Managing SSH and PGP keys in Transfer Family
In this section, you can find information about SSH keys, including how to generate
them and how to rotate them. For details about using Transfer Family with AWS Lambda to manage keys,
see the blog post Enabling user self-service key management with AAWS Transfer Family and AWS Lambda
Note
AWS Transfer Family accepts RSA, ECDSA, and ED25519 keys.
This section also covers how to generate and manage Pretty Good Privacy (PGP) keys.
Topics
Supported algorithms for user and server keys
The following key algorithms are supported for user and server key-pairs within AWS Transfer Family.
Note
For algorithms to use with PGP decryption in workflows, see Algorithms supported for PGP key-pairs.
-
For ED25519:
ssh-ed25519
-
For RSA:
-
rsa-sha2-256
-
rsa-sha2-512
-
-
For ECDSA:
-
ecdsa-sha2-nistp256
-
ecdsa-sha2-nistp384
-
ecdsa-sha2-nistp521
-
Note
We support ssh-rsa
with SHA1 for our older security policies. For
details, see Cryptographic algorithms.