I have Install SDK then log in (gcloud auth login). I can't log in SSH VM google cloud?
with message "CommandError: Logging into instances as root is not recommended. If you actually wish to log in as root, you must provide the --permit_root_ssh flag."
how to log in SSH root??
I can not log in to the VM Instances. I look login VM Instances https://developers.google.com/compute/docs/quickstart#setup
$gcutil ssh
then message "CommandError: Logging into instances as root is not recommended. If you actually wish to log in as root, you must provide the --permit_root_ssh flag."
I have log in
ssh ..
Massage" Host key verification failed."
So how to log
You usually don't login as root to your GCE instances. Instead, you log in as an unprivileged user, and then use sudo when root privileges are required.
You probably want to run the gcutil tools as a non-privileged (i.e. not root) user on your local machine. The default GCE image is designed to encourage running only the commands you need to as root, and disables root login by default.
If you decide you want to login in directly as root, there are (brief) instructions at the above link.
Related
I've successfully connected to a Google Cloud MySQL instance using GAS and JDBC. As a sanity check, I also connected to a MySQL instance on a free hosting site. Despite these successful connections, I can't seem to do this with a MySQL instance on Google Compute Engine using the following command:
var conn = Jdbc.getConnection("jdbc:mysql://11.111.111.111:3306/myDBName",user,pwd),
where 11.111.111.111 is the external IP address that I retrieved from the Google Cloud Platform page for my VM instance.
Note that I've mainly worked with local instances of databases so I might be missing something obvious here. I'm wondering if I don't understand something about how to use the server? Am I supposed to use an IP address other than the external IP provided by Google? Below are the things that I've thought through to try to solve this.
Establish MySQL user
Here's how I setup the user in MySQL:
CREATE USER 'user'#'localhost' IDENTIFIED BY 'pwd';
GRANT ALL PRIVILEGES ON * . * TO 'user'#'localhost';
FLUSH PRIVILEGES;
When that didn't work, I tried:
CREATE USER 'user'#'%' IDENTIFIED BY 'pwd';
GRANT ALL PRIVILEGES ON * . * TO 'user'#'%';
FLUSH PRIVILEGES;
I did double-check that I can login via the command line using the user/pwd credentials.
MySQL install
I used Google's instructions for how to install MySQL on Compute Engine (Ubuntu).
I double-checked that I'm using MySQL 5.7 since it seems up to 5.7 is supported by GAS JDBC.
mysql --version returns mysql Ver 14.14 Distrib 5.7.36, for Linux (x86_64).
Port
I used sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf to check the port, and it is 3306. I also enabled port forwarding on my VM instance.
config file
In mysqld.cnf, I changed
bind-address = 127.0.0.1 to bind-address = 0.0.0.0. There was no line for skip-networking to comment out. After making edits, I restarted the service using sudo systemctl restart mysql.
IP addresses
When I look in the firewall section for my VM, I only see two filtered IP addresses: 10.128.0.0/9 and 0.0.0.0/0.
Also, I tried sudo ufw allow 3306, which didn't help me connect either.
I know that Google says to whitelist IP addresses but the instructions that they give for external databases are actually for Cloud SQL. I'm not sure what to do with that info or if it's necessary since I was able to connect to other databases all under the same Google account.
I have created 2 Ubuntu 20.04 VMs using VirtualBox. I have a Django App on one VM and MySQL DB on the other VM. How do I access the MySQL DB using the first VM?
I used the inet from the output of ifconfig for the IP Address
What I tried:
On the VM having MySQL DB:
-> Change the 'bind_adress' field to '0.0.0.0' in '/etc/mysql/mysql.conf.d/mysqld.cnf'
-> Created a new user using CREATE USER 'test'#'IP_Address1' IDENTIFIED BY 'password';
-> Ran "sudo ufw allow from IP_Address1 to any port 3306"
On the VM having the Django App:
-> Tried to connect to the Virtual Machine using mysql -u 'test' -h 'IP_ADDRESS2' -p
The error I'm getting:
"Unknown MySQL host 'address'"
PS:
I created a NAT network on VirtualBox using File->Preference->Network and attached both the VMs to the network and set Promiscuous Mode to "Allow All"
How or where are you defining IP_Address1 and IP_ADDRESS2?
Specifically, your DB machine needs to know what the IP address of the client machine is when you use your CREATE USER query. So, IP_Address1 must be "known" to that machine. Maybe you just hid the IP address when you posted the question, but it might be easier to use actual IP addresses in both cases until you get connectivity.
For example, if your DB machine is 172.18.1.1 and your client machine is 172.18.1.2, then you should use those IP addresses in your commands listed above
Created a new user using
"CREATE USER 'test'#'172.18.1.2' IDENTIFIED BY 'password';"
...here you're defining the IP address of the client connection.
Then in the client machine:
"mysql -u 'test' -h '172.18.1.1' -p"
...here, telling the client the IP address of the DB machine
More importantly, you might also have to expose the DB to the local network in its configuration settings. You'll also have to deal with any routing issues if the two machines are not on the same local subnet.
There are several articles describing how to configure MySQL for network access, such as: https://www.digitalocean.com/community/tutorials/how-to-allow-remote-access-to-mysql
What have you tried? Can you connect from the command line on the .5 machine? There's a mysql command line tool you can use to connect, which might give you some more information, or have you looked at the MySQL logs to see what it's unhappy about?
It could be something like a permissions issue for the user - creating a user alone is not enough to allow them access to database resources. Maybe try something like:
GRANT ALL ON Database.* TO test#'172.25.1.5' IDENTIFIED BY 'PASSWORD';
I was assuming you had configured the various permissions on the database and were only seeing connectivity issues, but from your responses, it's not clear.
Basically, you need to isolate whether the problem is a user permission issue, an IP restriction issue, a VM issue, a coding issue with your app or something else.
Please provide more feedback about what you've tried if you're still struggling, but this could be one of a number of issues.
I am using "mysql -u root -p" command to start mysql but I am getting error as:
Access denied for user 'root'#localhost''
I always have to use sudo to to launch it. Other applications start normally. How do I get around it? I am doing jdbc connection (java). Mysql doesn't give access to database in java. I think requiring sudo command is the problem.
System:
Ubuntu 18.04 LTS dual booted with Windows 10.
I always have to use sudo to to launch it
No. You need to use sudo to get the client to authenticate against the server.
The reason for this is that recent versions of MySQL (and MariaDB, PerconaDB) use SO_PEERCRED to very that the username asserted in the connection string (root) is the same user as started the client (this makes use of a password somewhat redundant).
Since SO_PERRCRED only works on filesystem sockets (AF_UNIX) you may be able to bypass the constraint by connecting via a network socket, e.g.
mysql -h 127.0.0.1 -u root -p
But do be aware that MySQL typically has separate user records for connections via network (host != 'localhost') and filesystem (host='localhost') sockets.
But as per the question #Ciarambola flagged, 'root' is a special case and should not be used for routine access - you should create a new user.
Mysql doesn't give access to database in java
You should never use an admin account as the embedded credentials in an application. If you make that account with the same name as your user you won't need to use sudo when you connect to 'localhost'.
Today I have create a Debian instance on gce. when I try to copy a file as root I get the following message:
Permission denied (publickey).
lost connection
On another instance create a few months ago I able to copy-file with root.
The command used is the following:
gcloud compute copy-files test/test.txt root#test:/opt/ --project p-id --zone z
For security reasons, newer VM images don't allow direct log-in as root via SSH. You can log in as a non-root user, which will have sudo permissions, and set up root-user SSH yourself, though this is not recommended. Instead, copy the file over to a non-privileged location and use the gcloud compute ssh as a non-root user and the sudo command to move the file where it needs to be.
When creating a new project, on the final step gitlab give me instructions to setup my repo, but the URL to the repo don't work. For instance, to add remote branch, I got:
git remote add origin git#git.srv.com:root/home.git
Note: My gitlab instance is running on a virtual machine whom host forward SSH's requests on port 1122 to the VM's port 22. So locally gitlab is reach on port 22.
Given URL doesn't work
Pushing
Keep asking for password. Neither my SSH passphrase nor my account's password works:
git push -u manu master
Password:
Password:
Password:
Permission denied (publickey,keyboard-interactive).
fatal: The remote end hung up unexpectedly
Cloning
Same here, keep prompting for password:
git clone git#git.srv.com:1122/root/home.git
Cloning into 'home'...
Password:
Fixing the URL (add protocol and port)
If I simply add a ssh:// prefix and the port to the server (:1122/) everything work smoothly:
git remote add manu ssh://git#git.srv.com:1122/root/home.git
The surest way to debug this kind of ssh access is to launch an sshd -d session on the server and see the output (it is a one-time debug connection).
Note that git#git.srv.com:root/home.git is an url using an scp syntax, which means you have a ~/.ssh/config file, with an entry named git.srv.com, which can reference your private key (IdentityFile), as in this question for instance.
You can also check its content to see if it does contain the right value (including the right Port)