I am trying to add a public ssh key in an GCP VM instance metadata.
gcloud compute instances add-metadata <instance-name> --zone=us-east4-a --metadata-from-file ssh-keys=id_rsa.pub
The key has the format
ssh-rsa AAAAB3NzaC1yc2 ...
....root@hostname
Why am I getting this warning
WARNING: The following key(s) are missing the <username> at the front
ssh-rsa AAAAB3NzaC1yc2 ...
....root@hostname
What is more, after adding the public key to the node's metadata and although I am inside the GKE cluster and I have connectivity to the private IP of the node the ssh process fails
ssh <private_ip_of_the_node>
root@<private_ip_of_the_node> Permission denied (publickey).
By default, Compute Engine VMs built from public images and most common operating systems don't allow root login with a password over SSH. Here, you are using the GKE cluster Private IP [root@<private_ip_of_the_node>] which may not have the root permissions and this might give you Permission denied (publickey).
Refer to this Permission denied (publickey) troubleshooting documentation.
By following this Enable root login to the GKE Cluster.
Add SSH keys by following this official doc .
There could be several other reasons why, and the most common examples are explained in this blog by John Otieno .