open up google-vm ftp ports

Jul 16, 04:05 AM

2023-01-26 – you can “disable” the normal security by following these instructions:

https://stackoverflow.com/questions/20294381/google-server-putty-connect-disconnected-no-supported-authentication-methods-a
https://zaedify.com/how-to-connect-to-gcp-vm-using-putty/

0 – set password for username (‘mark’)
1 – Edit the /etc/ssh/sshd_config file.
2 – Change PasswordAuthentication and ChallengeResponseAuthentication to yes. line 70: (change “PasswordAuthentication no” to “PasswordAuthentication yes”) ?? ChallengeResponseAuthentication
3- sudo systemctl restart sshd.service ;

NOTE:
sudo vi /etc/selinux/config; and changing SELINUX=permissive will permanently lock you out!
SELINUX=enforcing appears to be required.
POSSIBLE SALVAGE: http://blog.aristadba.com/2021/03/failed-to-load-selinux-policy-freezingsolved/#:~:text=In%20the%20boot%20menu%2C%20select,system%20and%20system%20will%20restart.

.
much of this needs to be revised…. 2022-12-12

1) click name of vm instance
2) scroll down to “Network Interface” and click “default”
3) click “FIREWALLS” tab (inbetween “.STATIC INTERNALS IP ADDRESSES” and “ROUTES”)
4) either click down-arrow by “vpc-firewall-rules” or just create a new rule
5a) be sure to select “Ingress:
5b) be sure not to overlook the “0.0.0.0/0” setting for the “Source” and note trailing “/0” that must be included UPDATE: or just include your own home IP number (webpage ssh login will no longer work)
6) UDP NOT REQUIRED some day, play with the ftp vs udp
7) naturally select which ports you want open!

IMPORTANT!

1 - set Target "Apply to All"
2 - source IP range: 0.0.0.0/0 (i always forget trailing slash-zero
3 - reboot  (?)
4 - mariadb MAY need to have:     (did this again 2023-05-18)
bind-address=0.0.0.0
skip-networking=0
in either /etc/my.cnf or  /etc/my.cnf.d/server.cnf
https://docs.bitnami.com/virtual-machine/infrastructure/lamp/administration/connect-remotely-mariadb/

UPDATE: target tag does not seem to work, but "Apply to all" does!

I have had great difficulty getting google-vm to open a port.

my big "struggle/mistake" was the name of the network "target" - it should be "Apply to all".

This value should either be "Apply to all" (or MAYBE specify the name of the google-vm??)

this article is very comprehensive
https://docs.bitnami.com/google/faq/administration/use-firewall/

it proves a little "tricky" to get to the network area:

this is where it HAS to say "Apply to all": (i never did get the target-name working!)

EASY PORT TEST!

ON SERVER: 
 ls -l | ncat  --listen  10000 ;   ## this simple example will pass the results of the "ls" command out port 10000 then exit.


ON CLIENT: 
 telnet  10.128.15.223  10000; ## this client command should display the directory contents then exit.
ncat examples

To display open server ports: 
netstat --listening  --numeric  --tcp  --udp;  ## displays open ports
netstat --listening  --numeric  --tcp  --udp;  ## displays open ports (deprecated)


EDIT: 2021-10-14

i forgot about the "target" and to set 0.0.0.0/0
Mark Edwards

,

---

Commenting is closed for this article.

---