0

I am forced to connect to some Google Cloud stuff running IAP, thus I am forced to have the rather large gcloud sdk somewhere I guess. If I can get away without having the google-cloud-sdk I would love to.

However rather than installing the gcloud-sdk on multiple machines I would rather have it on one machine, which then the other systems that I occasionally need to connect to the Google Cloud to just use the machine that already has gcloud configured.

MachineA:

  • Has gcloud sdk installed and configured
  • I do not want SSH private keys on this machine
  • Has an SSH config like this
Host google-cloud
    ClearAllForwardings yes
    HostbasedAuthentication yes
    ProxyJump gcloud-stuff
    IdentityFile ~/.ssh/id_ed25519
    IdentitiesOnly yes
    User a
Host gcloud-stuff
    ProxyCommand gcloud beta compute start-iap-tunnel ...
    IdentityFile ~/.ssh/id_ed25519
    IdentitiesOnly yes
    User b

Machine B, C, D, ...:

  • I want to be able to SSH into google-cloud from these machines
  • SSH private keys are stored here
  • If the locally running Agent does not have the keys I need to be asked here

With the constraints outlined above I need to be able to connect to the google cloud VM from all machines (A,B,C,D,...).
Any ideas on how this can be achieved?

Improve this question
3
  • What is the problem you are trying to solve? Edit your question with details.
    – John Hanley
    Commented Nov 28, 2022 at 23:35
  • What further detail is required? I thought the question was quite detailed and had everything?
    – Phoenix
    Commented Nov 29, 2022 at 9:23
  • You have a lot of detail that does not help yet. What is the problem? Show what you have tried with error messages, etc.
    – John Hanley
    Commented Nov 29, 2022 at 9:41

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .