Instead of the GCP Console, you can reset Windows Server password via gcloud.
gcloud compute reset-windows-password server-name \ --zone us-central1-a \ --project project-id |
Username and password will generated.
password
GCP Reset Windows Password
How to reset password of a GCP Compute Engine running on Windows OS.
gcloud compute reset-windows-password servername \ --zone us-central1-a \ --project your-project-id |
Output
This command creates an account and sets an initial password for the user [firstname_lastname] if the account does not already exist. If the account already exists, resetting the password can cause the LOSS OF ENCRYPTED DATA secured with the current password, including files and stored passwords. For more information, see: https://cloud.google.com/compute/docs/operating-systems/windows#reset Would you like to set or reset the password for [firstname_lastname] (Y/n)? y Resetting and retrieving password for [firstname_lastname] on [servername] Updated [https://www.googleapis.com/compute/v1/projects/your-project-id/zones/us-central1-a/instances/servername]. WARNING: Instance [servername] does not appear to have an external IP address, so it will not be able to accept external connections. To add an external IP address to the instance, use gcloud compute instances add-access-config. password: xxxxxxxxxxxxxxx username: firstname_lastname |
Allow Key Access for user in SSH
Allow shared key access only for one user in SSH.
Disable the password authentication for one user in your SSH config. Edit /etc/ssh/sshd_config.
Match User username PasswordAuthentication no |
Restart the SSH service.
service ssh restart |
Copy user’s public key to the destination server’s authorized file in ~/.ssh/authorized_keys.
ssh-rsa AAAAxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx <-- public key goes on for miles |
Back on your client, login via SSH. User will not be prompted for password since public key is already authorized on server.
ssh username@server |
Run MySQL in a Docker container
How to run MySQL commands in a Docker container.
#!/bin/bash set -a; source <(cat .env | sed -e '/^#/d;/^\s*$/d' -e "s/'/'\\\''/g" -e "s/=\(.*\)/='\1'/g"); set +a docker exec wp_db mysql -uroot -p${MYSQL_PASSWORD} -e " \ use db1; \ select * from wp_options where option_name='siteurl'; \ select * from wp_options where option_name='home';" 2>/dev/null |
- The first command loads the content of .env to environment variables.
- The MySQL password can then be used using the ${MYSQL_PASSWORD} variable.
- I’m using sed to get around the special characters in the password.
- The second command runs docker exec on wp_db container.
- The last 3 commands are the actual sql commands.
- We are selecting to use the db1 database.
- Then we run select statements from the wp_options table.
- Finally, 2>/dev/null suppresses errors and warning to null.
Wiki SSL Certificate Location
Here’s where the Wiki keeps its SSL certificate keys.
/etc/pki/tls/certs/yourdomain.crt /etc/pki/tls/private/yourdomain.key |
In some cases, SSL needs to be converted so it doesn’t prompt you for a password if you restart Apache.
Conversion
openssl rsa -in /etc/pki/tls/private/yourdomain.key.new -out /etc/pki/tls/private/yourdomain.key.new_no_pass |
BitWarden
I changed password managers from LastPass to BitWarden the other day. Migrating your credentials requires exporting and importing a CSV file from one program to another. It was an easy transition. Everything seems to work. As you may be aware, LastPass decided to make their free account limited to just one device. Customers will need to choose which device to use, whether desktop or mobile. Not both. If you want it on multiple devices, you’ll need to fork up $3 per month. It is not that expensive, but there are other alternatives. A few recommend BitWarden. It will let you sync to all devices for free. It was an easy choice.
Change MySQL User Password
This is a very simple command to run. Login to MySQL first and run the following the command line.
ALTER USER username IDENTIFIED BY 'password'; |
Flush privileges for changes to take effect.
flush privileges; |
AWS IAM Self Manage Policy
Here’s the permission needed for an AWS user to manage their own IAM account. The policy allows them to view their own account information, change their own passwords, rotate access keys and certificates, and manage their own git credentials.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowViewAccountInfo", "Effect": "Allow", "Action": [ "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary" ], "Resource": "*" }, { "Sid": "AllowManageOwnPasswords", "Effect": "Allow", "Action": [ "iam:ChangePassword", "iam:GetUser" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnAccessKeys", "Effect": "Allow", "Action": [ "iam:CreateAccessKey", "iam:DeleteAccessKey", "iam:GetAccessKeyLastUsed", "iam:ListAccessKeys", "iam:UpdateAccessKey" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnSigningCertificates", "Effect": "Allow", "Action": [ "iam:DeleteSigningCertificate", "iam:ListSigningCertificates", "iam:UpdateSigningCertificate", "iam:UploadSigningCertificate" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnSSHPublicKeys", "Effect": "Allow", "Action": [ "iam:DeleteSSHPublicKey", "iam:GetSSHPublicKey", "iam:ListSSHPublicKeys", "iam:UpdateSSHPublicKey", "iam:UploadSSHPublicKey" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnGitCredentials", "Effect": "Allow", "Action": [ "iam:CreateServiceSpecificCredential", "iam:DeleteServiceSpecificCredential", "iam:ListServiceSpecificCredentials", "iam:ResetServiceSpecificCredential", "iam:UpdateServiceSpecificCredential" ], "Resource": "arn:aws:iam::*:user/${aws:username}" } ] } |