Monday, June 10, 2019

How to Enable Root Account and Enable Username/password Access in GCP


By default, Google Compute Engine offers the browser-based Google Cloud Platform Console tool that lets you manage your Google Compute Engine resources through a graphical interface. Use the GCP Console to manage your resources if you prefer using a user-interface through the browser.

In the GCP documentation setting up ssh keys  which shows how to set up your own ssh key to access all your virtual machines in GCP. here's the summary of steps:
  1. Generate your keys using ssh-keygen or PuTTYgen for Windows, if you haven't already.
  2. Copy the contents of your public key. If you just generated this key, it can probably be found in a file named id_rsa.pub.
  3. Log in to the Developers Console.
  4. In the navigation, Compute->Compute Engine->Metadata.
  5. Click the SSH Keys tab.
  6. Click the Edit button.
  7. In the empty input box at the bottom of the list, enter the corresponding public key, in the following format: 

    <protocol> <public-key> [email protected] 

    This makes your public key automatically available to all of your instances in that project. To add multiple keys, list each key on a new line.
  8. Click Done to save your changes. 

    It can take several minutes before the key is inserted into the instance. Try connecting with ssh to your instance. If it is successful, your key has been propagated to the instance.



Once you connect to your GCP VM using PuTTY or gcloud compute instances ssh or even clicking on the "SSH" button on the Developers Console next to the instance, you should be able to use the sudo command. Note that you shouldn't be using the su command to become root, just run:
sudo [command]
and it should not prompt you for a password.
If you want to get a root shell to run several commands as root and you want to avoid prefixing all commands with sudo, run:
sudo su -

Sometimes, you might need to have directly root ssh access with username/password authentication. Here is how we can do it:


1. As the root user, edit the sshd_config file found in /etc/ssh/sshd_config:
vim /etc/ssh/sshd_config

2. PermitRootLogin

Add the following line to the file, you can add it anywhere but it’s good practice to find the block about authentication and add it there.
PermitRootLogin yes
Save and exit the file.

3. Restart ssh server to make your configuration effective
Restart the SSH server:
systemctl restart sshdOr:
service sshd restart


4. Disable public key authentication:

vim /etc/ssh/sshd_config



PubkeyAuthentication no


YouTube Video:








No comments:

Post a Comment