Instead of the GCP Console, you can reset Windows Server password via gcloud.
gcloud compute reset-windows-password server-name \ --zone us-central1-a \ --project project-id |
Username and password will generated.
cloud engineer
Instead of the GCP Console, you can reset Windows Server password via gcloud.
gcloud compute reset-windows-password server-name \ --zone us-central1-a \ --project project-id |
gcloud compute reset-windows-password server-name \ --zone us-central1-a \ --project project-id
Username and password will generated.
How to reset password of a GCP Compute Engine running on Windows OS.
gcloud compute reset-windows-password servername \ --zone us-central1-a \ --project your-project-id |
gcloud compute reset-windows-password servername \ --zone us-central1-a \ --project your-project-id
Output
This command creates an account and sets an initial password for the user [firstname_lastname] if the account does not already exist. If the account already exists, resetting the password can cause the LOSS OF ENCRYPTED DATA secured with the current password, including files and stored passwords. For more information, see: https://cloud.google.com/compute/docs/operating-systems/windows#reset Would you like to set or reset the password for [firstname_lastname] (Y/n)? y Resetting and retrieving password for [firstname_lastname] on [servername] Updated [https://www.googleapis.com/compute/v1/projects/your-project-id/zones/us-central1-a/instances/servername]. WARNING: Instance [servername] does not appear to have an external IP address, so it will not be able to accept external connections. To add an external IP address to the instance, use gcloud compute instances add-access-config. password: xxxxxxxxxxxxxxx username: firstname_lastname |
This command creates an account and sets an initial password for the user [firstname_lastname] if the account does not already exist. If the account already exists, resetting the password can cause the LOSS OF ENCRYPTED DATA secured with the current password, including files and stored passwords. For more information, see: https://cloud.google.com/compute/docs/operating-systems/windows#reset Would you like to set or reset the password for [firstname_lastname] (Y/n)? y Resetting and retrieving password for [firstname_lastname] on [servername] Updated [https://www.googleapis.com/compute/v1/projects/your-project-id/zones/us-central1-a/instances/servername]. WARNING: Instance [servername] does not appear to have an external IP address, so it will not be able to accept external connections. To add an external IP address to the instance, use gcloud compute instances add-access-config. password: xxxxxxxxxxxxxxx username: firstname_lastname
Allow shared key access only for one user in SSH.
Disable the password authentication for one user in your SSH config. Edit /etc/ssh/sshd_config.
Match User username PasswordAuthentication no |
Match User username PasswordAuthentication no
Restart the SSH service.
service ssh restart |
service ssh restart
Copy user’s public key to the destination server’s authorized file in ~/.ssh/authorized_keys.
ssh-rsa AAAAxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx <-- public key goes on for miles |
ssh-rsa AAAAxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx <-- public key goes on for miles
Back on your client, login via SSH. User will not be prompted for password since public key is already authorized on server.
ssh username@server |
ssh username@server
How to run MySQL commands in a Docker container.
#!/bin/bash set -a; source <(cat .env | sed -e '/^#/d;/^\s*$/d' -e "s/'/'\\\''/g" -e "s/=\(.*\)/='\1'/g"); set +a docker exec wp_db mysql -uroot -p${MYSQL_PASSWORD} -e " \ use db1; \ select * from wp_options where option_name='siteurl'; \ select * from wp_options where option_name='home';" 2>/dev/null |
#!/bin/bash set -a; source <(cat .env | sed -e '/^#/d;/^\s*$/d' -e "s/'/'\\\''/g" -e "s/=\(.*\)/='\1'/g"); set +a docker exec wp_db mysql -uroot -p${MYSQL_PASSWORD} -e " \ use db1; \ select * from wp_options where option_name='siteurl'; \ select * from wp_options where option_name='home';" 2>/dev/null
Here’s where the Wiki keeps its SSL certificate keys.
/etc/pki/tls/certs/yourdomain.crt /etc/pki/tls/private/yourdomain.key |
/etc/pki/tls/certs/yourdomain.crt /etc/pki/tls/private/yourdomain.key
In some cases, SSL needs to be converted so it doesn’t prompt you for a password if you restart Apache.
Conversion
openssl rsa -in /etc/pki/tls/private/yourdomain.key.new -out /etc/pki/tls/private/yourdomain.key.new_no_pass |
openssl rsa -in /etc/pki/tls/private/yourdomain.key.new -out /etc/pki/tls/private/yourdomain.key.new_no_pass
I changed password managers from LastPass to BitWarden the other day. Migrating your credentials requires exporting and importing a CSV file from one program to another. It was an easy transition. Everything seems to work. As you may be aware, LastPass decided to make their free account limited to just one device. Customers will need to choose which device to use, whether desktop or mobile. Not both. If you want it on multiple devices, you’ll need to fork up $3 per month. It is not that expensive, but there are other alternatives. A few recommend BitWarden. It will let you sync to all devices for free. It was an easy choice.
This is a very simple command to run. Login to MySQL first and run the following the command line.
ALTER USER username IDENTIFIED BY 'password'; |
ALTER USER username IDENTIFIED BY 'password';
Flush privileges for changes to take effect.
flush privileges; |
flush privileges;
Here’s the permission needed for an AWS user to manage their own IAM account. The policy allows them to view their own account information, change their own passwords, rotate access keys and certificates, and manage their own git credentials.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowViewAccountInfo", "Effect": "Allow", "Action": [ "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary" ], "Resource": "*" }, { "Sid": "AllowManageOwnPasswords", "Effect": "Allow", "Action": [ "iam:ChangePassword", "iam:GetUser" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnAccessKeys", "Effect": "Allow", "Action": [ "iam:CreateAccessKey", "iam:DeleteAccessKey", "iam:GetAccessKeyLastUsed", "iam:ListAccessKeys", "iam:UpdateAccessKey" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnSigningCertificates", "Effect": "Allow", "Action": [ "iam:DeleteSigningCertificate", "iam:ListSigningCertificates", "iam:UpdateSigningCertificate", "iam:UploadSigningCertificate" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnSSHPublicKeys", "Effect": "Allow", "Action": [ "iam:DeleteSSHPublicKey", "iam:GetSSHPublicKey", "iam:ListSSHPublicKeys", "iam:UpdateSSHPublicKey", "iam:UploadSSHPublicKey" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnGitCredentials", "Effect": "Allow", "Action": [ "iam:CreateServiceSpecificCredential", "iam:DeleteServiceSpecificCredential", "iam:ListServiceSpecificCredentials", "iam:ResetServiceSpecificCredential", "iam:UpdateServiceSpecificCredential" ], "Resource": "arn:aws:iam::*:user/${aws:username}" } ] } |
{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowViewAccountInfo", "Effect": "Allow", "Action": [ "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary" ], "Resource": "*" }, { "Sid": "AllowManageOwnPasswords", "Effect": "Allow", "Action": [ "iam:ChangePassword", "iam:GetUser" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnAccessKeys", "Effect": "Allow", "Action": [ "iam:CreateAccessKey", "iam:DeleteAccessKey", "iam:GetAccessKeyLastUsed", "iam:ListAccessKeys", "iam:UpdateAccessKey" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnSigningCertificates", "Effect": "Allow", "Action": [ "iam:DeleteSigningCertificate", "iam:ListSigningCertificates", "iam:UpdateSigningCertificate", "iam:UploadSigningCertificate" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnSSHPublicKeys", "Effect": "Allow", "Action": [ "iam:DeleteSSHPublicKey", "iam:GetSSHPublicKey", "iam:ListSSHPublicKeys", "iam:UpdateSSHPublicKey", "iam:UploadSSHPublicKey" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnGitCredentials", "Effect": "Allow", "Action": [ "iam:CreateServiceSpecificCredential", "iam:DeleteServiceSpecificCredential", "iam:ListServiceSpecificCredentials", "iam:ResetServiceSpecificCredential", "iam:UpdateServiceSpecificCredential" ], "Resource": "arn:aws:iam::*:user/${aws:username}" } ] }