I want to open a an ssh session to my GCP VM instances using gcloud, but I seem to have problems because of my http proxy server.
After installing the google-cloud-sdk in Ubuntu I ran
gcloud into --run-diagnostics which failed with an error message
Checking network connection...done.
ERROR: Reachability Check failed.
Cannot reach https://www.google.com (SSLHandshakeError)
Cannot reach https://accounts.google.com (SSLHandshakeError)
Cannot reach https://dl.google.com/dl/cloudsdk/channels/rapid/components-2.json (SSLHandshakeError)
Network connection problems may be due to proxy or firewall settings.
I can see some people had similar issues and as a workaround needed to place their internal CA in the cacerts.txt file presumable in ```/usr/lib/google-cloud-sdk/lib/third_party/httplib2/python3/httplib2``
http_proxy is set to my proxy server
>echo $http_proxy
http://proxy.server.domain.com:8080
When I run this command gcloud info --run-diagnostics --verbosity=debug --log-http I get an error
"error": {
"code": 401,
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"status": "UNAUTHENTICATED"
}
My Ubuntu 18.04 runs in the Linux Subsystem for Windows 10.
Here is the full session info:
>gcloud info --run-diagnostics --verbosity=debug --log-http
DEBUG: Running [gcloud.info] with arguments: [--log-http: "true", --run-diagnostics: "True", --verbosity: "debug"]
Network diagnostic detects and fixes local network connection issues.
Checking network connection...=======================
==== request start ====
uri: https://www.google.com
method: GET
== headers start ==
user-agent: gcloud/242.0.0 command/gcloud.info invocation-id/eb1baa5e0f47440c8dc896aea08d15ff environment/None environment-version/None interactive/True from-script/False python/2.7.15rc1 term/xterm-256color (Linux 4.4.0-17134-Microsoft)
== headers end ==
== body start ==
== body end ==
==== request end ====
=======================
==== request start ====
uri: https://accounts.google.com
method: GET
== headers start ==
user-agent: gcloud/242.0.0 command/gcloud.info invocation-id/cd0d8a31ff1846bfa8d5c9c38234b59c environment/None environment-version/None interactive/True from-script/False python/2.7.15rc1 term/xterm-256color (Linux 4.4.0-17134-Microsoft)
== headers end ==
== body start ==
== body end ==
==== request end ====
Checking network connection...⠛=======================
==== request start ====
uri: https://cloudresourcemanager.googleapis.com/v1beta1/projects
method: GET
== headers start ==
user-agent: gcloud/242.0.0 command/gcloud.info invocation-id/64ab6960448d463cafdc317978f418cc environment/None environment-version/None interactive/True from-script/False python/2.7.15rc1 term/xterm-256color (Linux 4.4.0-17134-Microsoft)
== headers end ==
== body start ==
== body end ==
==== request end ====
Checking network connection...⠶---- response start ----
-- headers start --
-content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private
content-length: 304
content-type: application/json; charset=UTF-8
date: Thu, 18 Apr 2019 00:12:09 GMT
server: ESF
server-timing: gfet4t7; dur=620
status: 401
transfer-encoding: chunked
vary: Origin, X-Origin, Referer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
-- headers end --
-- body start --
{
"error": {
"code": 401,
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"status": "UNAUTHENTICATED"
}
}
-- body end --
total round trip time (request+response): 0.733 secs
---- response end ----
----------------------
=======================
==== request start ====
uri: https://www.googleapis.com/auth/cloud-platform
method: GET
== headers start ==
user-agent: gcloud/242.0.0 command/gcloud.info invocation-id/50be4ffdf73848c5a6a922809c6dd1cf environment/None environment-version/None interactive/True from-script/False python/2.7.15rc1 term/xterm-256color (Linux 4.4.0-17134-Microsoft)
== headers end ==
== body start ==
== body end ==
==== request end ====
Checking network connection...⠧---- response start ----
-- headers start --
-content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=0
content-length: 14
content-location: https://www.googleapis.com/auth/cloud-platform
content-type: text/plain
date: Thu, 18 Apr 2019 00:12:09 GMT
expires: Thu, 18 Apr 2019 00:12:09 GMT
server: GSE
status: 200
transfer-encoding: chunked
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
-- headers end --
-- body start --
cloud-platform
-- body end --
total round trip time (request+response): 0.119 secs
---- response end ----
----------------------
=======================
==== request start ====
uri: https://dl.google.com/dl/cloudsdk/channels/rapid/components-2.json
method: GET
== headers start ==
user-agent: gcloud/242.0.0 command/gcloud.info invocation-id/889d0c5e54df432eaa86e2f0641f2533 environment/None environment-version/None interactive/True from-script/False python/2.7.15rc1 term/xterm-256color (Linux 4.4.0-17134-Microsoft)
== headers end ==
== body start ==
== body end ==
==== request end ====
Checking network connection...done.
ERROR: Reachability Check failed.
Cannot reach https://www.google.com (SSLHandshakeError)
Cannot reach https://accounts.google.com (SSLHandshakeError)
Cannot reach https://dl.google.com/dl/cloudsdk/channels/rapid/components-2.json (SSLHandshakeError)
Network connection problems may be due to proxy or firewall settings.
Current effective Cloud SDK network proxy settings:
type = http
host = proxy.server.domain.com
port = 8080
username = None
password = None
What would you like to do?
[1] Change Cloud SDK network proxy properties
[2] Clear all gcloud proxy properties
[3] Exit
Please enter your numeric choice: 3
ERROR: Network diagnostic failed (0/1 checks passed).
Property diagnostic detects issues that may be caused by properties.
Checking hidden properties...done.
Hidden Property Check passed.
Property diagnostic passed (1/1 checks passed).
INFO: Explicit Display.
DEBUG: SDK update checks are disabled.
Update: After running
gcloud config set auth/disable_ssl_validation True
I may be able to get past this issue. But then I get this error:
DEBUG: Running [gcloud.info] with arguments: [--run-diagnostics: "True", --verbosity: "debug"]
Network diagnostic detects and fixes local network connection issues.
Checking network connection...
.........done.
Reachability Check passed.
Network diagnostic passed (1/1 checks passed).
Property diagnostic detects issues that may be caused by properties.
Checking hidden properties...
done.
ERROR: Hidden Property Check failed.
The following hidden properties have been set:
[auth/disable_ssl_validation]
Properties files
User: /home/<USER>/.config/gcloud/configurations/config_default
Installation: /usr/lib/google-cloud-sdk/properties
ERROR: Property diagnostic failed (0/1 checks passed).
INFO: Explicit Display.
DEBUG: SDK update checks are disabled.
