On this page, you can find an explanation of how to connect to the Linux Virtual Machine created in the Cloud Console using the SSH Protocol
In this article we will assume, that we have already created the following resources, that refer to the Project named Test-Project that was created in the Organization named Test-Organization:
For more information about creating and configuring these resources, see the following articles: SSH Keys, Virtual Machines.
By default, all created Virtual Machines belong to the default Firewall, which allows access to the Internet from the VM, but denies almost all access on the VM from outside, except for objects belonging to the same default Firewall. Thus, using only the default Firewall, we cannot connect to the selected Virtual Machine remotely via SSH.
Default Firewall allows all outbound traffic and controls the inbound traffic that’s allowed to reach the VMs that are associated with the default Firewall too.
There are two ways how to resolve this:
To create new Firewall do the following:
After these steps, the newly created Firewall will be added to the Firewalls page.
As a next step, we need to add an additional Firewall with a rule that will allow incoming traffic to TCP port 22 on the Virtual Machines.
To add the described above rule to the newly created Firewall do the following:
This newly added rule will allow access to the TCP port 22 on the all VMs in the created Firewall over the public Internet, but if you want to allow access only on the one selected VM, you need to specify IP of this VM / 32 in the field named Remote IP prefix - example is shown below:
After this wee need to add this configured Firewall to our Virtual Machine.
To add this newly created Firewall to our Virtual Machine, do the following:
After these steps, the newly added Firewall will be added to the selected VM:
This is the first option, how we can configure the Firewall for SSH access - by creating a new one with the required rule. But we can just add this rule to the default Firewall that is already assigned to our VM, and these changes will automatically be applied to the VMs.
You can add and remove rules at any time. Your changes are automatically applied to the VMs that are associated with the corresponding Firewall.
To add required rule to the default Firewall you need to do next:
open the Firewalls page - for this select the Security from the VIRTUAL DATACENTER block and click on the FIREWALL TAB:
open the Firewall Rules page of the default Firewall- for this click on the Name of the corresponding Firewall:
on the Firewall Rules page click on the CREATE FIREWALL RULE icon in the upper left corner;
fill in the form on the next opened Create Firewall Rule window as shown below and click on the CREATE icon:
And that’s all, this newly created Firewall Rule will be automatically applied to all Virtual Machine that were attached with this default Firewall.
Since we have the public key deployed on our Linux VM, the private key on our local system (for example ~/.ssh/id_rsa) and a Firewall configured to allow incoming traffic on port 22, we can connect to this Virtual Machine remotely from our local server via SSH, just use the next command:
ssh -i ~/.ssh/id_rsa firstname.lastname@example.org
The default usernames for various Linux distributions are as follows:
Debian - “debian”;
Fedora - “fedora”;
Fedora CoreOS - “core”;
CentOS 7, CentOS 8 - “centos”;
CentOS 9 and later versions - “cloud-user”.
In the case of Windows, the default username is set as “ventus”.
Replace username and 10.11.22.333 in the command with your data and specify the appropriate path to your private key. In our example, the command will look like this:
sudo ssh -i ~/.ssh/id_rsa email@example.com
After successfully connecting, you can check your internet access and try pinging google.com: