cloud engineer
Every time I log in to Google Cloud, it’s using the Chromium.
Set BROWSER env to Firefox instead.
export BROWSER=/usr/bin/firefox |
export BROWSER=/usr/bin/firefox
Login to GCP. It should open up Firefox browser instead of Chromium.
gcloud auth login |
gcloud auth login
Add it your .bashrc or .bashprofile if you want it to be permanent.
There are a few issues that prop up every once in a while with gcloud compute ssh. gcloud compute ssh creates local user at first login. The account password has a default expiration of 90 days. If unable to login, you can try logging in as a different name (even a fictitious name) e.g. superheroes, etc. something unique.
gcloud compute ssh username@servername --zone us-central1-c --project project-id --internal-ip |
gcloud compute ssh username@servername --zone us-central1-c --project project-id --internal-ip
Once logged in, you can delete local users with expired passwords or perform other admin tasks.
userdel -r username |
userdel -r username
You can also try to run chage to adjust the password expiration.
chage -M 180 username (extends expiration from 90 to 180 days) |
chage -M 180 username (extends expiration from 90 to 180 days)
If you continue to have login issues, you can also delete Metadata SSH keys in both the instance and project levels.
Last resort you can use force key overwrite which will regenerate a new key and overwrite broken ssh keys.
gcloud compute ssh username@servername \ --force-key-file-overwrite \ --zone us-central1-c \ --project project-id \ --internal-ip |
gcloud compute ssh username@servername \ --force-key-file-overwrite \ --zone us-central1-c \ --project project-id \ --internal-ip
If you have trouble logging in (SSH) to your GCP instance, you may have to enable OS Login.
gcloud compute instances add-metadata server-name \ --metadata enable-oslogin=TRUE \ --zone us-central1-c \ --project project-id |
gcloud compute instances add-metadata server-name \ --metadata enable-oslogin=TRUE \ --zone us-central1-c \ --project project-id
When done, you can set it back to FALSE.
Here’s the command to authenticate as a service account.
gcloud auth activate-service-account --key-file=key.json |
gcloud auth activate-service-account --key-file=key.json
To log out.
gcloud auth revoke |
gcloud auth revoke
If you’re trying to access GCS (Google Cloud Storage) and you’re getting “Your credentials are invalid. Please run gcloud auth login”, you most likely have a previous key stored in the ~/.boto file. This happens if you previously configured gsutil with your own credentials, then switched over to Google SDK mode. To fix the invalid credentials, edit the ~/.boto file and comment out the auth key.
vim ~/.boto |
vim ~/.boto
Comment out.
#gs_oauth2_refresh_token = <token redacted> |
#gs_oauth2_refresh_token = <token redacted>
Rerun the gsutil ls command. It should work.
After logging in, I tried to run Terraform in GCP and received this error:
oauth2: cannot fetch token: 400 Bad Request |
oauth2: cannot fetch token: 400 Bad Request
Here’s the fix. Login using application-default.
gcloud auth application-default login |
gcloud auth application-default login
You can then Terraform.
terraform apply |
terraform apply
SCP is similar to the CP or copy command, but it’s done via a secure network.
Here’s a CP command.
cp /dir1/filename /dir2 |
cp /dir1/filename /dir2
You can use SCP to copy file to another system. It requires login.
scp /dir1/filename user@server:/home/user |
scp /dir1/filename user@server:/home/user
This is using SCP to copy a file from 2 remote systems.
scp user@host1:/home/user/dir1/file.txt user@host2:/home/user/dir2 |
scp user@host1:/home/user/dir1/file.txt user@host2:/home/user/dir2
Here’s how to login to GCP from Google SDK.
gcloud auth login |
gcloud auth login
You will then be taken to a page that you have successfully logged in.