This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

I can't ssh into my LAMP server

Posted on 11-10-2022 09:53 AM
Fred-Niyi
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Firewall ingress rule allow port 22 from 35.235.240.0/20.

Firewall ingress rule allow port 443 from 0.0.0.0/0.

Firewall ingress rule allow port 80 from 10.1.0.0/16 (my vpc network). After seeing the console output, I opened port 80 to 0.0.0.0/0 but got the same result, could not login to ssh.ssh error.png

I have 2 vms in us-east1-b behind a cloud NAT. One is a lamp stack, and one is not.

I can't ssh in the lamp stack but I can ssh in the non-lamp stack.

Even when I add an external Ip to the lamp, I still can't ssh. 

I have OsLogin and tunnel through Iap enabled project wide. 

At first, after configuring the lamp, I could ssh w/o issue, but sometimes take long. However, since yesterday, I could no longer ssh.

I deleted the lamp but kept the disk and then create a new vm and attached the disk to the new vm and still have the same issue.

Attached is output of the console 1. 

Kindly advise.

console .png

0 2 345
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
usman317
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Firewall ingress rule allow port 22 from 35.235.240.0/20.

I think you created this firewall rule to allow ssh connection only from range of your ISP (i think so). Now you try to ssh into the machine and it doesn't work.

The thing Even if you don't define any firewall rule you should be able to ssh into the vm from your browser. So it don't think you have a problem with the firewall rules. The problem you are facing is with the Identity-aware Proxy. I don't know much about it at this time but what is does is 

enforce access control policies for applications and resources. IAP works with signed headers or the App Engine standard environment Users API to secure your app. With IAP, you can set up group-based application access: a resource could be accessible for employees and inaccessible for contractors, or only accessible to a specific department.

you can  read more about it from here https://cloud.google.com/iap/docs/concepts-overview

If you need my help feel free to ask

Posted on --/--/---- --:-- AM
Fred-Niyi
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Thanks Usman, after some times it started working again. I think it was an issue with a ufw that i had installed on the VM. I tried disabling it and since then I have not had any issue SSh in the server.

Top Labels in this Space
Top Solution Authors
View all