Logo Miauhaus

VSCode Remote SSH <-> GCP Compute Engine VM via Cloud IAP

2022-04-28
3 min read
GCP Remote

Cloud IAP makes it easier and secure for connecting VM instances on GCP. This can be used in VSCode too!

Steps

  1. Setup VM without external IP (connect through Cloud IAP)
  2. Show SSH command 
    $ gcloud compute ssh --dry-run --tunnel-through-iap --zone ZONE --project GCP_PROJECT REMOTE_USER@INSTANCE
  3. Modify command: add quotes, modify ssh bin path, and etc. 
    # Command above would show some ssh command like this;
# The command below is formatted for the sake of readability, remove linebreaks when copy & paste onto VSCode
ssh -t -i /home/username/.ssh/google_compute_engine
    -o CheckHostIP=no
    -o HashKnownHosts=no
    -o HostKeyAlias=compute.*******
    -o IdentitiesOnly=yes
    -o StrictHostKeyChecking=yes
    -o UserKnownHostsFile=/home/username/.ssh/google_compute_known_hosts
    -o ProxyUseFdpass=no
    # Quote ProxyCommand="COMMAND"
    -o ProxyCommand "python3 -S /home/username/google-cloud-sdk/lib/gcloud.py compute start-iap-tunnel INSTANCE %p --listen-on-stdin --project=GCP_PROJECT --zone=ZONE --verbosity=warning"
REMOTE_USER@compute.********
  4. Set new remote host in VSCode via ‘Remote-SSH: Add New SSH Host’
  5. Edit Host in generated ssh config

Caveats (VSCode on Windows11+WSL2)

When using Remote SSH feature on typical modern WSL2 env, where you use VSCode on Windows with WSL2 remote containers, the issues are:

  • VSCode on Windows env. needs SSH client running on Windows, not WSL2’s one.
  • Google Cloud SDK on Windows uses bundled putty as SSH client implementation, but current (as of v0.78.0) VSCode Remote SSH extension does not support putty.

The steps for Windows would be like:

  1. (Win) Enable Open-SSH client on Windows 11 
    # Run as Administrator
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
  2. (Win) Install Google Cloud SDK installation.
  3. Prepare command line for Windows env. 
    # Command above would show some ssh command like this;
# The command below is formatted for the sake of readability, remove linebreaks when copy & paste onto VSCode
ssh -t -i C:\\Users\\username\\.ssh\\google_compute_engine
    -o CheckHostIP=no
    -o HashKnownHosts=no
    -o HostKeyAlias=compute.*******
    -o IdentitiesOnly=yes
    # Somehow I needed to set this tp false
    -o StrictHostKeyChecking=false
    -o UserKnownHostsFile=C:\\Users\\username\\.ssh\\google_compute_known_hosts
    -o ProxyUseFdpass=no
    # Make sure gcloud on windows to be used
    -o ProxyCommand '"C:\\Users\\username\\AppData\\Local\\Google\\Cloud SDK\\google-cloud-sdk\\bin\\..\\platform\\bundledpython\\python.exe" -S "C:\\Users\\username\\AppData\\Local\\Google\\Cloud SDK\\google-cloud-sdk\\lib\\gcloud.py" compute start-iap-tunnel INSTANCE %p --listen-on-stdin --project=GCP_PROJECT --zone=ZONE --verbosity=warning'
    REMOTE_USER@compute.********
Next Post Triton Inference Serverを色々な環境から使いたい: TypeScript (Node.js) 編
Previous Post 人間と猫の引越し回顧録(帰京編)