google-compute-engine"/>
  • 15
name

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191

Backtrace:

File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

Strange thing's happening to me. I've set up Compute engine VM instance in gCloud. I've set up everything, including SFTP similar to as described at https://devtidbits.com/2011/06/29/implement-a-sftp-service-for-ubuntudebian-with-a-chrooted-isolated-file-directory/.

I've created 2 different users with different user IDs that belong to the same group (for the purposes of SFTP usage). Then I've created public/private SSH key pair for every user (as described at https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys).

Then I've tried two exactly same scenarios with same settings, just on 2 different levels - with setting metadata on project level (https://console.cloud.google.com/compute/metadata/sshKeys?project=PROJECT_ID) and with VM instance's keys on Edit instance page (instance level)(https://console.cloud.google.com/compute/instancesDetail/zones/europe-west1-b/instances/[INSTANCE_NAME]?project=[PROJECT_ID]&graph=GCE_CPU&duration=PT1H). Either of them should work.

With metadata on project level:

  1. I added first public key (let's say of User1) to project metadata and tried to connect with FileZilla with User1's username and private key. Everything worked fine.
  2. I added second public key (let's say of User2) and tried to connect with FileZilla with User2's username and private key. Everything worked fine.
  3. I tried to connect with FileZilla again with User1's username and private key. Got no connection (Error: Disconnected: No supported authentication methods available (server sent: publickey). Error: Could not connect to server)
  4. Deleted both public keys in gCloud settings.

With VM instance's keys on Edit instance page: - same scenario with no luck

  1. I added first public key (let's say of User1) to instance settings and tried to connect with FileZilla with User1's username and private key. Everything worked fine.
  2. I added second public key (let's say of User2) and tried to connect with FileZilla with User2's username and private key. Everything worked fine.
  3. I tried to connect with FileZilla again with User1's username and private key. Got no connection (Error: Disconnected: No supported authentication methods available (server sent: publickey). Error: Could not connect to server)
  4. Deleted both public keys in gCloud settings.

I've had FileZilla opened all the time (also tried with restarting FileZilla between steps 2 and 3) but problem still remains. Since every time I could've connected to SFTP with the user that I set up public key last, I don't see that FileZilla itself is the problem.

It's like I can't use more than one user. Really don't know what else can I do ... Any suggestions?

BTW, tried similar scenario by trying to connect to SSH with Putty, but again - every time I was able to connect just with the user that I set up public key in gCloud settings the last.

We concluded through this Google groups discussion, and after failing to reproduce this behavior, and then inspecting your use case, that this behavior is rather due to your custom configuration that you implemented in your Linux instance specifically by following this third party link in order to allow SFTP without shell (SSH) access with a “chroot’ed, isolated file directory”.

Per this document, since the guest environment does not modify non-Google managed user accounts, using both Google Compute Engine to manage SSH keys and manually adding users to the instance at the same time is not advisable and may cause conflicts. Furthermore, changing SSH daemon settings, and user home directories adds another complexity to it. The full summary of the discussion can be checked here.

  • 0
Reply Report

Warm tip !!!

This article is reproduced from Stack Exchange / Stack Overflow, please click

Trending Tags