How to ssh a gce VM from another gce VM

I've created two GCE VMs.
storm1:10.128.0.4
storm2:10.128.0.5

Now I want to ssh storm1 on storm2.

When ssh 10.128.0.5 on storm1, I got info Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

What're the steps to achieve this? or some tutorials?

Previously, I've known how to ssh a linux VM from my local computer.

Step1: Apply a OpenSSH public key to your GCP Console project or instance
(Refer to: Adding or removing project-wide public SSH keys)
- For example, using Putty Key Generator to generate OpenSSH public/private pair keys.
- Add the generated OpenSSH public key to SSH keys (not Metadata) in GCP console.
Step2: Copy the OpenSSH private key file to ~/.ssh folder of VM storm1.
Step3: In a terminal of VM storm1, use the ssh command and your OpenSSH private key file to connect to your instance VM storm2.
ssh -i [PATH_TO_PRIVATE_KEY] [USERNAME]@[INTERNAL_IP_ADDRESS]
(Refer to: Connecting using third-party tools)

Tips:

Tips1: If you want to use ssh 10.128.0.5 directly, not specifying the OpenSSH private key file, you can change the name of OpenSSH private key file to id_rsa.
Tips2: Identity Putty public key and OpenSSH public key, Putty private key and OpenSSH private key.
Tip3: In my opinion, the Step1 will result in adding the OpenSSH public key to ~/.ssh/authorized_keys file of all VMs in the GCP project.

来源：https://stackoverflow.com/questions/47905905/how-to-ssh-a-gce-vm-from-another-gce-vm

标签