I can not start a new ssh connection to VM 1 day after starting VM

What about your firewall rules? There may have firewall rules as OS side (ufw, iptables) as VPC network (ingress).

Usually I connect through IAP tunnel.

Provide more details.

After “gcloud compute ssh” command fail, system asked me to check connectivity. here is result

---- Checking network connectivity ----
Your source IP address is XXX.XXX.XXX.XXX

Network Connectivity Test Result: REACHABLE

------

---- Checking user permissions ----
User permissions: 0 issue(s) found.

---- Checking VPC settings ----
VPC settings: 0 issue(s) found.

---- Checking VM status ----
VM status: 0 issue(s) found.

---- Checking VM boot status ----
VM boot: 0 issue(s) found.
 

Hello @taku,

Did you try the following FAQ regarding the SSH connection?

The SSH service on the VM may have been stopped or restarted.
The SSH port on the VM may have been changed.
There may be a firewall rule blocking SSH or SCP traffic to the VM.
There may be a problem with your SSH client.

There may be a problem with your working directory file read and write permission specially when you try to work with SCP.  Make sure that there is no firewall blocking SSH or SCP traffic.

So you should Check the status of the SSH service on the VM

sudo service ssh status

If the SSH service is not running, start it by running the following command:

sudo service ssh start

Check the SSH port on the VM. You can do this by running the following command:

sudo netstat -an | grep ssh

The output of this command should show the port number that SSH is listening on. If the port number is not 22, you will need to update your SSH client to use the correct port number.

check your sshd_config file file for the use a password to access the SSH server:

use text editor such as nano or vimo to open sshd_config file: 

sudo nano /etc/ssh/sshd_config

In the file, find the PasswordAuthentication line and make sure it ends with yes.

Find the ChallengeResponseAuthentication option and disable it by adding no.

Restart the SSH service by typing the following command:

sudo systemctl restart sshd

If it is caused by file permission then you should try the following command to change the file permission.

First, open the sshd_config file using a text editor:

sudo nano /etc/ssh/sshd_config

in the file make sure the following options are set as follows:

PermitRootLogin no

PubkeyAuthentication yes

Comment out the GSSAPI-related options by adding the hash sign at the beginning of the line:

#GSSAPIAuthentication yes
#GSSAPICleanupCredentials no

Also, make sure the UsePAM line is set to yes

UsePAM yes

after Save the file and restart the sshd service:

systemctl restart sshd

Now check the home folder permissions:

ls -ld

If your owner permissions are not set to read, write, and execute drwx, use the chmod command to change them:

chmod 0700 /home/[your-username]

Then you can go to the .ssh folder and recheck the permissions:

ls -ld

now it show in screen drwx…..

also this directory should have read, write, and execute permissions for the file owner. So try to use chmod again

chmod 0700 /home/your_home/.ssh

The .ssh folder contains the authorized_keys file. Check its permissions with:

ls -ld authorized_keys

chmod 0600 /home/[username]/.ssh/authorized_keys

I hope above option will migh be help you to sort out your problem if it not then you cna check the following document.

• https://cloud.google.com/compute/docs/connect/standard-ssh
• https://cloud.google.com/compute/docs/connect/add-ssh-keys
• https://cloud.google.com/compute/docs/connect/add-ssh-keys

​