Create SSH keys  |  Compute Engine Documentation  |  Google Cloud (2024)

Table of Contents
Before you begin Console gcloud REST Create an SSH key pair Linux and macOS Windows 10 or later Windows 8 or earlier What's next? FAQs
  • Home
  • Docs
  • Compute Engine
  • Documentation
  • Guides
Stay organized with collections Save and categorize content based on your preferences.

Linux Windows

This document describes how to create an SSH key pair for Compute Enginevirtual machine (VM) instances.

Before you begin

  • If you haven't already, set up authentication. Authentication is the process by which your identity is verified for access to Google Cloud services and APIs. To run code or samples from a local development environment, you can authenticate to Compute Engine as follows.

    Select the tab for how you plan to use the samples on this page:

    Console

    When you use the Google Cloud console to access Google Cloud services and APIs, you don't need to set up authentication.

    gcloud

    1. Install the Google Cloud CLI, then initialize it by running the following command: 

      gcloud init
    2. Set a default region and zone.

    REST

    To use the REST API samples on this page in a local development environment, you use the credentials you provide to the gcloud CLI.

      Install the Google Cloud CLI, then initialize it by running the following command: 

      gcloud init

Create an SSH key pair

If you connect to VMs using the Google Cloud console or theGoogle Cloud CLI, Compute Engine creates SSH keys on your behalf. Formore information on how Compute Engine configures and stores keys, seeAbout SSH connections.

If you connect to VMs using third party tools or OpenSSH, you need toadd a key to your VM before you can connect. If you don't have an SSH key,you must create one. VMs accept the key formats listed in the sshd_configfile.

Linux and macOS

On Linux and macOS workstations, use thessh-keygen utility to create a new SSH key pair. The following example creates an RSA key pair.

Open a terminal and use the ssh-keygen command with the -C flag tocreate a new SSH key pair.

See Also
Comparing SSH Keys - RSA, DSA, ECDSA, or EdDSA?How to Use Public Key Authentication with SSH {Step-by-Step Guide}How to use PuTTY for SSH key-based authentication | TechTargetUsing ssh-keygen and sharing for key-based authentication in Linux

ssh-keygen -t rsa -f ~/.ssh/KEY_FILENAME -C USERNAME -b 2048

Replace the following:

  • KEY_FILENAME: the name for your SSH key file.

    For example, a filename of my-ssh-key generates a private key file namedmy-ssh-key and a public key file named my-ssh-key.pub.

  • USERNAME: your username on the VM. For example,cloudysanfrancisco, or cloudysanfrancisco_gmail_com.

    For Linux VMs, the USERNAME can't be root,unless you configure your VM to allow root login. For more information,see Connect to VMs as the root user.

    For Windows VMs that use Active Directory (AD), the username must beprepended with the AD domain, in the format ofDOMAIN\. For example, the usercloudysanfrancisco within the ad.example.com AD has aUSERNAME of example\cloudysanfrancisco.

ssh-keygen saves your private key file to~/.ssh/KEY_FILENAME and your public key file to~/.ssh/KEY_FILENAME.pub.

A public key for the user cloudysanfrancisco looks similar to thefollowing:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAu5kKQCPF... cloudysanfrancisco

Windows 10 or later

On workstations with Windows version 10 or later, use thessh-keygen utility to create a new SSH key pair. The following example creates an RSA key pair.

Open Command Prompt and use the ssh-keygen command with the -C flag tocreate a new SSH key pair.

ssh-keygen -t rsa -f C:\Users\WINDOWS_USER\.ssh\KEY_FILENAME -C USERNAME -b 2048

Replace the following:

  • WINDOWS_USER: your username on the Windowsmachine.

  • KEY_FILENAME: the name for your SSH key file.

    For example, a filename of my-ssh-key generates a private key file namedmy-ssh-key and a public key file named my-ssh-key.pub.

  • USERNAME: your username on the VM. For example,cloudysanfrancisco, or cloudysanfrancisco_gmail_com.

    For Linux VMs, the USERNAME can't be root,unless you configure your VM to allow root login. For more information,see Connect to VMs as the root user.

    See Also
    What is an SSH Key? An Overview of SSH Keys

    For Windows VMs that use Active Directory (AD), the username must beprepended with the AD domain, in the format ofDOMAIN\. For example, the usercloudysanfrancisco within the ad.example.com AD has aUSERNAME of example\cloudysanfrancisco.

ssh-keygen saves your private key file toC:\Users\WINDOWS_USER\.ssh\KEY_FILENAMEand your public key file toC:\Users\WINDOWS_USER\.ssh\KEY_FILENAME.pub.

A public key for the user cloudysanfrancisco looks similar to thefollowing:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAu5kKQCPF... cloudysanfrancisco

Windows 8 or earlier

On workstations with Windows version 8 or earlier, use the PuTTYgen tool tocreate a new SSH key pair. The following example creates an RSA key pair.

  1. Download puttygen.exe if you haven't already.

  2. Open PuTTYgen.

  3. Under Parameters specify the following:

    • Type of key to generate: RSA
    • Number of bits in a generated key: 2048 or more

  4. Click Generate and follow the on-screen instructions.

    The tool displays the public key value.

  5. In the Key comment section, replace the pre-populated text with yourusername. For example, cloudysanfrancisco, orcloudysanfrancisco_gmail_com.

    For Linux VMs, the Key comment can't be root, unless you configureyour VM to allow root login. For more information,see Connect to VMs as the root user.

    For Windows VMs that use Active Directory (AD), the Key comment mustbe prepended with the AD domain, in the format ofDOMAIN\. For example, the usercloudysanfrancisco within the ad.example.com AD has a Key commentof example\cloudysanfrancisco.

  6. Optional: enter a Key passphrase to password-protect your key.

  7. Click Save private key to choose a location to save the private keyto.

    PuTTYgen writes the private key to a file with a .ppk extension.

  8. Click Save public key to choose a location to save your public keyto. Keep the PuTTYgen window open.

  9. Copy the text from the Public key for pasting into OpenSSHauthorized_keys file field.

  10. Open the public key file. The public key has a format similar to thefollowing:

    ---- BEGIN SSH2 PUBLIC KEY ----Comment: "USERNAME"KEY_VALUE---- END SSH2 PUBLIC KEY ----

  11. Replace the entire contents of the public key file with the value youcopied from the Public key for pasting into OpenSSH authorized_keysfile field, so that your public key file matches the following format:

    KEY_VALUE USERNAME

A public key for the user cloudysanfrancisco looks similar to thefollowing:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAu5kKQCPF... cloudysanfrancisco

What's next?

  • Learn how to Add SSH keys to VMs
  • Learn About SSH connections work onCompute Engine

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2023-12-21 UTC.

As a seasoned expert in cloud computing and Google Cloud Platform (GCP), I bring a wealth of experience and knowledge to guide you through the intricacies of creating SSH key pairs for Compute Engine virtual machine (VM) instances. I've worked extensively with GCP, and my proficiency is underscored by practical insights and hands-on expertise.

Let's delve into the essential concepts outlined in the provided article:

  1. Authentication and Setup:

    • Before creating an SSH key pair, the article emphasizes the importance of authentication. This process verifies your identity for accessing Google Cloud services and APIs.
    • Various methods for authentication are outlined, including using the Google Cloud console, the gcloud CLI, and the REST API samples.

  2. Creating SSH Key Pair:

    • The article provides detailed instructions for creating SSH key pairs for both Linux/macOS and Windows environments.

  3. Linux and macOS:

    • For Linux and macOS, the ssh-keygen utility is employed to generate an RSA key pair.
    • The command includes options for specifying the key filename, username, and key length.

  4. Windows 10 or Later:

    • On Windows 10 or later, the ssh-keygen utility is also used to create an RSA key pair.
    • The article provides a Command Prompt example with options for the key filename, Windows username, and key length.

  5. Windows 8 or Earlier:

    • For Windows 8 or earlier, the PuTTYgen tool is recommended for creating an RSA key pair.
    • The article provides step-by-step instructions, including specifying key parameters, generating the key, and saving both private and public key files.

  6. Key Formats and Comments:

    • The article highlights the accepted key formats and emphasizes the importance of including a username or key comment.
    • Special considerations are mentioned for Linux VMs, where the username or key comment can't be root unless configured otherwise.

  7. Next Steps:

    • The article concludes by guiding users on what to do next, directing them to learn how to add SSH keys to VMs and providing additional resources on SSH connections in Compute Engine.

In summary, this article serves as a comprehensive guide for users, ranging from authentication setup to the creation of SSH key pairs on different platforms. The instructions are clear, and the content reflects a deep understanding of the intricacies involved in securing VM instances on Google Cloud Platform. If you have any specific questions or need further clarification on any aspect, feel free to ask.

Create SSH keys  |  Compute Engine Documentation  |  Google Cloud (2024)

FAQs

How to create SSH keys for gcp vm? ›

To add a public SSH key to instance metadata using the Google Cloud console, do the following:
  1. In the Google Cloud console, go to the VM instances page. ...
  2. Click the name of the VM that you want to add an SSH key for.
  3. Click Edit.
  4. Under SSH Keys, click Add item.
  5. Add your public key into the text box. ...
  6. Click Save.

Read On
How to generate a new SSH key? ›

Generate an SSH Key Pair
  1. Run the ssh-keygen command. You can use the -t option to specify the type of key to create. ...
  2. The command prompts you to enter the path to the file in which you want to save the key. ...
  3. The command prompts you to enter a passphrase. ...
  4. When prompted, enter the passphrase again to confirm it.

Discover More Details
How to connect Google Cloud SSH? ›

Connect to a VM using SSH by running the gcloud compute ssh command:
  1. In the Google Cloud console, activate Cloud Shell. Activate Cloud Shell. ...
  2. Run the following command: gcloud compute ssh --project= PROJECT_ID --zone= ZONE VM_NAME.

Continue Reading
How do I get a private key for Google cloud? ›

Log in to your Google account and open the applicable Google project. Select to generate a private key. Save the private key file to a local drive, and select either the P12 format or JSON format.

See Details
How do I create a GCP key? ›

  1. In the Google Cloud console, go to the Service accounts page. Go to Service accounts. ...
  2. Select a project.
  3. Click the email address of the service account that you want to create a key for.
  4. Click the Keys tab.
  5. Click the Add key drop-down menu, then select Create new key.
  6. Select JSON as the Key type and click Create.

Find Out More
How to generate SSH key on remote machine? ›

To generate an SSH key on your Linux server, run the command ssh-keygen . The command can take flags if you would like to customize the type of key that is generated and the signing algorithms that are used to generate the key. This example generates a standard 2048-bit RSA key without a passphrase.

Tell Me More
How to access VM using SSH key? ›

Configuring a VM for SSH access
  1. Verify that port 22 is open on the VM operating system firewall.
  2. Install and run an SSH server. Example: OpenSSH on an Ubuntu VM. Install open SSH: sudo apt-get install openssh-server. Confirm that SSH daemon ( sshd ) is running: ps -aef | grep sshd. Try to connect: ssh localhost.

Show Me More
How to SSH into Google Cloud VM VSCode? ›

To connect to the VM instance in your IDE with Cloud Code using the built-in IDE terminal and SSH, follow these steps: To connect to a VM instance, in the Compute Engine explorer, hold the pointer over the VM instance and click terminal Open SSH or right-click the VM instance and select Open SSH.

Explore More
How do I connect to a cloud server using SSH? ›

Let's walk through the steps of logging in to a cloud server network via SSH cloud on a Windows system.
  1. Step 1: Choose an SSH Client. On your Windows system, you'll need SSH client software. ...
  2. Step 2: Launch SSH Client. ...
  3. Step 3: Successfully Log in to the Cloud Server.

Continue Reading
How to setup SSH on VM? ›

To configure a VM for SSH access
  1. Verify that port 22 is open on the VM operating system firewall.
  2. Install and run an SSH server. Example: OpenSSH on an Ubuntu VM. Install open SSH: sudo apt-get install openssh-server. Confirm that SSH daemon ( sshd ) is running: ps -aef | grep sshd. Try to connect: ssh localhost.

Show Me More

How do I create a GCP API key? ›

Setting up API keys
  1. Go to the API Console.
  2. From the projects list, select a project or create a new one.
  3. If the APIs & services page isn't already open, open the left side menu and select APIs & services.
  4. On the left, choose Credentials.
  5. Click Create credentials and then select API key.

Read The Full Story
How to generate SSH key in OCI? ›

1) Open a shell or terminal for entering the commands. 2) At the prompt, enter ssh-keygen and provide a name and passphrase when prompted. The keys will be created with the default values: RSA keys of 2048 bits.

See Details
How to create SSH deploy key? ›

Set up deploy keys
  1. Run the ssh-keygen procedure on your server, and remember where you save the generated public and private rsa key pair.
  2. On GitHub.com, navigate to the main page of the repository.
  3. Under your repository name, click Settings. ...
  4. In the sidebar, click Deploy Keys.
  5. Click Add deploy key.

Get More Info Here
Top Articles
How Many Hard Inquiries Is Too Many?
How Long Does it Take To Get 700 Credit Score From 500?
Instructional Resources
Online Reading Resources for Students & Teachers | Raz-Kids
Martha's Vineyard Ferry Schedules 2024
Google Jobs Denver
Geodis Logistic Joliet/Topco
Free Robux Without Downloading Apps
Best Cav Commanders Rok
Infinite Campus Parent Portal Hall County
A.e.a.o.n.m.s
Hillside Funeral Home Washington Nc Obituaries
Cnnfn.com Markets
Craigslist Edmond Oklahoma
Louisiana Sportsman Classifieds Guns
Mikayla Campinos Laek: The Rising Star Of Social Media
Evil Dead Rise - Everything You Need To Know
Dover Nh Power Outage
The best firm mattress 2024, approved by sleep experts
Laveen Modern Dentistry And Orthodontics Laveen Village Az
U Of Arizona Phonebook
Craigslistodessa
Best Boston Pizza Places
How To Find Free Stuff On Craigslist San Diego | Tips, Popular Items, Safety Precautions | RoamBliss
Meet the Characters of Disney’s ‘Moana’
Nearest Ups Ground Drop Off
Bayard Martensen
Allegheny Clinic Primary Care North
Fedex Walgreens Pickup Times
Chase Bank Cerca De Mí
Sedano's Supermarkets Expands to Orlando - Sedano's Supermarkets
Exploring TrippleThePotatoes: A Popular Game - Unblocked Hub
Lucky Larry's Latina's
Mp4Mania.net1
Retire Early Wsbtv.com Free Book
Frcp 47
Wsbtv Fish And Game Report
Sunrise Garden Beach Resort - Select Hurghada günstig buchen | billareisen.at
Dogs Craiglist
Devon Lannigan Obituary
Clausen's Car Wash
How Big Is 776 000 Acres On A Map
Cabarrus County School Calendar 2024
Streameast Io Soccer
Craigslist Pet Phoenix
Maplestar Kemono
Wpne Tv Schedule
Dineren en overnachten in Boutique Hotel The Church in Arnhem - Priya Loves Food & Travel
What Time Do Papa John's Pizza Close
Latest Posts
The 5 reasons why your credit score might suddenly drop
Applying for Credit Cards - The Rules for Each Bank [Limits, Bonus Eligibility & More]
Article information

Author: Terrell Hackett

Last Updated:

Views: 5416

Rating: 4.1 / 5 (52 voted)

Reviews: 83% of readers found this page helpful

Author information

Name: Terrell Hackett

Birthday: 1992-03-17

Address: Suite 453 459 Gibson Squares, East Adriane, AK 71925-5692

Phone: +21811810803470

Job: Chief Representative

Hobby: Board games, Rock climbing, Ghost hunting, Origami, Kabaddi, Mushroom hunting, Gaming

Introduction: My name is Terrell Hackett, I am a gleaming, brainy, courageous, helpful, healthy, cooperative, graceful person who loves writing and wants to share my knowledge and understanding with you.