Disable project-wide SSH keys for all instances
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | compute |
| Provider | |
| Vulnerability Type | omission |
Description#
Project-wide SSH keys are enabled for Google Compute instances, allowing the same SSH keys to access all instances in the project. This configuration increases the attack surface by not restricting access to specific instances.
Impact#
If any project-wide SSH key is compromised, an attacker can gain unauthorized access to all instances in the project, potentially leading to full environment compromise, data breaches, or service disruption.
Resolution#
Disable project-wide SSH keys