On Google Cloud Platform, Redhat Enterprise Linux 8.10 Virtual Machine could not be able to connect via ssh with below error: Permission Denied (publickey.gssapi-keyex.gssapi-with-mic)

ISSUE:

While migrating one of my client’s Core Oracle Database from an on-premises environment to Google Cloud VM Instance. I encountered an issue while transferring files via SCP from the source Linux server to the target and was unable to connect to Google Cloud VM’s Linux terminal with password using SSH?

ERROR:

[oraprd@core-db-prd ~]$ scp abc oradev@155.199.299.187:/u01/core_db/db/
The authenticity of host ‘155.199.299.187 (155.199.299.187)’ can’t be established.
ECDSA key fingerprint is SHA256:weCNN1YK6jubMLYRfRs2QVhJ5wPNZc7G8SWp/J+0tJ0.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added ‘155.199.299.187’ (ECDSA) to the list of known hosts.
oraprd@155.199.299.187: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
lost connection
[oraprd@core-db-prd ~]$

SOLUTION:

Steps to Transfer a Folder or File Between GCP VMs

  1. Enable Password Authentication on the Target DR Server
    • Open the SSH configuration file:
      vi /etc/ssh/sshd_config
    • Update the following line:
      From: PasswordAuthentication no
      To: PasswordAuthentication yes
    • Restart the SSH service:
      systemctl restart sshd
    • Verify the SSH service status:
      systemctl status sshd
  2. Transfer Files
    • Use a secure copy command (scp) to transfer the folder or file from the source (Prod Server) to the target (DR Server). You will be prompted to enter the password.
  3. Revert Password Authentication Setting on the Target DR Server
    • Edit the SSH configuration file again:
      vi /etc/ssh/sshd_config
    • Change the line back:
      From: PasswordAuthentication yes
      To: PasswordAuthentication no
    • Restart the SSH service:
      systemctl restart sshd
    • Verify the SSH service status:
      systemctl status sshd

IMPORTANT ! : Always ensure you revert the PasswordAuthentication setting after the transfer to maintain server security.

This entry was posted in Uncategorised. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *