents of the clipboard to //Enter entire key data// box (note how the username is automatically recognized). | + | * Click //Add item// button and paste contents of the clipboard to //Enter public SSH key// box (note how the username is automatically recognized). |
- | * Press //Done// and wait for the key to be saved. | + | * On the bottom of the page, click //Save// and wait for the key to be saved. |
- | If you want to set up the keys for a specific instance only, use //Add SSH key// link on the instance page instead of using project's //Metadata// page. | + | If you want to set up the keys for a specific VM instance only, go to //Edit > %%SSH%% Keys > Show and edit > Add item// on the instance page instead of using project's //Metadata// page. |
~~AD~~ | ~~AD~~ | ||
Line 36: | Line 36: | ||
Finally, start WinSCP. [[ui_login|Login dialog]] will appear. On the dialog: | Finally, start WinSCP. [[ui_login|Login dialog]] will appear. On the dialog: | ||
* Make sure //New site// node is selected. | * Make sure //New site// node is selected. | ||
- | * On the //New site// node, make sure //SFTP// protocol is selected. | + | * On the //New site// node, make sure //%%SFTP%%// protocol is selected. |
- | * Enter your GCE instance public IP address (see above) into the //Host name// box. | + | * Enter your %%GCE%% instance public IP address (see above) into the //Host name// box. |
- | * Enter your GCE username into the //User name// box; | + | * Enter the account name (that the console extracted out of your %%GCE%% username) into the //User name// box; |
* Press //Advanced// button to open [[ui_login_advanced|Advanced site settings dialog]] and go to //[[ui_login_authentication|SSH > Authentication page]]//. | * Press //Advanced// button to open [[ui_login_advanced|Advanced site settings dialog]] and go to //[[ui_login_authentication|SSH > Authentication page]]//. | ||
* In the //Private key file// box select your private key file. | * In the //Private key file// box select your private key file. | ||
Line 47: | Line 47: | ||
===== Further reading ===== | ===== Further reading ===== | ||
- | * Guide to [[guide_upload|uploading files to SFTP server]]; | + | * [[guide_upload|*]]; |
- | * Guide to [[guide_automation|automating operations]] (including upload); | + | * [[guide_automation|*]]; |
- | * [[faq_su|How do I change user after login (e.g. su root)?]] | + | * [[faq_su|*]]; |
- | * Guide to [[guide_amazon_ec2|connecting to Amazon EC2 server with SFTP]]; | + | * [[guide_google_bucket|*]]; |
- | * Guide to [[guide_microsoft_azure|connecting to Microsoft Azure Service with SFTP or FTPS]]. | + | * [[guide_amazon_ec2|*]]; |
+ | * [[guide_microsoft_azure|*]]. |