当前位置: 文江博客 话题详情

从VSCODE到Google Cloud VM的远程SSH通过IAP隧道

发布于 2025-01-28 03:13:17 字数 238 浏览 7 评论 0 原文

我将以下命令用于SSH到GCP VM。如何配置VSCODE使用这些设置?

gcloud beta compute ssh --zone "asia-south1-a" "jump-box" --tunnel-through-iap --project "Project Name"

(编辑注意:注意 - 尤其是Tunnel-through-iap

原文

I am using the below command for SSH to GCP VMs. How can I configure VSCode to use these settings?

gcloud beta compute ssh --zone "asia-south1-a" "jump-box" --tunnel-through-iap --project "Project Name"

(editor note: notice --tunnel-through-iap in particular)

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

短暂陪伴 2025-02-04 03:13:17

以下提供了一个教程:

简而言之,将添加到您的正常 gcloud Compute ssh 命令中,以查看GCLOUD在引擎盖下的工作。这些选项需要在您的VSCODE SSH配置文件中设置。

使用 -Tunnel-through-iap 时,您将看到一些 proxyCommand 调用gcloud.py, hostname hostKeyalias 将设置为实例ID(看起来像 Compute.123456789123456789 ),以及其他一些。

An archive of this page is available: https://web.archive.org/web/20220520113631/https://medium.com/@albert.brand/remote-to- a-vm over-iap-tunnel-with-vscode-f9fb54676153

The following provides a tutorial:
https://medium.com/@albert.brand/remote-to-a-vm-over-an-iap-tunnel-with-vscode-f9fb54676153 .

Briefly, add --dry-run to your normal gcloud compute ssh command to see what gcloud is doing under the hood. Those options need to get set in your VSCode SSH config file.

When using --tunnel-through-iap, you'll see a few ProxyCommand that invokes gcloud.py, and HostName and HostKeyAlias set to the instance ID (looks like compute.123456789123456789), as well as a few others.

An archive of this page is available: https://web.archive.org/web/20220520113631/https://medium.com/@albert.brand/remote-to-a-vm-over-an-iap-tunnel-with-vscode-f9fb54676153

回复 原文
西瓜 2025-02-04 03:13:17

给定标题,我猜您要做的是使用计算命令 https://code.visualstudio.com/docs/remote/ssh

我找不到直接使用它的方法

gcloud compute config-ssh --dry-run --project "Project Name"

= “ 项目中所有实例的SSH配置。

然后,我能够将我感兴趣的主机添加到我的VSCODE SSH Config(〜/.ssh/config 默认情况下)。这是这样的,但是我已经编辑了与我的项目相关的位。

Host INSTANCE-NAME.ZONE.PROJECT_NAME
    HostName IP
    IdentityFile /Users/USER/.ssh/google_compute_engine
    UserKnownHostsFile=/Users/USER/.ssh/google_compute_known_hosts
    HostKeyAlias=compute.ID
    IdentitiesOnly=yes
    CheckHostIP=no

您也可以省略 -Dry-Run 以自动添加条目。

Given the title I'm guessing what you're trying to do is use a compute ssh command for https://code.visualstudio.com/docs/remote/ssh

I couldn't find a way to use this directly, but a workaround that I found is to run:

gcloud compute config-ssh --dry-run --project "Project Name"

This will produce an SSH configuration for all the instances in your project.

I was then able to add the hosts I was interested to my vscode ssh config (~/.ssh/config by default). It'll be something like this, but I've redacted the bits related to my project.

Host INSTANCE-NAME.ZONE.PROJECT_NAME
    HostName IP
    IdentityFile /Users/USER/.ssh/google_compute_engine
    UserKnownHostsFile=/Users/USER/.ssh/google_compute_known_hosts
    HostKeyAlias=compute.ID
    IdentitiesOnly=yes
    CheckHostIP=no

You could also omit the --dry-run to automatically add the entries.

回复 原文
阳光的暖冬 2025-02-04 03:13:17

如果您在徒劳地寻找Windows解决方案时检查了这个问题,并且您不知道为什么VS代码中的OpenSSH会给您提供奥秘错误,例如 createProcessw失败尝试以下内容。

所有问题的短篇小说是Windows上Vscode中的Openssh在试图解析字符串的重大问题上。如下更详细的故障排除步骤。

如果使用默认设置在Windows上安装了GCLOUD工具,则它们可能已安装到 c:\ ... \ AppData \ Google Cloud \ ... 中。安装中的该空间导致 createProcessw 失败。转到设置 - >安装应用程序 - > Google Cloud SDK并卸载它。将其重新安装在 c:\ gcp 或其他没有空间的其他短文件夹中。

安装并重新启动终端并再次启动 gcloud auth登录,您可以运行

gcloud compute ssh [Instance] --project=[Project] --zone=[Zone] --tunnel-through-iap --dry-run

此操作将吐出类似的东西

C:\gcp\google-cloud-sdk\bin\sdk\putty.exe -t -i C:\Users\User\.ssh\google_compute_engine.ppk -proxycmd ""C:\\gcp\\google-cloud-sdk\\bin\\..\\platform\\bundledpython\\python.exe" "-S" "C:\\gcp\\google-cloud-sdk\\bin\\..\\lib\\gcloud.py" compute start-iap-tunnel "[Instance]" "%port" --listen-on-stdin --project=[Project] --zone=[Zone] --verbosity=warning" [email protected]

,以创建一个字符串,VSCODE实际上可以与OpenSSH的字符串解析一起使用。将看起来像这样的东西转动:

ssh -t -i C:\Users\User\.ssh\google_compute_engine -o ProxyCommand="C:/gcp/google-cloud-sdk/platform/bundledpython/python.exe -S C:/gcp/google-cloud-sdk/lib/gcloud.py compute start-iap-tunnel [Instance] 22 --listen-on-stdin --project=[Project] --zone=[Zone] --verbosity=warning" [email protected]

很可能没有所有转换就可以到达那里,但是根据我的经验,vscode上的openssh会给您带来无用的错误,例如主机名不能包含字符“ 因为字符串解析逻辑认为最终“是。将字符串转换为该形状使其可以与Vscode中的Openssh一起使用。也就是说,连接字符串可以在终端中工作,但由于未知VSCODE特定原因,VSCODE仍将失败。

在PowerShell中测试您的字符串,它应通过IAP连接到VM。

现在,转到VSCODE连接到远程主机,然后“添加新的SSH主机”,然后将更改的字符串粘贴到其中,以将其添加到SSH配置中。只是想使用
即使是“连接到主机”中的那个字符串也会失败,但是“添加新的SSH主机”最终将正确解析。

然后再次从远程SSH按钮通过连接到主机,这次选择刚刚添加的“ Compute.numbers”条目。 VSCODE应最终连接。

If you are checking this question in looking in vain for a Windows solution and you don't know why OpenSSH in VS code is giving you arcane errors like CreateProcessW failed try the following.

The short story for all of the problems is just that OpenSSH in VSCode on Windows has significant issues attempting to parse strings. More detailed troubleshooting steps follow.

If you have installed gcloud tools on Windows using default settings, then they have likely installed into C:\...\AppData\Google Cloud\.... That space in the install causes the CreateProcessW failure. Go to settings -> Installed Apps -> Google Cloud SDK and uninstall it. Reinstall it in C:\gcp or some other short folder without a space.

After you've installed and restarted your terminal and ran gcloud auth login again, you can run

gcloud compute ssh [Instance] --project=[Project] --zone=[Zone] --tunnel-through-iap --dry-run

This will spit out something like

C:\gcp\google-cloud-sdk\bin\sdk\putty.exe -t -i C:\Users\User\.ssh\google_compute_engine.ppk -proxycmd ""C:\\gcp\\google-cloud-sdk\\bin\\..\\platform\\bundledpython\\python.exe" "-S" "C:\\gcp\\google-cloud-sdk\\bin\\..\\lib\\gcloud.py" compute start-iap-tunnel "[Instance]" "%port" --listen-on-stdin --project=[Project] --zone=[Zone] --verbosity=warning" [email protected]

Now to create a string that VSCode can actually use with OpenSSH's string parsing. Turn that int something that looks like this:

ssh -t -i C:\Users\User\.ssh\google_compute_engine -o ProxyCommand="C:/gcp/google-cloud-sdk/platform/bundledpython/python.exe -S C:/gcp/google-cloud-sdk/lib/gcloud.py compute start-iap-tunnel [Instance] 22 --listen-on-stdin --project=[Project] --zone=[Zone] --verbosity=warning" [email protected]

It may very well be possible to get there without all of the transformations, but in my experience, OpenSSH on VSCode will give you unhelpful errors like host name cannot contain the character " because the string parse logic believes the final " is somehow part of the [email protected]. Transforming the string into that shape allows it to work with OpenSSH in VSCode. Namely the connection string can work in terminal, but will still fail in VSCode for unknown VSCode specific reasons.

Test your string in powershell, it should connect to the VM through IAP.

Now go to VSCode connect to remote host and then "Add New SSH Host" then paste your changed string into that to add it to the ssh config. Just trying to use
even that string in the "Connect to Host" will fail, but "Add New SSH Host" will finally parse it correctly.

Then go through the Connect to Host from the Remote-SSH button again and this time select the "compute.numbers" entry that was just added. VSCode should connect finally.

回复 原文
~没有更多了~

关于作者

提笔书几行

暂无简介

文章
评论
27 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

yuanzihao09

文章 0 评论 0

1337793151

文章 0 评论 0

横笛休吹塞上声

文章 0 评论 0

你在我安

文章 0 评论 0

qq_QhAHT0kB

文章 0 评论 0

aaaa123451

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文