Suddenly SSH on all google cloud computing instance is stopped - I can't get it fixed

ssh ubuntu google-compute-engine google-cloud-platform

I am passing a very hard time connecting VM instances on google cloud. Everything was fine, suddenly the VM is refused to connect, I can't get it to be fixed.

I have run this command in cloud shell :

gcloud beta compute ssh ceunix-ubuntu-server-instance -- -vvv

and get the following message:

Welcome to Cloud Shell! Type "help" to get started.
Your Cloud Platform project in this session is set to ceunix-wordpress-316703.
Use “gcloud config set project [PROJECT_ID]” to change to a different project.
ceunixcorporation@cloudshell:~ (ceunix-wordpress-316703)$ gcloud beta compute ssh ceunix-ubuntu-server-instance -- -vvv
Did you mean zone [asia-southeast1-b] for instance:
[ceunix-ubuntu-server-instance] (Y/n)?  n

No zone specified. Using zone [us-central1-a] for instance: [ceunix-ubuntu-server-instance].
Writing 3 keys to /home/ceunixcorporation/.ssh/google_compute_known_hosts
Updating project ssh metadata...⠶Updated [https://www.googleapis.com/compute/beta/projects/ceunix-wordpress-316703].
Updating project ssh metadata...done.
Waiting for SSH key to propagate.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:PIrntDXiIhagDRyAki+F9hgNMxtXDhbAUy2A+VsffSE.
Please contact your system administrator.
Add correct host key in /home/ceunixcorporation/.ssh/google_compute_known_hosts to get rid of this message.
Offending RSA key in /home/ceunixcorporation/.ssh/google_compute_known_hosts:3
  remove with:
  ssh-keygen -f "/home/ceunixcorporation/.ssh/google_compute_known_hosts" -R "compute.906058796356615757"
ECDSA host key for compute.906058796356615757 has changed and you have requested strict checking.
Host key verification failed.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:PIrntDXiIhagDRyAki+F9hgNMxtXDhbAUy2A+VsffSE.
Please contact your system administrator.
Add correct host key in /home/ceunixcorporation/.ssh/google_compute_known_hosts to get rid of this message.
Offending RSA key in /home/ceunixcorporation/.ssh/google_compute_known_hosts:3
  remove with:
  ssh-keygen -f "/home/ceunixcorporation/.ssh/google_compute_known_hosts" -R "compute.906058796356615757"
ECDSA host key for compute.906058796356615757 has changed and you have requested strict checking.
Host key verification failed.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:PIrntDXiIhagDRyAki+F9hgNMxtXDhbAUy2A+VsffSE.
Please contact your system administrator.
Add correct host key in /home/ceunixcorporation/.ssh/google_compute_known_hosts to get rid of this message.
Offending RSA key in /home/ceunixcorporation/.ssh/google_compute_known_hosts:3
  remove with:
  ssh-keygen -f "/home/ceunixcorporation/.ssh/google_compute_known_hosts" -R "compute.906058796356615757"
ECDSA host key for compute.906058796356615757 has changed and you have requested strict checking.
Host key verification failed.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:PIrntDXiIhagDRyAki+F9hgNMxtXDhbAUy2A+VsffSE.
Please contact your system administrator.
Add correct host key in /home/ceunixcorporation/.ssh/google_compute_known_hosts to get rid of this message.
Offending RSA key in /home/ceunixcorporation/.ssh/google_compute_known_hosts:3
  remove with:
  ssh-keygen -f "/home/ceunixcorporation/.ssh/google_compute_known_hosts" -R "compute.906058796356615757"
ECDSA host key for compute.906058796356615757 has changed and you have requested strict checking.
Host key verification failed.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:PIrntDXiIhagDRyAki+F9hgNMxtXDhbAUy2A+VsffSE.
Please contact your system administrator.
Add correct host key in /home/ceunixcorporation/.ssh/google_compute_known_hosts to get rid of this message.
Offending RSA key in /home/ceunixcorporation/.ssh/google_compute_known_hosts:3
  remove with:
  ssh-keygen -f "/home/ceunixcorporation/.ssh/google_compute_known_hosts" -R "compute.906058796356615757"
ECDSA host key for compute.906058796356615757 has changed and you have requested strict checking.
Host key verification failed.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:PIrntDXiIhagDRyAki+F9hgNMxtXDhbAUy2A+VsffSE.
Please contact your system administrator.
Add correct host key in /home/ceunixcorporation/.ssh/google_compute_known_hosts to get rid of this message.
Offending RSA key in /home/ceunixcorporation/.ssh/google_compute_known_hosts:3
  remove with:
  ssh-keygen -f "/home/ceunixcorporation/.ssh/google_compute_known_hosts" -R "compute.906058796356615757"
ECDSA host key for compute.906058796356615757 has changed and you have requested strict checking.
Host key verification failed.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:PIrntDXiIhagDRyAki+F9hgNMxtXDhbAUy2A+VsffSE.
Please contact your system administrator.
Add correct host key in /home/ceunixcorporation/.ssh/google_compute_known_hosts to get rid of this message.
Offending RSA key in /home/ceunixcorporation/.ssh/google_compute_known_hosts:3
  remove with:
  ssh-keygen -f "/home/ceunixcorporation/.ssh/google_compute_known_hosts" -R "compute.906058796356615757"
ECDSA host key for compute.906058796356615757 has changed and you have requested strict checking.
Host key verification failed.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:PIrntDXiIhagDRyAki+F9hgNMxtXDhbAUy2A+VsffSE.
Please contact your system administrator.
Add correct host key in /home/ceunixcorporation/.ssh/google_compute_known_hosts to get rid of this message.
Offending RSA key in /home/ceunixcorporation/.ssh/google_compute_known_hosts:3
  remove with:
  ssh-keygen -f "/home/ceunixcorporation/.ssh/google_compute_known_hosts" -R "compute.906058796356615757"
ECDSA host key for compute.906058796356615757 has changed and you have requested strict checking.
Host key verification failed.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:PIrntDXiIhagDRyAki+F9hgNMxtXDhbAUy2A+VsffSE.
Please contact your system administrator.
Add correct host key in /home/ceunixcorporation/.ssh/google_compute_known_hosts to get rid of this message.
Offending RSA key in /home/ceunixcorporation/.ssh/google_compute_known_hosts:3
  remove with:
  ssh-keygen -f "/home/ceunixcorporation/.ssh/google_compute_known_hosts" -R "compute.906058796356615757"
ECDSA host key for compute.906058796356615757 has changed and you have requested strict checking.
Host key verification failed.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:PIrntDXiIhagDRyAki+F9hgNMxtXDhbAUy2A+VsffSE.
Please contact your system administrator.
Add correct host key in /home/ceunixcorporation/.ssh/google_compute_known_hosts to get rid of this message.
Offending RSA key in /home/ceunixcorporation/.ssh/google_compute_known_hosts:3
  remove with:
  ssh-keygen -f "/home/ceunixcorporation/.ssh/google_compute_known_hosts" -R "compute.906058796356615757"
ECDSA host key for compute.906058796356615757 has changed and you have requested strict checking.
Host key verification failed.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:PIrntDXiIhagDRyAki+F9hgNMxtXDhbAUy2A+VsffSE.
Please contact your system administrator.
Add correct host key in /home/ceunixcorporation/.ssh/google_compute_known_hosts to get rid of this message.
Offending RSA key in /home/ceunixcorporation/.ssh/google_compute_known_hosts:3
  remove with:
  ssh-keygen -f "/home/ceunixcorporation/.ssh/google_compute_known_hosts" -R "compute.906058796356615757"
ECDSA host key for compute.906058796356615757 has changed and you have requested strict checking.
Host key verification failed.
ERROR: (gcloud.beta.compute.ssh) Could not SSH into the instance.  It is possible that your SSH key has not propagated to the instance yet. Try running this command again.  If you still cannot connect, verify that the firewall and instance are set to accept ssh traffic.
ceunixcorporation@cloudshell:~ (ceunix-wordpress-316703)

Note: I have checked the firewall rule, it allows port 22 on all instance networks. Then, I have cleared all public keys from Computing instance > Metadata Section, then adding a new key. it not works.

Only SSH though the browser is working. If I choose to Compute Engine > VM instances > Choose a VM and SSH menu > Open in the browser window using provided private SSH key and then choose my own private ppk key also never let me allow!

Here is the error message > You cannot connect to the VM instance because of an unexpected error. Wait a few moments and then try again.

So, what I can do? I have three Ubuntu instances. All are refusing to connect. please help me.

Note: I have run nmap <my vm's external IP Address> and get this following:

Starting Nmap 7.91 ( https://nmap.org ) at 2021-07-13 08:27 Azores Standard Time

Nmap scan report for 100.142.67.34.bc.googleusercontent.com (34.67.142.100)

The host is up (0.32s latency).

Not shown: 996 filtered ports

PORT     STATE  SERVICE

80/tcp   closed http

443/tcp  closed https

3389/tcp closed ms-wbt-server

8088/tcp open   radan-http



Nmap done: 1 IP address (1 host up) scanned in 17.70 seconds

I also run this command in cloudshell: gcloud compute firewall-rules list and get the following output:

NAME                              NETWORK  DIRECTION  PRIORITY  ALLOW                         DENY  DISABLED
default-allow-http                default  INGRESS    1000      tcp:80                              False
default-allow-https               default  INGRESS    1000      tcp:443                             False
default-allow-icmp                default  INGRESS    65534     icmp                                False
default-allow-internal            default  INGRESS    65534     tcp:0-65535,udp:0-65535,icmp        False
default-allow-rdp                 default  INGRESS    65534     tcp:3389                            False
default-allow-ssh                 default  INGRESS    65534     tcp:22                              False
machinecoderguy-allow-port-7080   default  INGRESS    1000      tcp:7080,udp                        False
machnicecoderguy-allow-port-8088  default  INGRESS    1000      tcp:8088,udp                        False

Solution 1:

The fingerprint for the VM has changed.

Stop changing items on the VM as that is not your problem unless your VM has been hacked.

The problem is that your desktop has a known_hosts file with an IP address and the host's fingerprint. Since the fingerprint has changed, you are prevented from connecting for security reasons.

If you are sure that your systems have not been hacked, delete the known_hosts file located at ~/.ssh.

Now, the important question is why has the fingerprint changed? That can be caused by a few normal reasons and some that are concerns. Do these VM's have static (not ephemeral) IP addresses? Did you perform a major upgrade to the VM's OS? Are these systems part of a managed instance group and the same IP addresses are being reused for new instances? The investigation will be left to you to perform.

Related

Correct MX records to use for Google Apps?
ZFS - zpool ARC cache plus L2ARC benchmarking
pip is not included in Python3
2 different alert sounds playing at once in Ubuntu 17.10
How to install Deepin Desktop Environment in Ubuntu 16.04 LTS?
"Ignoring /etc/texmf/texmf.d/*.cnf during generation of texmf.cnf" when installing tex-common
Laptop doesn't shut down - Lubuntu 15.04
Screen blinking on moving cursor from one monitor to another
What is the /boot/efi partition and how does it affect installing a different distro
How to Close Windows (And Applications) by Middle-Click
How to setup a Wireless Access-Point using my laptop's WiFi card?
Why do Ethernet devices not show up in "/dev"?