Key format

[mcdallas]

When I am trying to import my public key to AWS management console I am getting:

Error importing Key Pair
Key is not in valid OpenSSH public key format

Does anyone know what the problem is? Is it possible that AWS does not support ecdsa keys?

[InnovativeInventor]

It's just the key fingerprint, not the public key.

[mcdallas]

@InnovativeInventor what is just the key fingerprint? I am trying to upload the output of sekey --export-key <fingerprint> > mykey.pub

[InnovativeInventor]

Sorry – saw the short output and mistakenly thought it was probably a key fingerprint. I think some option of ssh-keygen may be able to help you convert to the OpenSSH format. I just add it to the authorized_keys file instead, although that's not too useful for you because ssh access is needed to do that.

[mcdallas]

@InnovativeInventor I can confirm that i can connect to the instance if I add the key in authorized_keys but the aws management console still refuses it as invalid. Weird, I guess I'll have to use this workouround.

[ntrippar]

I think AWS doesn't support elliptic curves keys from their management console, I will doble check now.

[ntrippar]

@mcdallas I can't quote directly Amazon, because on the aws documentation I don't see a list of supported algorithms, but as far from comments on internet they don't support ecdsa keys 👎

Maybe we should push them like 100 other people on their support site. I know that many people from this issue they moved to Google Cloud. they should add the possibility at least to provision with a key you want, even if that AMI maybe don't support it. (its our problem).
What you can do is power up the vm and swap the key, if you are doing it on a massive scale you can do it with software like Ansible or Chef.