I’m working on a remote headless Linux server through SSH and trying to set up Gemini CLI. The authentication process is giving me trouble. When I use an API key for authentication, I only get access to the basic 2.5 Flash model. I really want to test out the 2.5 Pro version through my SSH session, but I can’t figure out how to properly authenticate for it. Other tools like Claude Code provide a special login URL that you can open on your local machine and then copy the token back to the remote session. However, Gemini CLI doesn’t seem to offer this kind of authentication flow. Has anyone successfully authenticated Gemini CLI on a remote server to access the Pro models? What’s the proper way to handle browser-based login when you’re working through SSH?
try gcloud auth login --no-launch-browser instead of the regular gemini cli auth. it gives you a url to copy/paste into your local browser, then you get a verification code to enter on the server. worked for me when i had the same headache last week, now i can use pro models no problem.
Had this exact problem last month on my VPS. Use SSH port forwarding for the browser auth - it’s a lifesaver. Run the Gemini CLI auth on your remote server, and when it spits out the localhost callback URL, open an SSH tunnel: ssh -L 8080:localhost:8080 your-server (change the port if needed). This pipes the auth callback from your server straight to your local browser. Complete the OAuth flow locally and the token saves on the remote server - boom, you’ve got Pro model access. Keep that SSH session alive during auth or the tunnel dies and you’re back to square one. Saved my sanity after weeks of fighting API key limits.
I got around this by using Google Cloud service account authentication instead. Just create a service account in the Google Cloud Console, give it the right permissions, and download the JSON key file. Then set your GOOGLE_APPLICATION_CREDENTIALS environment variable to point to that file on your headless server. This skips the browser auth completely and gets you access to Pro models without messing with OAuth or port forwarding. The auth sticks between sessions too, so you won’t have to keep re-authenticating. Just make sure your service account has AI Platform permissions enabled or you’ll still be stuck with basic models.