在Google Cloud Platform上为其他帐户创建SSH密钥

Question

I have installed the Cloud SDK for Google Cloud. I've logged in using auth which redirected me to the gmail-login. Created the SSH key and even logged in by SFTP using Filezilla.

The problem is, when I log in using the gmail auth, SDK shell (or putty?) logs me into an account that is not admin. It has created another SSH user account (named 'Acer', after my pc) and logs me into it. Due to this, FTP starts at the /home/Acer folder. I want access to the /home/admin/web folder, but I don't have it now.

How can I create a SSH key for the admin account so that I can gain access to the folder mentioned above? Otherwise, is it possible to grant 'Acer' the permissions to access all the folders?

Answer 1

I have a few suggestions.

First a bit of background. If you run this command on your home workstation:

sudo find / -iname gcloud

You'll discover a gcloud configuration folder for each user on your home workstation. You'll probably see something like this:

/root/.config/gcloud
/home/Acer/.config/gcloud

If you change directory into /home/Acer/.config/gcloud/configurations you'll see a file named 'config_default'. This file will contain the default account to use for that user ('Acer').

Because you have performed gcloud auth login as that user, and during that process selected your gmail account, it will contain that gmail ID/account within the config file for that user. If you would like a user named 'admin' to log into your project, you could try adding a user named 'admin' to your home workstation, and then before attempting to use gcloud auth login , ensure you switch user on your home workstation to user 'admin'. This will generate a gcloud configuration on your home workstation for user admin, and propagate SSH keys etc.

If you want to create ssh keys manually there's some useful info here .

(For what it's worth, if you decide to use gcloud compute ssh to log into your instance home workstation, you can specify the user in the command you would like to log in as. For example gcloud compute ssh admin@INSTANCE_NAME ).

I want access to the /home/admin/web folder, but I don't have it now.

Even if you are logged into the machine as a different user (in this case 'Acer'), the folder /home/admin/web should still exist on the instance if it existed previously. If you land in folder /home/Acer have you tried changing directory to the folder above and then listing the folders to see if /home/admin/ exists?

For example, from /home/Acer run:

$ cd ..

then

$ ls

You should be able to see /home/admin/ .

Otherwise, is it possible to grant 'Acer' the permissions to access all the folders?

Yes this is also possible. If you access the instance as the project owner (the easiest way would be to log into the Console as the owner of the project and use the SSH functionality in the console to access the instance). Now you can run this command:

$ sudo chown Acer.Acer -R /home/admin/web

This will make user 'Acer' owner of directory /home/admin/web and all files/directories below it (thanks to the -R switch).

Now when you next access the instance as user 'Acer' you'll be able to access /home/admin/web by running the following and you'll also have read/write capabilities:

$ cd /home/admin/web