Zoe*_*gia 5 cloud cloud-computing ufw google-compute-engine google-cloud-platform
我不小心在我的 Google Cloud Compute debian 实例上启用了 UFW,不幸的是端口 22 现在被阻止了。我已经尝试了各种方法进入虚拟机,但我不能。
我正在尝试通过串行端口访问,但它要求我提供从未设置的用户名和密码。
有谁知道我能做什么?
Joh*_*ley 10
This answer shows two methods of solving this problem.
The first method is to create a startup-script that disables UFW. The second method attaches the boot disk to another instance and modifies the file /etc/ufw/ufw.conf
Method 1:
Step 1:
Login into the Google Cloud Console. Go to Compute Engine -> VM instances. Click on your instance. Click on the Edit button.
Step 2:
Scroll down to the section "Custom metadata". For Key enter startup-script. For Value enter:
#! /bin/bash
/usr/sbin/ufw disable
Click the Save button
Step 3:
Reboot your instance. During reboot the startup-script will run disabling the UFW firewall. Login to your instance using SSH.
Step 4:
Repeat Step #2 except this time, delete the startup-script. Otherwise the firewall will be disabled each time your instance boots.
Method 2:
STEP 1:
Shutdown your instance with the UFW problem. Login into the Google Cloud Console. Go to Compute Engine -> VM instances. Click on your instance and make note of the "Boot disk" name. This will be the first disk under "Boot disk and local disks".
STEP 2:
Create a snapshot of the boot disk before doing anything further. While still in Compute Engine -> Disk. Click on your boot disk. Click on "CREATE SNAPSHOT".
STEP 3:
Create a new instance in the same zone. A micro instance will work.
STEP 4:
Open a Cloud Shell prompt (this also works from your desktop if gcloud is setup). Execute this command. Replace NAME with your instance name (broken system) and DISK with the boot disk name and ZONE with the zone that the system is in:
gcloud compute instance detach-disk NAME --disk=DISK --zone=ZONE
Make sure that the previous command did not report an error.
STEP 5:
Now we will attach this disk to the new instance that you created.
Make sure that the repair instance is running before attaching the second disk. Sometimes an instance can get confused on which disk to boot from if more than one disk is bootable.
Go to Compute Engine -> VM instances. Click on your instance. Click Edit. Under "Additional disks" click "Add item". For name enter/select the disk that you detached from your broken instance. Click Save.
STEP 6:
SSH into your new instance with both disks attached.
STEP 7:
Follow these steps carefully. We will mount the second disk to the root file system. Then change the contents of /mnt/repair/etc/ufw/ufw.conf to disable the firewall.
ENABLED=yes为ENABLED=no第 8 步:
现在反转该过程并将第二个磁盘移回原始实例并使用以下命令重新附加。然后启动您的实例并通过 SSH 连接。
注意:要重新附加启动磁盘,您必须使用带有 -boot 选项的 gcloud。
gcloud beta compute instances attach-disk NAME --disk=DISK --zone=ZONE --boot
| 归档时间: |
|
| 查看次数: |
2458 次 |
| 最近记录: |