Configuring SSH Connection to Compute Engine Instance for dev1 Group | YourWebsite

Configuring SSH Connection to Compute Engine Instance for dev1 Group

Prev Question Next Question

Question

You want to configure an SSH connection to a single Compute Engine instance for users in the dev1 group.

This instance is the only resource in this particular Google Cloud Platform project that the dev1 users should be able to connect to.

What should you do?

Answers

A. Set metadata to enable-oslogin=true for the instance. Grant the dev1 group the compute.osLogin role. Direct them to use the Cloud Shell to ssh to that instance.

B. Set metadata to enable-oslogin=true for the instance. Set the service account to no service account for that instance. Direct them to use the Cloud Shell to ssh to that instance.

C. Enable block project wide keys for the instance. Generate an SSH key for each user in the dev1 group. Distribute the keys to dev1 users and direct them to use their third-party tools to connect.

D. Enable block project wide keys for the instance. Generate an SSH key and associate the key with that instance. Distribute the key to dev1 users and direct them to use their third-party tools to connect.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys

To configure an SSH connection to a single Compute Engine instance for users in the dev1 group, you can follow the below steps:

Option A:

Set metadata to enable-oslogin=true for the instance - This will allow users to authenticate using their Google Cloud identity, instead of manually managing SSH keys.
Grant the dev1 group the compute.osLogin role - This will allow users in the dev1 group to connect to the instance using their Google Cloud identity.
Direct them to use the Cloud Shell to ssh to that instance - This will provide an easy-to-use interface for the users to connect to the instance.

Option B:

Set metadata to enable-oslogin=true for the instance - This will allow users to authenticate using their Google Cloud identity, instead of manually managing SSH keys.
Set the service account to no service account for that instance - This will remove the default service account from the instance, which would otherwise have SSH access to the instance.
Direct them to use the Cloud Shell to ssh to that instance - This will provide an easy-to-use interface for the users to connect to the instance.

Option C:

Enable block project wide keys for the instance - This will disable SSH access using project-wide public SSH keys.
Generate an SSH key for each user in the dev1 group - This will provide each user with their own SSH key to authenticate with.
Distribute the keys to dev1 users and direct them to use their third-party tools to connect - Each user will need to configure their SSH client to use their own private key to authenticate with the instance.

Option D:

Enable block project wide keys for the instance - This will disable SSH access using project-wide public SSH keys.
Generate an SSH key and associate the key with that instance - This will provide a single SSH key to authenticate with the instance.
Distribute the key to dev1 users and direct them to use their third-party tools to connect - Each user will need to configure their SSH client to use the provided private key to authenticate with the instance.

Option A and Option B are recommended as they provide a secure and easy-to-use method for dev1 users to connect to the instance. Option C and Option D require more manual configuration and management of SSH keys, which can be more error-prone and less secure.

Prev Question Next Question