error while connecting to ssh on google cloud platform

0
votes

I have my instance running on Google Cloud Platform but suddenly my websites stops working and when i try to login via ssh, it keep connecting not never connects. It says:

The key transfer to project metadata is taking an unusually long time. Transferring instead to instance metadata may be faster, but will transfer the keys only to this VM. If you wish to SSH into other VMs from this VM, you will need to transfer the keys accordingly. Click here to transfer the key to instance metadata. Note that this setting is persistent and needs to be disabled in the Instance Details page once enabled. You can drastically improve your key transfer times by migrating to OS Login.

when i check metadata, it shows unusual activity, which says

google-ssh {"userName":"[email protected]","expireOn":"2021-09-24T10:12:18+0000"}

While checking error log:

{
  "insertId": "1",
  "jsonPayload": {
    "@type": "type.googleapis.com/cloud_integrity.IntegrityEvent",
    "earlyBootReportEvent": {
      "policyEvaluationPassed": false,
      "actualMeasurements": [
        {
          "value": "UcMj3gwMaU9GAc3QK+tY/xNin3Q=",
          "hashAlgo": "SHA1",
          "pcrNum": "PCR_0"
        },
        {
          "hashAlgo": "SHA1",
          "value": "YGw/kvTUppYy0LdmFR51+E97gnU=",
          "pcrNum": "PCR_4"
        },
        {
          "pcrNum": "PCR_5",
          "value": "4oHSmdohc7EolEkGBRqNkJu/s3k=",
          "hashAlgo": "SHA1"
        },
        {
          "pcrNum": "PCR_7",
          "hashAlgo": "SHA1",
          "value": "47JeCjb+lbFLd9hY8wGzli65zS4="
        }
      ],
      "policyMeasurements": [
        {
          "pcrNum": "PCR_0",
          "hashAlgo": "SHA1",
          "value": "UcMj3gwMaU9GAc3QK+tY/xNin3Q="
        },
        {
          "pcrNum": "PCR_4",
          "hashAlgo": "SHA1",
          "value": "SNvS2TFD0ijbVgPoQkMPdwAyg/w="
        },
        {
          "value": "47JeCjb+lbFLd9hY8wGzli65zS4=",
          "pcrNum": "PCR_7",
          "hashAlgo": "SHA1"
        }
      ]
    },
    "bootCounter": "11"
  },
  "resource": {
    "type": "gce_instance",
    "labels": {
      "zone": "us-central1-X",
      "project_id": "myhost-XXXXXX",
      "instance_id": "XXXXXXXXXXXXXXXXXXXXX"
    }
  },
  "timestamp": "2021-09-24T06:13:26.266965195Z",
  "severity": "ERROR",
  "logName": "projects/myhost-XXXXXX/logs/compute.googleapis.com%2Fshielded_vm_integrity",
  "receiveTimestamp": "2021-09-24T06:13:28.275282350Z"
}
1
ubuntugoogle-cloud-platformsshgoogle-compute-engineplesk
cloud.google.com/security/shielded-cloud/… - Martin Zeitler
I do not know the answer so I am making suggestions. If you do not know what you are doing, find someone who does or engage Google paid support. 1) You have a boot integrity check failure. Have you made any changes, installed software, etc? 2) Has your instance has been breached? 3) Shut down the instance and create a snapshot of each disk. 4) Connect via the serial port and review the logs for boot errors, application failures, etc. 5) Review this link for updating the integrity policy baseline. cloud.google.com/compute/docs/instances/… - John Hanley
In analyzing the integrity event, the Master Boot Record (MBR) has changed. This is indicated by PCR_4 (reference: link.springer.com/chapter/10.1007/978-1-4302-6584-9_12). Did you modify the disk layout (add/modify a partition), update the boot record via a system update, or resize the disk drive? PCR stands for Platform Configuration Registers. cloud.google.com/security/shielded-cloud/… - John Hanley
This is the event that is failing check: earlyBootReportEvent: Identifies whether the early boot sequence integrity check passed, and provides details on the PCR values from the baseline and the most recent boot sequence that were compared to make that determination. - John Hanley

1 Answers