时间戳

首页 > 解决方案 > AWS EC2 不会导入 OpenSSH ECDSA 密钥

amazon-ec2 - AWS EC2 不会导入 OpenSSH ECDSA 密钥

问题描述

我想将 ECDSA 密钥导入 AWS EC2。AWS EC2 是否只导入 RSA 密钥,而不是 ECDSA 或 ED25519 密钥?如果有办法导入 ECDSA 密钥,该怎么做?

# Discover the apt package that provided ssh-keygen
$ apt-file search `which ssh-keygen`
openssh-client: /usr/bin/ssh-keygen
openssh-client-ssh1: /usr/bin/ssh-keygen1

# Discover the installed version of openssh-client
$ apt list openssh-client
Listing... Done
openssh-client/groovy,now 1:8.3p1-1 amd64 [installed,automatic]

# Make a new key pair
$ ssh-keygen -b 521 -f ~/.ssh/key2020-10-28 -P "" -t ecdsa

# Import the new key pair
$ aws ec2 import-key-pair --key-name key2020-10-28 \
  --public-key-material fileb://~/.ssh/key2020-10-28.pub

#An error occurred (InvalidKey.Format) when calling the ImportKeyPair operation: 
#Key is not in valid OpenSSH public key format

# Try again with a base64 encoded key:
$ base64 ~/.ssh/key2020-10-28.pub > ~/.ssh/key2020-10-28.pub.b64
$ aws ec2 import-key-pair --key-name key2020-10-28 \
  --public-key-material fileb://~/.ssh/key2020-10-28.pub.b64
# An error occurred (InvalidKey.Format) when calling the ImportKeyPair operation: 
# Key is not in valid OpenSSH public key format

接下来我尝试了旧的 RSA 密钥算法,该算法有效:

ssh-keygen -b 4096 -f ~/.ssh/ec2 -P "" -N "" -t rsa
aws ec2 import-key-pair --key-name rsa2020-10-28 \
  --public-key-material fileb://~/.ssh/rsa2020-10-28.pub
{
    "KeyFingerprint": "c9:32:25:36:fd:b8:a0:83:09:1b:56:6f:86:a1:18:4e",
    "KeyName": "rsa2020-10-28",
    "KeyPairId": "key-04ebd4202d5988526"
}

接下来我尝试了旧的和不安全的 DSA 密钥算法:

ssh-keygen -f ~/.ssh/dsa2020-10-28 -P "" -t dsa
aws ec2 import-key-pair --key-name dsa2020-10-28 \
  --public-key-material fileb://~/.ssh/dsa2020-10-28.pub
An error occurred (InvalidKey.Format) when calling the ImportKeyPair operation: 
Key is not in valid OpenSSH public key format

接下来我尝试了ed25519密钥算法:

ssh-keygen -f ~/.ssh/ed25519-2020-10-28 -P "" -t ed25519
aws ec2 import-key-pair --key-name dsa2020-10-28 \
  --public-key-material fileb://~/.ssh/ed25519-2020-10-28.pub
An error occurred (InvalidKey.Format) when calling the ImportKeyPair operation: 
Key is not in valid OpenSSH public key format

标签: amazon-ec2ssh

解决方案

您现在可以根据此公告将 ED25519 密钥用于 EC2 实例。

推荐阅读