So simple enough question.
I am adding a new account to my compute engine.
I have added the user and the roles and all that fun stuff.
Now I am wanting to add the ssh key, which I am doing by running gcloud compute os-login ssh-keys add --key-file .....
this works fine, it creates the correct information and everything like that and I can login correctly with ssh, however, the username is really long and annoying. I understand that it is generated by the email address, but this is just plain ugly and will get really annoying to type out each time I need to do something username based.
Is there anyway to change this, so instead of it being ext_matthias_email_com it's just matthias without having to add the 'ssh key' as meta data to the server?
thanks all
While using OS Login, you can use username instead of username_domain.com for your G Suite organization, and you can't change it if you're an individual customer.
Usually, if you follow documentation Setting up OS Login, after enabling OS Login you'll get something like this:
$ gcloud compute ssh os-login-instance-1
...
username_domain_com@os-login-instance-1:~$ whoami
username_domain_com
As it was expected, full e-mail address was transformed and all dots and special characters was replaced by an underscore accordingly to the documentation, and the main reason for it is uniqueness:
If a username is not set by a G Suite administrator, OS Login generates a default Linux username by combining the username and domain from the email associated with the user's Google profile. This naming convention ensures uniqueness. For example, if the user email associated with the Google profile is
user@example.com, then their generated username isuser_example_com.
username@domain.com becomes -> username_domain_com
To change username_domain_com to username accordingly to documentation you should have G Suite organization:
G Suite organizations can optionally change their default to remove the domain suffix for newly generated usernames. For example, if the user email associated with the Google profile is
user@example.com, then their generated username isuser. For more information, see Managing the OS Login API.
Here you can find more details why it works in that way:
OS Login ties your Linux user account to your Google identity so that you have a consistent username, UID, and other posix information, in every VM you log into. This allows the VM to authorize your login using IAM permissions so that you can easily revoke access. The posix information is immutable for consumer identities (non-G Suite users). This prevents a bad actor from setting information in a malicious way that a project owner cannot manage. In order to prevent uniqueness conflicts across different organizations (
user@gmail.comanduser@example.com) the domain name is included by default.