Monday, 18 May 2020

GCP SSH Keys 101

Generating SSH Keys

ssh-keygen -t rsa -f ~/.ssh/[KEY_FILENAME] -C [USERNAME]

Restrict access 

chmod 400 ~/.ssh/[KEY_FILENAME]

Locating an SSH Key

Linux and macOS
Public key: $HOME/.ssh/google_compute_engine.pub
Private key: $HOME/.ssh/google_compute_engine

Windows:
Public key: C:\Users\[USERNAME]\.ssh\google_compute_engine.pub
Private key: C:\Users\[USERNAME]\.ssh\google_compute_engine

Adding/Removing Project-Wide Public SSH Keys

gcloud compute project-info describe
...
metadata:
  fingerprint: QCofVTHlggs=
  items:
  - key: ssh-keys
    value: |-
      [USERNAME_1]:ssh-rsa [EXISTING_KEY_VALUE_1] [USERNAME_1]
      [USERNAME_2]:ssh-rsa [EXISTING_KEY_VALUE_2] [USERNAME_2]
...

Project Level

gcloud compute project-info add-metadata --metadata-from-file ssh-keys=[LIST_PATH]

Instance Level

gcloud compute instances add-metadata [INSTANCE_NAME] --metadata-from-file ssh-keys=[LIST_PATH]

Blocking Project-Wide Public SSH Keys

gcloud compute instances add-metadata [INSTANCE_NAME] --metadata block-project-ssh-keys=TRUE
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

A Fun Problem - Math

# Problem Statement JATC's math teacher always gives the class some interesting math problems so that they don't get bored. Today t...