Cannot edit VM or access it via SSH. error:Supplied fingerprint does not match current metadata fingerprint

Posted on

A server stack is the collection of software that forms the operational infrastructure on a given machine. In a computing context, a stack is an ordered pile. A server stack is one type of solution stack — an ordered selection of software that makes it possible to complete a particular task. Like in this post about Cannot edit VM or access it via SSH. error:Supplied fingerprint does not match current metadata fingerprint was one problem in server stack that need for a solution. Below are some tips in manage your linux server when you find problem about linux, google-cloud-platform, google-compute-engine, gcloud, ssh-keys.

I have a Linux machine on Google Cloud, created with Bitnami.

It was working well, and it could be accessed through SSH, usign the web console or putty. However suddenly today it can not be accessed via SSH in any way. When I try to edit the VM and change the SSH keys or make any other change to it i get the following error message:

Editing VM instance:"***" failed.
Error:Supplied fingerprint does not match current metadata fingerprint

The VM still running and the services deployed on it still working, but no changes can be made. I have about 10 other VMs, and all of them still having SSH Access.

I have tried to follow several guides on GC docs, but almost none can be done without command line access.

As suggested in the comments, you should check if SSH Keys set up for this VM are correct and Block project-wide SSH keys is un-checked.
If there are no SSH keys, you can generate your own pair:
run ssh-keygen -t rsa -b 4096 -C "your_email@domain.com" on your local machine and copy content of id_rsa.pub,
select Edit in VM details page, press Show and edit, then Add item and paste it.
Cloud console will check syntax of key automatically.
Save at the bottom and try accessing VM from local terminal or PuTTy.

If you are using different OS or need more information, you can find it here.


If manually created pair does not resolve the issue, you can try using serial console to access VM:

Start by enabling serial port access:

    --metadata serial-port-enable=TRUE

Then add a temporary account: select affected VM, press edit, and add custom metadata:
Key: startup-script
Value: #!/bin/bash useradd --groups google-sudoers tempuser echo "tempuser:password" | chpasswd

Save your changes and press Connect to serial console

From there, you can check ssh service status or edit ~/.ssh/authorized_keys

If none of these steps help, you can clone your instance.

Incoming search terms:

  • Supplied fingerprint does not match current metadata fingerprint

Leave a Reply

Your email address will not be published.