This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Can't connect via SSH

Posted on 03-27-2025 11:58 PM
stevetb13
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

We have a VM running Linux hosting our SFTP.  In the past, I could connect via SSH, but now cannot.  I can get to the SFTP web UI, so I know the server/app are running.  When connecting via Putty, it says  "This service allows sftp connections only" and disconnects the session.  When trying directly from the GCP UI, it says I need to open the firewall for incoming to 0.0.0.0:22, however, my CTO can connect via SSH with no issue.  My IP address is already in the network tags for the VM.  I've given myself Owner permissions at the project level, and it still doesn't connect.  Any thoughts?

0 2 103
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
francislouie
Staff
Reply posted on --/--/---- --:-- AM

Hi stevetb13,

Welcome to Google Cloud Community!

It seems like that your SSH access is restricted while SFTP is allowed. Given that your CTO can connect without issue. 

Here’s troubleshooting steps:

  • Confirm SSH Server Configuration(sshd_config):
    • Port 22: Ensure this line exists and is not commented out (preceded by a #). If it's a different port number, that's your SSH port.
    • AllowUsers or AllowGroups: If these directives are present, ensure your username (or a group you belong to) is listed.
    • ForceCommand internal-sftp: If this directive is present within a Match block that applies to your user, try commenting it out.
    • Try restarting SSH service with “sudo systemctl restart sshd or sudo service ssh restart”
  • Verify Firewall Rules
    • Confirm your current public IP address (use "what is my ip") matches what's expected in the allowed ranges or tagged sources for the firewall rule.
    • ensure your local computer's firewall isn't blocking outbound connections to port 22
    • If necessary, create a new firewall rule that explicitly allows SSH access from your local IP and permits all ports and protocols
  • Use network connectivity test
    • Google Cloud provides Network Connectivity Tests, which analyze your configuration and, in some cases, perform live data plane analysis between endpoints. Running these tests can help diagnose potential network issues.

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.

0 Likes

Posted on --/--/---- --:-- AM
stevetb13
Bronze 1
Bronze 1
In response to francislouie
Reply posted on --/--/---- --:-- AM

I dug further and figured it out.  There's a group called sftpusers that my user account was in, and I guess that was forcing me into sftp, and not allowing ssh.  Once I removed myself from the group, I was able to log in normally.  

0 Likes
Top Labels in this Space
Top Solution Authors
View all