Posted On: Aug 17, 2021

Starting today, ED25519 SSH key pairs are generally available. Customers can now use ED25519 keys to prove their identity when connecting to an Amazon EC2 instance.

Previously, customers could only use RSA based keys to authenticate to Amazon EC2 instances, when they needed to establish secure connections to deploy and manage instances on EC2. It also prevented customers who had compliance mandates to use ED25519 keys, from enabling SSO type scenarios across their organization.

Customers can get started with ED25519 keys by either generating an ED25519 key pair using Amazon EC2 console, or the Amazon Web Services CLI or by importing an existing ED25519 key pair. Once an ED25519 key pair is generated or imported, it can be used to establish an SSH connection to any Linux or Mac instance on Amazon EC2.

To learn more about how to generate ED25519 keys and how to use them to validate your identity to EC2 instances, see documentation.