Skip to content

List project wide SSH keys in Google Cloud

Why

Sometimes project wide SSH keys are enabled on the project and you'd like to list them

How

gcloud compute project-info describe \
 --format="value(commonInstanceMetadata[items][ssh-keys])"

Or you can do all projects

#!/bin/bash
for project in $(gcloud projects list --format="value(projectId)")
   do
      echo "ProjectId: $project"
      for user in $(gcloud compute project-info describe --project=$project --
         format="table[no-heading](commonInstanceMetadata.items.ssh-keys)" | grep -v ecdsa-sha2-nistp256 | cut -d ":" -f 1)
      do
         echo " -> User $user"
   done
done

Ideally you should not enable project wide SSH keys, disable it in the org policy

Further reading


Want to make this site better? Open a PR or help fund hosting costs