Connection

How do I connect to a Linux VM?How do I connect to a Linux VM?

Use this guide: Connecting to a Linux VM via SSH. If the computer you are connecting from runs Windows 7, 8, or early releases of Windows 10 without a built-in console SSH client, use PuTTY.

Linux images provided by Yandex Cloud come without a GUI shell by default. SSH authentication with a username and password is disabled by default, as this method is outdated and poses security risks.

I cannot login to my VM after creating it. What should I do?I cannot login to my VM after creating it. What should I do?

Your device must have network connectivity to the VM:

• If you are connecting externally, your VM must have a public IP address or be accessible through another VM with a public IP address, e.g., through a NAT instance.
• Your device must allow outgoing traffic to the VM and incoming traffic from it.

Do not shut down or reboot the VM immediately after creating it. VMs with low guaranteed vCPU performance may take a long time to boot for the first time, up to half an hour. If the VM is terminated prematurely, the initialization scripts might have failed to complete. In this case, delete the VM and create a new one.

How do I use root on a Linux VM?How do I use root on a Linux VM?

When creating a Linux VM, do not use usernames reserved by the system, such as root, admin, etc., because cloud-init will not be able to add a user with such a username. Try creating a VM, specifying user for username.

To upgrade your permissions to root, use sudo. The user specified when creating the VM is a member of the sudo group. root has no password, so you can simply connect to the VM over SSH (see Connecting to a Linux VM via SSH) and run this command:

sudo su

You can also run various commands without switching to root. For example, to shut down a VM from within the guest OS, use this command:

sudo poweroff

I can no longer login to my VM. What should I do?I can no longer login to my VM. What should I do?

Your login details have likely been compromised, resulting in unauthorized access to the VM. Create a disk snapshot of your VM (see Creating a disk snapshot this guide for details) and use it to create a new VM (see Creating a VM with disks recovered from snapshots this guide for details). If you succeeded connecting to the new VM, make sure to use stronger passwords and do not share your private data.

If you cannot access the VM you created from the snapshot either, see How do I retrieve important data from a failed VM.

What should I do if I cannot connect to a VM created from a Cloud Marketplace image?What should I do if I cannot connect to a VM created from a Cloud Marketplace image?

Some Cloud Marketplace images have service usernames reserved, e.g., bitrix in the 1C-Bitrix image. When creating a VM and connecting to it, use a username not reserved in the system, such as user. Do not use root, admin, or other system usernames.

Later on, you will be able to change the bitrix user password by running the sudo passwd bitrix command.

What do I do if the Permission denied error occurs?What do I do if the Permission denied error occurs?

When connecting to a VM via SSH, you may get the following errors:

Permission denied (publickey)
Permission denied (publickey,gssapi-keyex,gssapi-with-mic)

Here are common causes of these errors:

• Mistyped public key specified when creating a VM.
• Invalid private key provided when attempting to establish a connection.
• Invalid data in the authorized_keys file.

To solve the connection issue, try providing the valid private key using the -i flag:

ssh -i <key_path/key_file_name> <username>@<VM_public_IP_address>

How do I set up an RDP/VNC connection to a Linux VM?How do I set up an RDP/VNC connection to a Linux VM?

To enable the GUI on Linux VMs, consider one of these two options:

• Use RDP or VNC. To do this:

  1. Install the desktop environment on the Linux VM (Ubuntu/CentOS).

  2. Install the xrdp or VNC server to connect through RDP or VNC, respectively.

  3. Configure the software.

     We recommend using a combination of a VNC server that only listens to localhost and an SSH tunnel. This way, you will both eliminate the risk of attackers connecting to your VM through VNC and encrypt the VNC traffic.

• Configure X11 forwarding to the local computer. For Windows, use Xming.
  1. Install the desktop environment.
  2. Configure X11 forwarding and connect over SSH.
  3. Start the application from the terminal.

I can no longer login to my VM. What should I do?I can no longer login to my VM. What should I do?

Your login details have likely been compromised, resulting in unauthorized access to the VM. Create a disk snapshot of your VM (see Creating a disk snapshot this guide for details) and use it to create a new VM (see Creating a VM with disks recovered from snapshots this guide for details). If you succeeded connecting to the new VM, make sure to use stronger passwords and do not share your private data.

If you cannot access the VM you created from the snapshot either, see How do I retrieve important data from a failed VM.

How do I use a serial console? How do I connect to my VM directly?How do I use a serial console? How do I connect to my VM directly?

If you have issues while connecting to your VM over a network, you can use the serial console. For more information about a serial console, see Getting started with a serial console.

You can enable serial console access when creating or updating your VM. The serial console will be available in the Yandex Cloud management console from the VM menu.

For a Linux VM, you need to additionally configure password access for the user in advance by connecting over SSH and setting the password using the sudo passwd user command (replace user with the username you specified when creating the VM).

What should I do if I lose my SSH key?What should I do if I lose my SSH key?

If you set a user password, configure the VM serial console and connect to it. We recommend connecting through the CLI.

If no user password is set, take a snapshot of the VM's disk and create a new VM from the snapshot.

If the problem persists:

1. Create a new disk from the VM snapshot.
2. Attach it as a secondary disk to a different VM.
3. Change the root directory with chroot.
4. Modify configuration files that affect VM accessibility, e.g., set a new password for the user using the sudo passwd <username> command.
5. Detach the disk from the VM.
6. Create a new VM. Under Image/boot disk selection, go to the Custom tab and select your disk as the boot disk.
7. After restoring access to the VM, do not forget to delete unused resources: VMs, disks, and disk snapshots. If you do not delete them, they will remain billable, and Yandex Cloud will continue to charge for them.

Why is my VM not working after a reboot?Why is my VM not working after a reboot?

The VM may fail to start after a reboot for one of the following reasons:

• The VM was forcibly restarted while writing to the system disk. This could have damaged the file system.
• Either the firewall or the network, or both, were not properly configured.
• cloud-init settings were updated.
• The Python system version, which is also used by cloud-init, was modified.
• There was an issue with the service.

If you performed one of these actions, see How do I retrieve important data from a failed VM. Otherwise, submit a support request.

How do I retrieve important data from a failed VM?How do I retrieve important data from a failed VM?

When a VM fails:

1. Create a snapshot of the faulty disk (see Creating a disk snapshot this guide for details).
2. Create a new VM with a secondary (non-bootable) disk recovered from the snapshot (see Creating a VM with disks recovered from snapshots for details).
3. Connect to the VM (see Using a VM for details).
4. Mount the disk (see Mounting a disk created from a snapshot or image for details).
5. Run a check of the disk file system.
6. Transfer the data you need to the boot disk of your new VM.