ssh – Google Cloud – Permission denied (publickey)

I have a GCP instance running debian-8-jessie-v20170619 (deprecated). After a reboot, I lost ssh access to the machine (cannot ssh via Web, Terminal, or gcloud cli). Now my MySQL database has issue for my WordPress blog and I need to ssh. There are tens of questions with the same title, so I read most of them and tried:

  1. Regenerating ssh key, adding to Metadata (both on instance, and in project)
  2. Turning off OS Login and trying ssh. Turning on OS Login and trying ssh.
  3. Serial console method (user is not being created by startup script; so login fails)
  4. Using ssh -i key user@host instead of gcloud cli
  5. Adding key to authorized_keys

None of these worked. Here is the out of $ gcloud compute ssh MyVM --ssh-flag="-vvv"

OpenSSH_8.1p1, LibreSSL 2.7.3
debug1: Reading configuration data /Users/Jash/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 47: Applying options for *
debug2: resolve_canonicalize: hostname 35.237.214.57 is address
debug2: ssh_connect_direct
debug1: Connecting to 35.237.214.57 (35.237.214.57) port 22.
debug1: Connection established.
debug1: identity file /Users/Jash/.ssh/google_compute_engine type 0
debug1: identity file /Users/Jash/.ssh/google_compute_engine-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u8
debug1: match: OpenSSH_6.7p1 Debian-5+deb8u8 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 35.237.214.57:22 as 'Jash'
debug1: using hostkeyalias: compute.2217424771252360577
debug3: hostkeys_foreach: reading file "/Users/Jash/.ssh/google_compute_known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/Jash/.ssh/google_compute_known_hosts:1
debug3: load_hostkeys: loaded 1 keys from compute.2217424771252360577
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:/8U8cYg6EIhbKq5aDfb9DySyrP6JEli2B3iUpLKx6lE
debug1: using hostkeyalias: compute.2217424771252360577
debug3: hostkeys_foreach: reading file "/Users/Jash/.ssh/google_compute_known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/Jash/.ssh/google_compute_known_hosts:1
debug3: load_hostkeys: loaded 1 keys from compute.2217424771252360577
debug1: Host 'compute.2217424771252360577' is known and matches the ECDSA host key.
debug1: Found key in /Users/Jash/.ssh/google_compute_known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /Users/Jash/.ssh/google_compute_engine RSA SHA256:dHe8jHKOHpUXq/rriZMV3ya/HgaJeyrLqGLTe2+OJnc explicit
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /Users/Jash/.ssh/google_compute_engine RSA SHA256:dHe8jHKOHpUXq/rriZMV3ya/HgaJeyrLqGLTe2+OJnc explicit
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Jash@35.237.214.57: Permission denied (publickey).
ERROR: (gcloud.compute.ssh) (/usr/bin/ssh) exited with return code (255).

networking – Can’t connect to Windows 10 thru SSH or Netcat from Linux

I have installed ‘OpenSSH SSH Server’ on Windows 10 machine, and I’m trying to connect from Kali Linux machine but I always get “ssh: connect to host 192.168.1.181 port 22: Connection timed out”

Same thing with netcat. I go on Windows 10: ncat -nlvp 2900 and on
Kali: nc 192.168.1.181 2900 and after 3-4min I get: “(UNKNOWN) (192.168.1.181) 2900 (?) : Connection timed out”
I have no problem connecting from WIN10 to Kali whatsoever.
I’ve had a success connecting to windows10 from Kali thru Ngrok, but now that doesn’t work either.
I’ve been fighting with this for days now, I run out of ideas…
What else I can do, how to make this connection work?

tunnel – SSH Reverse Tunneling via Jump PC

I need to know if this is possible and what commands are needed. I have a cloud based server that I am using for a jump PC for SSH tunnels. I have a tunnel to the jump PC that listens on port 2222 for ssh connections. I want to be able to SSH from my local computer to the jump PC subsequently down that open port 2222 to the remote pc. I do not have direct access between Remote PC and the Local PC, but both can access the jump.

Remote PC ===> Jump PC <=== Local PC

Remote PC <==through jump== Local PC

Sorry if this has been asked, I couldn’t find it.

linux – Website behind Firewall: How to HTTPS through a Reverse SSH Tunnel?

I have a website (Apache) hosted on my Raspberry Pi behind the apartment’s NAT firewall. A reverse SSH tunnel is established between the RasPi and a cloud server outside for port forwarding. The site’s domain name points to the cloud server’s IP address. This setup is currently able to handle HTTP connection, while I am unsure how to make HTTPS work.

Goal: Enable SSL/TLS connection between somewhere and visitors outside, so that they can see the green padlock when opening the domain name.

                    F|
                    I|
 +==========+       R|      +=============+
 |  Ras Pi  |       E|      |     VPS     |     +--------------------+
 |  Apache  |==(SSHTunnel)==|             |<----: Inbound connection :
 |   Site   |       W|      | Domain Name |     +--------------------+
 +==========+       A|      +=============+
                    L|
                    L|

Is this configuration possible? Where should I install the certificate?

networking – Ubuntu Server Terminating SSH Connection

The machine refusing to connect suggests that the sshd service crashed, or the OS crashed, or possibly the entire server shut down for some reason. If you have the ability to see what’s going on physically with the server, or an IP-KVM/iDRAC, etc. that will give you a view of what’s on the screen, you’ll be able to see what happened specifically and go from there.

ssh – Wireshark – Why is this ASCII data not human readable?

I just did a capture for an SSH transmission. At the bottom of the wireshark window, I see the following…

enter image description here

To open the window to the right, I right clicked the data segment and chose “Show Packet Bytes”

My question is why is the data in the window to the right human readable, and the data to the left not. How is the data to the left being displayed/decoded?

I would expect both of these things to match since this is the first packet of an SSH session which should just contain some string to identify the SSH client type to the server.

server – How hacker/ others get your SSH private key / stole your SSH private key?

Private keys aren’t any different from any other files, so any way for an attacker to get an arbitrary file from your PC is also a way for them to get your private key – provided it wasn’t encrypted. This includes, but is not limited to:

  • Theft
  • Malware
  • Accidental Disclosure
  • Insecure Storage
  • etc.

Each of these issues must be tackled in isolation, and they may not all be of equal importance. For example, I find it very unlikely that someone would break into my apartment and steal my hard drive – but it is much more likely that my laptop is being stolen when I am travelling.

One thing that is specific to private key is that a lot of even tech-literate people do not know what public-key cryptography is and thus think a private key is “like a password, but it’s a file”. As such, when they are supposed to upload their public key somewhere (which is a legitimate and necessary for the process to work), they sometimes upload their private key instead.

Even advanced users occasionally fall for malware, depending on the situation. For example, a few years ago, a friend sent me a message through steam, just with a link to a file. I downloaded and opened it. Big mistake. This wasn’t because I am somehow stupid (although people who know me would disagree), but because a handful of factors played together: I was busy playing a game, it was late at night and that friend happened to often just send me random links to check out. So it wasn’t any behavior that raised alarm bells for me.

[Hostpoco.com]*OpenVZ VPS Hosting + Root / SSH Access + Free Setup + 99 % Uptime,$14.

Hostpoco.com is a  perfect hosting company to get simple, fast, and secure hosting services, that allow you to take your business to the next level.

We offer a wide range of web hosting services from shared hosting, reseller hosting, OpenVZ VPS & Dedicated Servers. We’re committed to providing the highest level of customer support across all of our offerings.

All our VPS hosting service includes control panel installation and setup, full root access, dedicated IP, free RDNS, and free re-installations. Just Sign up and be online within Hour with our instant & free setup!

We offer a 30-day money-back guarantee if you are not 100% satisfied with our service.

VPS Plans

Startup:$14.99 /Monthly

★ 1024 MB Memory
★ 30 GB Raid 10 Storage
★ 2 TB Monthly Traffic
★ 1 IPv4 included
★ Free Setup

Pro:$24.99 /Monthly

★ 2048 MB Memory
★ 60 GB Raid 10 Storage
★ 3 TB Monthly Traffic
★ 1 IPv4 included
★ Free Setup

Premium:$44.99 /Monthly

★ 4096 MB Memory
★ 120 GB Raid 10 Storage
★ 4 TB Monthly Traffic
★ 1 IPv4 included
★ Free Setup

Elite:$84.99 /Monthly

★ 8192 MB Memory
★ 180 GB Raid 10 Storage
★ 8 TB Monthly Traffic
★ 1 IPv4 included
★ Free Setup

BUY NOW:
https://hostpoco.com/cheap-us-vps-hosting.php

For more Hosting plan details, please visit: www.hostpoco.com

In case you have any questions, you can contact our sales department by initiating a chat or by dropping an email to [email protected]

ssh – Command line arguments to specify tab name in MobaXterm

When launching the MobaXterm application using command line arguments, is there a way to specify the tab name? For example, there is a command to execute this from an integration:

C:Program Files (x86)MobatekMobaXtermMobaXterm.exe -newtab "sshpass -p $PASSWORD ssh $USERNAME@$HOST -p $PORT"

Upon execution, a new tab is opened in MobaXterm with the name randomly-generated-uuid@proxy.example.com instead of username@server.example.com. This can cause a lot of confusion when multiple tabs are open unless the user renames the tabs manually themselves.

I’m restricted to using CLI arguments as the launch can be executed in multiple different environments so it would be impractical to have a configuration file. The launcher is also generic as the proxy server auto-populates those variables upon execution. Is there a way to specify the tab name as an argument?

ssh – Git Hub publickey issue

I am a new git and github user. It is the first time that I was pulling some files to my private repository. I entered this command on terminal.

git push -u origin master

Now master was the name of my main branch. After this command this was showed up

git@github.com: Permission denied (publickey).

fatal: Could not read from remote repository.

I am reading a lot about SSH key and all about which I have no idea. Kindly explain me in detail how do I resolve the issue