Today I have create a Debian instance on gce. when I try to copy a file as root I get the following message:
Permission denied (publickey).
lost connection
On another instance create a few months ago I able to copy-file with root.
The command used is the following:
gcloud compute copy-files test/test.txt root#test:/opt/ --project p-id --zone z
For security reasons, newer VM images don't allow direct log-in as root via SSH. You can log in as a non-root user, which will have sudo permissions, and set up root-user SSH yourself, though this is not recommended. Instead, copy the file over to a non-privileged location and use the gcloud compute ssh as a non-root user and the sudo command to move the file where it needs to be.
Related
After a new installation of MySQL on WSL linux distribution a whole sequence of issues ocurred. Solutions are described on different posts, but I thought it would be good to have them on one place, since it concerns clean new installations of both mysql and WSL on a new Windows 11 PC, without any previous configuration changes, so 100% reproducible with the given versions. I followed the installation manuals for WSL and mysql expecting this would work out-of-the-box. My intention was to run MySQL instance on WSL and connect to it from MySQL Workbench running on the hosting Windows. Below is description of steps I've performed and how I solved the issues which occurred. Maybe it helps someone in the same scenario, or maybe someone can propose better solutions.
WSL installation
On a (new) Windows 11 PC, executed PowerShell command:
wsl --install -d Ubuntu
This installed Ubuntu 22.04.1 LTS
In the distribution set up username/password and performed necessary updates and upgrades according to https://learn.microsoft.com/en-us/windows/wsl/install.
MySQL installation
According to https://learn.microsoft.com/en-us/windows/wsl/tutorials/wsl-database
$ sudo apt install mysql-server
This installed:
mysql Ver 8.0.31-0ubuntu0.22.04.1 for Linux on x86_64 ((Ubuntu))
Tried to start the instance:
$ sudo /etc/init.d/mysql start
Following warning was reported during the instance startup:
su: warning: cannot change directory to /nonexistent: No such file or directory
MySQL uses a user named 'mysql' who has '/nonexistent' set up as the home directory after installation. The home directory is registered in the file '/etc/passwd'. When you open the file in an editor, you will see the line for 'mysql' user with the '/nonexistent:' directory.
mysql:x:108:117:MySQL Server,,,:/nonexistent:/bin/false
This directory has to be changed to an existing one, e.g.: '/var/lib/mysql'. For this the instance must be stopped first:
$ sudo /etc/init.d/mysql stop
Then the home directory can be set with the command:
$ sudo usermod -d /var/lib/mysql/ mysql
After this the instance will start without the previous warining, but the following error appeared:
Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (13)
To solve this error, find where the mentioned mysqld.sock file is located. Do not stop the instance before running the command:
$ sudo find / -type s
Find the file in the output, in my case it was: '/run/mysqld/mysqld.sock'.
Find 'my.cnf' file under '/etc', in my case: '/etc/mysql/my.cnf'. Edit this file, do not use the Windows notepad.exe, but better notepad++, in order not to change the encoding, or add extra '.txt' extension.
Add following lines at the end of the file, using the exact file location:
[mysql]
socket=/run/mysqld/mysqld.sock
I have searched for references to '/var/run' path in other .cnf files under '/etc/mysql' directory and changed them to '/run', because the '/var/run' does not exist on my distribution.
After this step, the instance can be started without any errors, or warnings.
Set up MySQL root user
While is was possible to start mysql with:
$ sudo mysql
There attempt to access the instance with the root user:
$ mysql -u root -p
Resulted in error:
Access denied for user 'root'#'localhost' (using password: NO)
The user was pre-created during installation without password, but yet cannot access the instance. To fix this issue, the 'root' user needs to be re-created:
$ sudo mysql
mysql> drop user 'root'#'localhost';
mysql> create user 'root'#'localhost' identified by '' ;
mysql> grant all privileges on *.* to 'root'#'localhost' WITH GRANT OPTION;
mysql> flush privileges;
Connect from Workbench running on Windows
For connecting to Workbench, I've tried to use previously configured 'root' user without password.
First the IP address of WSL needs to be detected. One way is to install net-tools and use ifconfig command:
$ sudo apt install net-tools
$ ifconfig
Then, the IP address can be seen under <BROADCAST, RUNNING, MULTICAST> section in the output:
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.114.54 netmask 255.255.240.0 broadcast 192.168.127.255
Here it was 192.168.114.54
Simpler way is to get this address from Windows PowerShell command:
wsl hostname -I
Using this address from Workbench resulted in error connecting to the server. I've solved this problem by changing the 'bind-address' setting found in the '/etc/mysql/mysql.conf.d/mysqld.cnf' file. This was previously set to 127.0.0.1. It had to be changed to:
bind-address=0.0.0.0
After this step, connection attempt from Workbench resulted in access error for the 'root' user, but it confirmed, that server was now accessible:
Failed to Connect to MySQL at 192.168.114.54:3306 with user root
Access denied for user 'root'#'192.168.112.1'
Problem with the 'root' user accessing the instance was, that each MySQL user is bound to a specific host. In my case the 'root' was bound to 'localhost'. I needed to create a new 'root' user bound to '192.168.112.1':
mysql> create user 'root'#'192.168.112.1' identified by '';
mysql> grant all privileges on . to 'root'#'192.168.112.1' WITH GRANT OPTION;
mysql> flush privileges;
After this step I could connect to MySQL instance from Workbench running on the hosting Windows without errors.
I've been trying out all solutions mentioned in google for this problem to no avail. This website is built using bitnami wordpress stack in AWS. All I want to do is to log slow query. I only have wp-config user credentials to login in to mysql. But with this access I cannot run SET GLOBAL slow_query_log = 'ON';
as it requires super user privilege.
To my understanding, unless I login as root user and assign the privilege to this user or run the command as root user itself no other workaround to get this sorted.
Problem is, no password for root. Maybe it's configured without password when it was first installed (mysql).
I checked this file for password but found none.
/opt/bitnami/mysql/my.cnf
I can't view the mysql log too (permission denied)
/opt/bitnami/mysql/data/mysqld.log
I dont find the password in aws->instance settings -> get system log
I tried resetting password as mentioned here. https://community.bitnami.com/t/unable-to-reset-mysql-root-password/44360/3
mysql stops but stuck at starting in safe mode forever usin below commands:
$ sudo /opt/bitnami/ctlscript.sh stop mysql
$ sudo /opt/bitnami/mysql/bin/mysqld_safe --skip-grant-tables
How do I enable the slow query log now or get root password or reset it?
Hi Bitnami Engineer here,
The root's password of the database is the same one the instance configures for WordPress during the boot process. That means that if you have not changed the WordPress' admin password, both passwords are the same now.
You can open the bitnami_credentials file in the home folder of the bitnami user to obtain the password the instance used during the configuration process.
cat /home/bitnami/bitnami_credentials
After that, just run the mysql command to access the database
mysql -u root -p
I think I have locked myself out of my VM.
I have access as a low priv user I have created but the user can't sudo.
When I do SSH->Open in browser window I get a promp asking for a password which I have never set.
Any way to reset root password from the GCP Console?
Thanks, Pavel
To reset a root password for your GCP VM you need to grant appropriate IAM roles to your user to use sudo command. There is a similar post here. You can use the command 'sudo passwd' to change the password as suggested in that post.
Answering yout question you could simple run sudo commands using a startup script as the script would run as a root user, and then add your user in sudoers with sudo usermod -aG sudo, reference.
However, you could add a IAM role to your user in order to have admin access to a GCE VM, for example the roles/compute.instanceAdmin.v1, reference.
I am using "mysql -u root -p" command to start mysql but I am getting error as:
Access denied for user 'root'#localhost''
I always have to use sudo to to launch it. Other applications start normally. How do I get around it? I am doing jdbc connection (java). Mysql doesn't give access to database in java. I think requiring sudo command is the problem.
System:
Ubuntu 18.04 LTS dual booted with Windows 10.
I always have to use sudo to to launch it
No. You need to use sudo to get the client to authenticate against the server.
The reason for this is that recent versions of MySQL (and MariaDB, PerconaDB) use SO_PEERCRED to very that the username asserted in the connection string (root) is the same user as started the client (this makes use of a password somewhat redundant).
Since SO_PERRCRED only works on filesystem sockets (AF_UNIX) you may be able to bypass the constraint by connecting via a network socket, e.g.
mysql -h 127.0.0.1 -u root -p
But do be aware that MySQL typically has separate user records for connections via network (host != 'localhost') and filesystem (host='localhost') sockets.
But as per the question #Ciarambola flagged, 'root' is a special case and should not be used for routine access - you should create a new user.
Mysql doesn't give access to database in java
You should never use an admin account as the embedded credentials in an application. If you make that account with the same name as your user you won't need to use sudo when you connect to 'localhost'.
I have Install SDK then log in (gcloud auth login). I can't log in SSH VM google cloud?
with message "CommandError: Logging into instances as root is not recommended. If you actually wish to log in as root, you must provide the --permit_root_ssh flag."
how to log in SSH root??
I can not log in to the VM Instances. I look login VM Instances https://developers.google.com/compute/docs/quickstart#setup
$gcutil ssh
then message "CommandError: Logging into instances as root is not recommended. If you actually wish to log in as root, you must provide the --permit_root_ssh flag."
I have log in
ssh ..
Massage" Host key verification failed."
So how to log
You usually don't login as root to your GCE instances. Instead, you log in as an unprivileged user, and then use sudo when root privileges are required.
You probably want to run the gcutil tools as a non-privileged (i.e. not root) user on your local machine. The default GCE image is designed to encourage running only the commands you need to as root, and disables root login by default.
If you decide you want to login in directly as root, there are (brief) instructions at the above link.