- Newest
- Most votes
- Most comments
Hello dotmindlabs,
At this time, there isn't a way to fetch the Private-Key of the HostKey associated to the server irrespective of whether it was a service generated HostKey or a customer generated HostKey. For multiple servers to use the same Private-Key, you would have to generate your own HostKey and utilize the same for your server configurations.
To your concern, SHA256:Cv5TEDW8P3L+uqpAKtpzSWIfGcHwdrnaDyJd0wOGNx5=
is a SHA256 fingerprint and cannot be used as a Private-Key. Private-Key supported by AWS Transfer Family servers as HostKey should be of format -
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAjhbPcClrabcdefghiabcdefghiabcdeHEAYGmwJtF8+EkQJp
...
...
...
...
dFQqcvEF5tombtabcdefghiabcdefghiabcdeOmJ6SfZBudDmW4=
-----END RSA PRIVATE KEY-----
Q: Where can i get this RSA private Key from our current running AWS SFTP server? (I tried to ssh but it does not allow) A: It isn't possible to fetch RSA Private-Key from the service. Also, SSH to the server is not supported.
Q: Would after creation of new AWS SFTP server be able to setup the host key with this command? A: Yes, the command you specified is correct and can be used to update the HostKey of the Transfer server if you want to specify your own HostKey.
Also, adding to your comment - It isn't true that Private-keys are only for migrating On-Premise environment to AWS Transfer Family. As On-Premise environments use their custom Private-keys for their servers, the guide mentions that it is possible to port them to AWS Transfer Family. In any case, the point being expressed is that customers can associate their own HostKey to their Transfer Family servers irrespective of whether they are migrating or not.
References: 1 - https://docs.aws.amazon.com/cli/latest/reference/transfer/update-server.html
Let me know if you have questions.
Hi thanks! Ended up creating a new SFTP Server. Setting up the same private key, this way obtaining the same fingerprint.
Relevant content
- asked 3 years ago
- asked 5 months ago
- asked a year ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 3 years ago
By reading the documentation it seems the Private Key is only for moving On-Premises SFTP servers into AWS. I would like to use a similar concept for an existing AWS SFTP Server. But it seems i only have access to the Public Host Key.