Posted On: Jan 20, 2022
Starting today, AWS customers can use ED25519 keys to prove their identity when connecting to EC2 instances using EC2 Instance Connect and EC2 Serial Console from the command line interface.
EC2 Instance Connect is a simple and secure way to connect to your instances using Secure Shell (SSH). Aside from leveraging the one time use SSH keys generated each time an authorized user connects, you can also connect your existing SSH keys. In addition to RSA based keys, EC2 customers can now use ED25519 key pairs, an elliptic curve based public-key system commonly used for SSH authentication, to authenticate with EC2 Instance Connect.
EC2 Serial Console provides a simple and secure way to troubleshoot boot and network connectivity issues by establishing a connection to the serial port of an instance. In addition to RSA based keys, EC2 customers can now use ED25519 key pairs, when they connect to the EC2 Serial Console from the command line interface.
The key generated by default for EC2 Serial Console and EC2 Instance Connect will be RSA based. Customers can now choose to generate ED25519 based keys and use them with EC2 Instance connect and EC2 Serial Console. To learn more about EC2 Instance Connect see our documentation page. To learn more about EC2 Serial Console see our documentation. To learn more about how to generate ED25519 keys and how to use them to validate your identity to EC2 instances, see documentation.