On say instance-1, I first logged in through Google Cloud web interface ssh, this automatically created a user user1 with uid of 1000 and gid of 1001.

I later logged in via gcloud cli interface, this automatically created a second user user2 with uid of 1001 and gid of 1002.

I needed all first users across all vm instances to say user2 with uid of 1000 and gid of 1001, so I manually edited /etc/passwd and swapped the uid and gid for user1 and user2. I forget to update gid in /etc/group.

Now I can't ssh into instance-1  either through gcloud or through web interface (permission denied: public key). The ssh server is set to be passwordless, public key authentication only, and no root login. None of the accounts have passwords anyway. Is there anyway to rescue this instance? It's a testing server with a small web app prototype on it that's easy to recreate, so it's not a huge deal if I lose it, but I'd rather avoid that pain.

I also don't understand why this happened because I didn't change the home folder for the account and the ~/.ssh/authorized_keys file should stay intact.

Thanks!

Edit: I think I understand what happened. By changing the uid, the user loses access to their home folder since now the owner uid is different, and in particular the private key file, which is only visible to the owner with the same uid. So if the public key can't be matched with the now inaccessible private key, then authentication fails. Because there's no home folder switch, neither account now has any access to a private key due to uid mismatch. I assume that the virtual drive is encrypted so you can't even hex edit out of this mess. I guess there's no way to salvage this situation unless Google has any backdoor installed.