Skip to content

Connect to a Linux VM using SSH

Required roles

To follow the steps in this guide, you need the following roles:

Depending on the configuration of your VM, you might also need:

To connect to a Linux VM by using SSH, do the following:

  1. In the Project Explorer tool window, right-click a VM instance and select Connect:

Context menu

  1. IAP Desktop now automatically publishes your SSH public key , creates an IAP TCP forwarding tunnel, and opens a terminal:

    SSH Terminal

Customize connection settings

To customize the connection settings, you can use the Connection Settings tool window:

  1. In the Project Explorer tool window, right-click a VM instance and select Connection Settings.

  2. In the Connection Settings window, customize settings as needed.

    Connection settings

    If you specify a setting that deviates from the default, it is shown in bold typeface.

Instead of customizing settings for each VM instance individually, you can also specify settings that apply to an entire zone or projects:

  1. In the Project Explorer tool window, right-click a zone or project and select Connection Settings.
  2. In the Connection Settings window, customize settings as needed. The settings apply to all VM instances in the respective zone or project, unless explicitly overridden.

For more information about customizing connection settings, see Connection settings.

Frequently Asked Questions

Which SSH key does IAP Desktop use for authentication?

By default, IAP Desktop uses a ECDSA NISTP-256 key pair for SSH public key authentication. The key is created automatically on first use, is managed using the Microsoft Software Key Storage Provider , and is not exportable.

For more details, see SSH algorithms and keys.

Can I use an existing private key instead?

No, IAP Desktop maintains its own RSA key pair. But Google Cloud lets you use multiple SSH keys, so you can continue to use your existing private key for other SSH clients.

What's next