FabianVolkers
commented
4 years ago Problem
This issue appears when installing and configuring a firewall like ufw on your server without allowing ssh access through the firewall. If this happens you have locked yourself out of your server, but don't worry. You are not the first person to do so and Google has a way for you to regain access to your virtual machine. What we will do is reboot our machine and temporarily disable the firewall so we can change its configuration. Afterwards we enable the firewall again.
Solution
-
In the google cloud platform, go to Compute Engine > VM Instances
-
Then click on the name of the instance with the firewall issue, you should see details about the instance.
-
Click “edit” and scroll down to “custom metadata”
-
Here we add the key ‘startup-script’ with the value
#! /bin/bash /usr/sbin/ufw disable
-
Click ‘save’ at the bottom on the page. Go back to your VM Instances overview and restart the instance.
-
Once the machine restarted you should be able to use ssh to access it again.
-
Now you can fix your firewall config with
sudo ufw allow ssh -
reenable the firewall with
sudo ufw enable -
Before you lock yourself out again it is always a good idea to check if everything is configured the way you want;. To do this, run
sudo ufw status -
If both Nginx http and ssh (22/tcp) are allowed through the firewall, your firewall is configured properly.
-
One important last step is to remove the startup script again after having changed the configuration successfully. Otherwise we would turn off the firewall on every restart, thereby defeating it’s purpose.
Connection Failed We are unable to connect to the VM on port 22