问题
I logged in to my GCE VM instance (Debian) and installed ufw and enabled it.
However, I forgot to enable port 22. Is there another way to log in so that I can enable port 22 without having to destroy the instance?
回答1:
No, the only way to access to the instance is through SSH.
You can enable the port 22 using a startup script like the following one:
#!/bin/bash
/usr/sbin/ufw allow 22/tcp
Then, you can add this startup script to your instance either using the Developers Console and pasting the code in the custom metadata section or using the cloud SDK with the command:
gcloud compute instances add-metadata <INSTANCE NAME> --metadata-from-file startup-script=<PATH TO SCRIPT> --project <PROJECT ID>
This script will be executed as root every time the instance boots up or reboots so you'll need to restart your instance and you can remove the script once you have achieved your goal with:
gcloud compute instances remove-metadata <INSTANCE NAME> --keys startup-script --project <PROJECT ID>
You have more information about startup scripts in the documentation.
来源:https://stackoverflow.com/questions/28759251/google-compute-engine-alternative-log-in-to-vm-instance-if-ssh-port-is-disable