diff --git a/test/e2e_node/runner/remote/run_remote.go b/test/e2e_node/runner/remote/run_remote.go
index 0256c11a234..1b52e780765 100644
--- a/test/e2e_node/runner/remote/run_remote.go
+++ b/test/e2e_node/runner/remote/run_remote.go
@@ -22,6 +22,7 @@ package main
 
 import (
 	"context"
+	"encoding/base64"
 	"flag"
 	"fmt"
 	"math/rand"
@@ -899,7 +900,7 @@ func parseInstanceMetadata(str string) map[string]string {
 			klog.Fatalf("Failed to read metadata file %q: %v", metaPath, err)
 			continue
 		}
-		metadata[kp[0]] = string(v)
+		metadata[kp[0]] = ignitionInjectGCEPublicKey(metaPath, string(v))
 	}
 	for k, v := range nodeEnvs {
 		metadata[k] = v
@@ -907,6 +908,41 @@ func parseInstanceMetadata(str string) map[string]string {
 	return metadata
 }
 
+// ignitionInjectGCEPublicKey tries to inject the GCE SSH public key into the
+// provided ignition file path.
+//
+// This will only being done if the job has the
+// IGNITION_INJECT_GCE_SSH_PUBLIC_KEY_FILE environment variable set, while it
+// tried to replace the GCE_SSH_PUBLIC_KEY_FILE_CONTENT placeholder.
+func ignitionInjectGCEPublicKey(path string, content string) string {
+	if os.Getenv("IGNITION_INJECT_GCE_SSH_PUBLIC_KEY_FILE") == "" {
+		return content
+	}
+
+	klog.Infof("Injecting SSH public key into ignition")
+
+	const publicKeyEnv = "GCE_SSH_PUBLIC_KEY_FILE"
+	sshPublicKeyFile := os.Getenv(publicKeyEnv)
+	if sshPublicKeyFile == "" {
+		klog.Errorf("Environment variable %s is not set", publicKeyEnv)
+		os.Exit(1)
+	}
+
+	sshPublicKey, err := os.ReadFile(sshPublicKeyFile)
+	if err != nil {
+		klog.ErrorS(err, "unable to read SSH public key file")
+		os.Exit(1)
+	}
+
+	const sshPublicKeyFileContentMarker = "GCE_SSH_PUBLIC_KEY_FILE_CONTENT"
+	return strings.Replace(
+		content,
+		sshPublicKeyFileContentMarker,
+		base64.StdEncoding.EncodeToString(sshPublicKey),
+		1,
+	)
+}
+
 func imageToInstanceName(imageConfig *internalGCEImage) string {
 	if imageConfig.machine == "" {
 		return *instanceNamePrefix + "-" + imageConfig.image