When we allow users to use SSH to connect to Linux VMs on Google Cloud, we need to keep track of their public keys, and which VMs they have access to. That can be easier said than done. Google Cloud lets us choose between two ways of managing SSH keys for Linux VMs. The classic (and default) way is to use metadata-based keys, where we upload SSH keys to instance or project metadata. Metadata-based keys are easy to use and understand, but they’re also risky. In fact, metadata-based SSH keys ...
