Connect to your Google Cloud Compute Engine

Configuring SSH and file transfers in Google Cloud

So you've taken a leap and decided to host your VPS on Google Cloud: let me be the first to congratulate you on joining the clearly superior cloud platform of our modern era. I would apologize for being so openly opinionated, but so far I've only stated objective facts.

Now that you've joined the club, you may have found yourself asking the inevitable: "how do I connect to my damn instance?" If you're like me, you're probably not the kind of person who enjoys this as their main solution:

Google Cloud's in-browser terminal.

Luckily for us, there are a few ways to interact with your Compute Engine. Let's take a look at all of them.

Set up the gcloud CLI

In order to SSH natively, we need to install the gcloud CLI on our machine. Mac users can download this here, and Windows users can download from here. Clicking the downloaded file will extract the package. With your package extracted, run the install script install.sh (or install.bat for Windows) to start the installation:

$ ~/Downloads/google-cloud-sdk/install.sh
Welcome to the Google Cloud SDK!

To help improve the quality of this product, we collect anonymized usage data
and anonymized stacktraces when crashes are encountered; additional information
is available at <https://cloud.google.com/sdk/usage-statistics>. You may choose
to opt out of this collection now (by choosing 'N' at the below prompt), or at
any time in the future by running the following command:

    gcloud config set disable_usage_reporting true

Do you want to help improve the Google Cloud SDK (Y/n)?

Continuing the script will list the 'components' gcloud can install on your local machine, where each component is a Google Cloud product:

Your current Cloud SDK version is: 214.0.0
The latest available version is: 214.0.0

┌─────────────────────────────────────────────────────────────────────────────────────────────────────────────┐
│                                                  Components                                                 │
├───────────────┬──────────────────────────────────────────────────────┬──────────────────────────┬───────────┤
│     Status    │                         Name                         │            ID            │    Size   │
├───────────────┼──────────────────────────────────────────────────────┼──────────────────────────┼───────────┤
│ Not Installed │ App Engine Go Extensions                             │ app-engine-go            │ 152.8 MiB │
│ Not Installed │ Cloud Bigtable Command Line Tool                     │ cbt                      │   6.3 MiB │
│ Not Installed │ Cloud Bigtable Emulator                              │ bigtable                 │   4.3 MiB │
│ Not Installed │ Cloud Datalab Command Line Tool                      │ datalab                  │   < 1 MiB │
│ Not Installed │ Cloud Datastore Emulator                             │ cloud-datastore-emulator │  17.7 MiB │
│ Not Installed │ Cloud Datastore Emulator (Legacy)                    │ gcd-emulator             │  38.1 MiB │
│ Not Installed │ Cloud Pub/Sub Emulator                               │ pubsub-emulator          │  33.4 MiB │
│ Not Installed │ Cloud SQL Proxy                                      │ cloud_sql_proxy          │   2.5 MiB │
│ Not Installed │ Emulator Reverse Proxy                               │ emulator-reverse-proxy   │  14.5 MiB │
│ Not Installed │ Google Cloud Build Local Builder                     │ cloud-build-local        │   4.4 MiB │
│ Not Installed │ Google Container Local Builder                       │ container-builder-local  │   4.4 MiB │
│ Not Installed │ Google Container Registry's Docker credential helper │ docker-credential-gcr    │   1.8 MiB │
│ Not Installed │ gcloud Alpha Commands                                │ alpha                    │   < 1 MiB │
│ Not Installed │ gcloud Beta Commands                                 │ beta                     │   < 1 MiB │
│ Not Installed │ gcloud app Java Extensions                           │ app-engine-java          │ 118.6 MiB │
│ Not Installed │ gcloud app PHP Extensions                            │ app-engine-php           │  21.9 MiB │
│ Not Installed │ gcloud app Python Extensions                         │ app-engine-python        │   6.2 MiB │
│ Not Installed │ gcloud app Python Extensions (Extra Libraries)       │ app-engine-python-extras │  28.5 MiB │
│ Not Installed │ kubectl                                              │ kubectl                  │   < 1 MiB │
│ Installed     │ BigQuery Command Line Tool                           │ bq                       │   < 1 MiB │
│ Installed     │ Cloud SDK Core Libraries                             │ core                     │   8.3 MiB │
│ Installed     │ Cloud Storage Command Line Tool                      │ gsutil                   │   3.6 MiB │
└───────────────┴──────────────────────────────────────────────────────┴──────────────────────────┴───────────┘
To install or remove components at your current SDK version [214.0.0], run:
  $ gcloud components install COMPONENT_ID
  $ gcloud components remove COMPONENT_ID

To update your SDK installation to the latest version [214.0.0], run:
  $ gcloud components update


Modify profile to update your $PATH and enable shell command
completion?

Do you want to continue (Y/n)?

Once installed, run gcloud init in your terminal. This will prompt you to login:

To continue, you must log in. Would you like to log in (Y/n)?

Pressing 'Y' will prompt a simple browser window from which you can authenticate with Google by simply selecting your Google account, as though we were using any other app with Google OAuth authentication. That's correct: you don't even need to go through the trouble of typing a password, assuming you've logged in to your Google account before (I'm guessing you have).

2ez authentication.

Next, the terminal will prompt to specify which of your projects to use. Select the project which contains your instance by entering the number seen in the resulting list:

Pick cloud project to use:
 [1] [my-project-1]
 [2] [my-project-2]
 ...
 Please enter your numeric choice:

Now you're in the clear to go nuts with the gcloud CLI:

gcloud has now been configured!
You can use [gcloud config] to change more gcloud settings.

Your active configuration is: [default]

SSH via a Native Terminal

Ugh, so now we need to go through the process of creating public and private keys etc to SSH into our instance, right? Wrong: gcloud is so mo effin' dope that there's a one-line command which will actually do this for you:

$ gcloud compute config-ssh

You should now be able to use ssh/scp with your instances.
For example, try running:

  $ ssh instancename.region-b.projectname-173869

But there's no way it's that easy, right?

$ gcloud compute ssh instancename
Enter passphrase for key '/Users/username/.ssh/google_compute_engine':

Welcome to Ubuntu 16.04.4 LTS (GNU/Linux 4.15.0-1018-gcp x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

30 packages can be updated.
0 updates are security updates.

It really is that easy. For as long as you use your local machine, you will only ever need to used the command gcloud compute ssh instancename to connect to your instance.

Get and Put Files

You might be thinking that the next order of business would be to config SFTP in order to manage files on your instance. Believe it or not, there's a simpler way.

Downloading Files from your Instance

gcloud comes with a built-in tool to download and upload files to your instance via the CLI. To download files from your server, check out this one-liner:

gcloud compute scp [LOCAL_FILE_PATH] [INSTANCE_NAME]:~/path/to/file/on/server

Uploading Files to your Instance

The same command can be reversed to upload as well:

gcloud compute scp --recurse [INSTANCE_NAME]:[REMOTE_DIR] [LOCAL_DIR]

Other Methods

When we begin to look into other methods of interacting with our Computer Engine instance, the general youth of GCP becomes apparent.

At the time of writing, Google's own documentation lacks information on how to connect via SFTP, as the only mention of SFTP is this broken anchor link. Google also provides a RDP Chrome add-on specifically for connecting to Compute instances, but my own attempts have shown this to be broken as well:

Why can't I click on you?!?!

Despite these setbacks, the combination of SSH and getting/putting files should be more than enough to satisfy anybody's needs for now. Google Cloud Platform is only getting better with time, and is doing so at a pace which scare other providers.

Author image
New York City Website
Product manager turned engineer with an ongoing identity crisis. Breaks everything before learning best practices. Completely normal and emotionally stable.

Product manager turned engineer with an ongoing identity crisis. Breaks everything before learning best practices. Completely normal and emotionally stable.