通过Secure CRT终端远程登录Google Cloud Shell详细教程

Google Cloud Platform简称GCP,是由谷歌提供的,供开发人员免费使用的云端linux服务器云平台。每周有50H的免费使用时间,让您可以直接在浏览器中通过Google Cloud Shell访问云端资源。
Google Cloud Shell地址:https://cloud.google.com/shell
本文主要介绍通过CRT、PUTTY和XSHELL等终端直接连接GCP的方法,由于各终端均支持ssh协议访问。因此,以下主要以CRT举例,实现访问GCP。
1、进入Google Cloud Shell首页,选择【免费开始使用】
通过Secure CRT终端远程登录Google Cloud Shell详细教程_第1张图片
2、查看GCP分配的资源情况

通过Secure CRT终端远程登录Google Cloud Shell详细教程_第2张图片
3、Cloud Shell配额使用时间如下
通过Secure CRT终端远程登录Google Cloud Shell详细教程_第3张图片
4、查看已分配的云平台资源情况;
通过下面只能看到私网IP地址,显然通过私网IP不能远程直接访问到云平台的虚拟机

hhhhhng@cloudshell:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:ce:ac:8c:33 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.1/16 brd 172.18.255.255 scope global docker0   `私网IP`
       valid_lft forever preferred_lft forever
12: eth0@if13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
       valid_lft forever preferred_lft forever
hhhhhng@cloudshell:~$ df -h
Filesystem      Size  Used Avail Use% Mounted on
overlay          46G   36G   10G  78% /
tmpfs            64M     0   64M   0% /dev
tmpfs           998M     0  998M   0% /sys/fs/cgroup
/dev/sda1        46G   36G   10G  78% /root
/dev/sdb1       4.8G   11M  4.6G   1% /home
shm              64M     0   64M   0% /dev/shm
tmpfs           998M  784K  998M   1% /run/metrics
overlayfs       998M  156K  998M   1% /etc/ssh/ssh_host_rsa_key
overlayfs       998M  156K  998M   1% /etc/ssh/keys
tmpfs           998M     0  998M   0% /run/google/devshell
hhhhhng@cloudshell:~$

5、获取通过公网IP远程SSH访问的IP和端口号
参考链接:https://cloud.google.com/blog/products/gcp/introducing-the-ability-to-connect-to-cloud-shell-from-any-terminal
执行命令:sudo gcloud alpha cloud-shell scp cloudshell:~/data.txt localhost:~

hhhhhng@cloudshell:~$ sudo gcloud alpha cloud-shell scp cloudshell:~/data.txt localhost:~
WARNING: The public SSH key file for gcloud does not exist.
WARNING: The private SSH key file for gcloud does not exist.
WARNING: You do not have an SSH key for gcloud.
WARNING: SSH keygen will be executed to generate a key.
This tool needs to create the directory [/root/.ssh] before being able
 to generate SSH keys.

Do you want to continue (Y/n)?  y          `选择y`

Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):   `可不用填,直接Enter`
Enter same passphrase again:
Your identification has been saved in /root/.ssh/google_compute_engine.
Your public key has been saved in /root/.ssh/google_compute_engine.pub.
The key fingerprint is:
SHA256:xrIHol46DiaK0EbNIcjTL3mXMUkcdnojnqGqMOOnPRw root@cs-6000-devshell-vm-a9c12368-bf2e-4360-8f78-60e4bf694038
The key's randomart image is:
+---[RSA 2048]----+
|...   o.+        |
|.o...  A o       |
|  .+o.o.O .      |
|  .o++o=S        |
| o B+..=         |
|B.=.o . .        |
|O*+*   .         |
|o=*o.            |
+----[SHA256]-----+
Pushing your public key to Cloud Shell...
Warning: Permanently added '[devshell-vm-a9c64968-bf2e-4360-8f78-6123bf694038.cloudshell.dev]:6000,[35.239.25.154]:6000' (RSA) to the list of known hosts.    `【35.239.25.154:6000】即为远程SSH的IP地址和端口号`

6、修改/etc/ssh/sshd_config里面的PasswordAuthentication为yes【这里默认为no】,开启远程SSH密码认证登录

hhhhhng@cloudshell:~$ sudo vim /etc/ssh/sshd_config 

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no

# Change to no to disable tunnelled clear text passwords
# NOTE: You can connect to Cloud Shell from your local terminal via
# `gcloud alpha cloud-shell ssh`
PasswordAuthentication yes      `修改为yes`

7、修改默认登录用户hhhhhng的密码,并重启sshd服务

hhhhhng@cloudshell:~$ sudo passwd hhhhhng 
Enter new UNIX password:     `输入密码`
Retype new UNIX password: 
passwd: password updated successfully
hhhhhng@cloudshell:~$ sudo /etc/init.d/ssh restart   `重启sshd服务`
/etc/ssh/sshd_config line 33: Deprecated option KeyRegenerationInterval
/etc/ssh/sshd_config line 34: Deprecated option ServerKeyBits
/etc/ssh/sshd_config line 45: Deprecated option RSAAuthentication
/etc/ssh/sshd_config line 52: Deprecated option RhostsRSAAuthentication
[....] Restarting OpenBSD Secure Shell server: sshd/etc/ssh/sshd_config line 33: Deprecated option KeyRegenerationInterval
/etc/ssh/sshd_config line 34: Deprecated option ServerKeyBits
/etc/ssh/sshd_config line 45: Deprecated option RSAAuthentication
/etc/ssh/sshd_config line 52: Deprecated option RhostsRSAAuthentication
.
hhhhhng@cloudshell:~$ 

8、通过Secure CRT远程登录GCP虚拟机,以下为通过ssh成功登录界面
通过Secure CRT终端远程登录Google Cloud Shell详细教程_第4张图片

你可能感兴趣的:(LINUX运维,linux,ssh,运维,服务器,debian)