-3

We have a scenario when we need to generate ssh key with ssh-keygen on a windows machine and copy it to linux instance:

  echo -e 'y\n' | ssh-keygen -t rsa -f /tmp/temp -N '' >/dev/null 2>&1
aws --profile dev --region us-east-1 ec2-instance-connect send-ssh-public-key \
  --instance-id i-x123456 \
  --availability-zone us-east-1a \
  --instance-os-user ec2-user \
  --profile dev \
  --region us-east-1 \
  --ssh-public-key file:///tmp/temp.pub

The problem the template of the pem created on windows doesn't match the linux template so when trying to use it for ssh (with aws session manager):

ssh -i /tmp/temp \
  -Nf -M \
  -L 3306:test-rds.xxxxxxxxxxx.us-east-1.rds.amazonaws.com:3306 \
  -o "UserKnownHostsFile=/dev/null" \
  -o "StrictHostKeyChecking=no" \
  -o ProxyCommand="aws ssm start-session --target %h --document AWS-StartSSHSession --parameters portNumber=%p --profile dev --region us-east-1" \
  ec2-user@i-x123456

it fails with: command-line: line 0: Bad configuration option: \342\200\234userknownhostsfile

Any way to generate pem on windows and copy it to a linux machine? Tnx!

A1001
  • 1
  • Because the template of the file is different. Also this same process is working from a ubuntu/Mac machines. – A1001 May 16 '22 at 09:25
  • 2
    What template? How did you determine that it is different? The failure message isn't saying anything of that sort. – u1686_grawity May 16 '22 at 10:01
  • In Linux, ssh-keygen generates a key that looks like this: ``` "ssh-rsa " ``` In Windows you get: ``` "-----BEGIN OPENSSH PRIVATE KEY----- -----END OPENSSH PRIVATE KEY-----" ``` This is the same in Windows Power Shell, GitBash, etc. Any advise on what can cause this not to work? we want to open ssh tunnel over session manger from windows machine to ec2 linux machine and it just doesn't work – A1001 May 16 '22 at 10:08
  • 2
    The failure message isn't talking about the format at all, but you're just mixing up the public and private key files – the format you're describing on Linux is the public key file, the one on Windows is the private key file. In reality you get both files on both systems. – u1686_grawity May 16 '22 at 10:12

1 Answers1

3

There's nothing wrong with your key; the error message is saying that you used the wrong quotes around UserKnownHostsFile – instead of regular " ASCII quotes, you have (and presumably ) curly quotes which the shell doesn't recognize.

u1686_grawity
  • 426,297
  • 64
  • 894
  • 966