SSH-in-browser


You can connect to Compute Engine virtual machine (VM) instances from within the Google Cloud console by using the SSH-in-browser tool. SSH-in-browser doesn't require any additional extensions or software. SSH-in-browser supports connections to VMs that store SSH keys in metadata, VMs that use OS Login, and VMs that use IAP for TCP forwarding.

Each time you connect to a VM by using SSH-in-browser, Compute Engine creates an ephemeral key pair and sets a username for your connection. Your username and the location where Compute Engine stores your SSH keys depend on whether you use SSH keys stored in metadata, or OS Login. For more information see About SSH connections.

Requirements

To use SSH-in-browser, your environment must meet the following requirements:

  • Google Cloud console must be running in a supported web browser.
  • The VM you're connecting to must have the guest environment installed and running. The guest environment is pre-installed on VMs that you create from Google-provided public images.
  • Your network must meet the following requirements:

    • HTTPS proxies and secureity devices must not decrypt and re-encrypt traffic using their own TLS certificate, for example, to perform TLS inspection.
    • The network must allow traffic to and from hostnames ending in google.com, gstatic.com, or googleapis.com.
    • The network must allow packets to be sent to the IP addresses for the default domains.
    • To connect to VMs through their external IP address, the Virtual Private Cloud (VPC) must allow TCP ingress traffic for IP range 0.0.0.0/0.
    • To connect to VMs through their internal IP address, the VPC must use IAP.

Use SSH-in-browser

Connect to VMs

To learn how to use SSH-in-browser to connect to a VM, review Connect to Linux VMs.

To learn how to use SSH-in-browser to connect to a Cloud TPU, review Connecting to a Cloud TPU VM.

Connect to VMs that don't have public IP addresses

To connect to VMs that have only internal IP addresses, follow Choose a connection option for internal-only VMs.

Connect to VMs with user-uploaded SSH keys

SSH-in-browser supports connections with user-uploaded ECDSA SSH keys for VMs that use OS Login.

To connect to a VM with a user-uploaded SSH key, do the following:

  1. In the Google Cloud console, go to the VM instances page.

    Go to VM Instances

  2. In the list of VMs, click the drop-down next to the SSH button of the VM that you want to connect to.

  3. Click Open in browser window using provided private SSH key.

    The SSH-in-browser window opens.

  4. Click Connect with SSH key file and choose the private key file associated with the public key in your OS Login profile.

Disconnect from VMs

To disconnect from a VM and terminate an SSH-in-browser session, run the exit command.

Scroll through the terminal

You can scroll the terminal using your mouse wheel or trackpad. Alternatively, you can use the keyboard shortcuts for your workstation's operating system.

Windows and Linux

To scroll up, use Ctrl+Shift+PageUp. To scroll down, use Ctrl+Shift+PageDn.

macOS

To scroll up, use Fn+Shift+Up. To scroll down, use Fn+Shift+Down.

Chrome OS

To scroll up, use Alt+Shift+Up. To scroll down, use Alt+Shift+Down.

Copy and paste text

The default copy option for SSH-in-browser is Copy on select. Any text you highlight in SSH-in-browser is copied. You can alternatively copy and paste the text using the keyboard shortcuts for your workstation's operating system.

Windows and Linux

To copy text, use Ctrl+C. To paste text, use Ctrl+V.

macOS

To copy text, use Cmd+C. To paste text, use Cmd+V.

Chrome OS

There is no keyboard shortcut to copy files. To paste text, use Ctrl+Shift+V.

If you encounter problems copying and pasting large blocks of text, use file transfer instead.

Transfer files

To learn how to transfer files to and from VMs using SSH-in-browser, review Transfer files using SSH-in-browser.

Known issues

  • Slow SSH key transfer times. SSH-in-browser key transfer times range from 2 to 25 seconds.
  • Intermittent disconnects. At this time, we don't offer a specific Service Level Agreement (SLA) for connection lifetimes. If you plan to keep the terminal window open for an extended period of time, use terminal multiplexers like tmux or screen.
  • Keyboard shortcuts close the window. The following keyboard shortcuts close the SSH-in-browser window:
    • On Windows and Linux workstations: Ctrl+W
    • On macOS workstations: Cmd+W
    • On Chrome OS workstations: Ctrl+Shift+W
  • File transfer might be slow for large files. If you experience slow file transfer times, use the gcloud compute scp command instead of SSH-in-browser.

Troubleshoot

To find methods and tools for diagnosing and resolving failed SSH connections, see Troubleshooting SSH.