Login / SSH problems

MauroS · 01-19-2023 07:51 AM

Hi,

I cannot log with a different account on a VM already running.

Can someone explain the meaning of this error message (in Italian)?

«Non disponi di autorizzazioni sufficienti per connetterti a questa istanza tramite SSH. Devi disporre della seguente autorizzazione IAM: compute.instances.setMetadata. »

Roughly transl:

You have not enough autorizations to be connected to this instance through SSH. You need to the following authorization IAM: compute.instances.setMetadata.

Thanks

DamianS

Hi,

It means, that you user does not have this policy assigned to account ( or to be more clear, IAM role does not have role with this policy). It means, that you are not able to store ssh keys in VM metadata. Grab useful link about that :

https://cloud.google.com/compute/docs/access/iam#the_serviceaccountuser_role

best,
DamianS

MauroS

Hi,

thank you for the quick answer.

The odd is that with the first account I have full access and I have any problem with the login. With a second account with the same authorizations and permits (it's the same as the first one) the acces is denied.

Can't explain that.

Thanks

DamianS

Indeed odd.

1.Did you've tried Policy Analyzer and comparison those two users ? Maybe somewhere policies are misconfigured.
2. Maybe second user is not able to obtain permissions from service account assigned to VM?
3. Check if this is set :
enable-oslogin
https://cloud.google.com/compute/docs/oslogin/set-up-oslogin#enable_oslogin