How to unblock my IP after failed sftp login attempts to google cloud compute instance

Solution 1:

Joinning the party years later, but someone could benefit from this.

Looks like every ubuntu image has sshguard installed, after a few failed SSH login attempts your IP gets banned/blocked.

You need to connect to your instance from another ip, or use the ssh connection inside web-console from google compute engine.

What you can do is check if your ip has been banned:

sudo iptables --list sshguard --line-numbers --numeric | grep [you.ip.goes.here]

On the output you will have a line with a number at the beginning, that line must be removed (replace [N] with that line number):

sudo iptables --delete sshguard [N]

Then you should be able to connect to your server again.

There are people that suggest adding the ip to the sshguard white list and then restarting the sshguard service... I didn't try it because my i think my solution is safer given the fact that my ip can change. If you happen to need a fixed IP being white listed of solution, comment is here:

https://stackoverflow.com/questions/26813070/google-compute-engine-getting-blocked-after-accessing-ssh-a-few-times/26827428#comment84875330_26827428

Also some doc from sshguard where I got my final answer: https://wiki.archlinux.org/index.php/Sshguard#Unbanning

Solution 2:

If the IP were blocked by Google, a notice would have been delivered to the account about the block. If a notice was not received, then the failure to connect is due to some other cause. The suggestions offered by kasperd are good, a likely candidate is some security monitor on the instance.