2

a nifty script for accessing with native SSH your IAP allowed Compute Engine ins...

 11 months ago
source link: https://gist.github.com/netj/df4f9de1fefd254ab11979be7035b5d0
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

gcp-start-iap-tunnel-ssh-proxy-magic

One Off Usage:

a nifty script for accessing with native SSH (as opposed to gcloud compute ssh) your IAP allowed Compute Engine instances (even when they don't have public IPs)

bash <(curl -fgsSL bit.ly/ssh-gcp) INSTANCE_NAME  # TBD
bash <(curl -fgsSL bit.ly/ssh-gcp) INSTANCE_NAME.ZONE  # TBD
bash <(curl -fgsSL bit.ly/ssh-gcp) INSTANCE_NAME.ZONE.PROJECT
bash <(curl -fgsSL bit.ly/ssh-gcp) INSTANCE_NAME.ZONE.c.PROJECT.internal  # TBD

Setup Instructions:

  1. Download and copy the script to ~/.ssh/gcp-start-iap-tunnel-ssh-proxy-magic.sh

  2. Add the following lines to ~/.ssh/config:

# Google Cloud Compute Engine full SSH via using `gcloud compute start-iap-tunnel` as ProxyCommand
# (consider using this alongside `gcloud compute config-ssh`)
Host *.*-*-*.*
  ProxyCommand sh ~/.ssh/gcp-start-iap-tunnel-ssh-proxy-magic.sh gce_instance=%n sshuser=%r sshport=%p

  1. Use the gcloud compute config-ssh --project=... command to configure ssh host aliases for Compute Engine instances.

  2. Enjoy SSH (esp. scp, rsync) for any instances allowed for IAP with no extra effort.

Synopsis:

$ scp myhost.us-west1-a.my-gcp-project:remote/path local/path
$ rsync -av myhost.us-west1-a.my-gcp-project:remote/ local/

$ ssh myhost.us-west1-a.my-gcp-project

See also:


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK