I am trying to copy an SSH public key on several EC2 instances.
Reading the ssh-copy-id man page, when you pass the key file, the program adds .pub extension if it missing.
AWS keys are generated are .pem format, and I can use this workaround:
ssh-keygen -y -f my-new-key.pem | ssh user@host \
-i already-on-remote-server-key.pem 'cat > ~/.ssh/authorized_keys'
But the doubt remains... Is it possible to use ssh-copy-id with a .pem file or the only solution is to use a workaround?
You can use ssh-copy-id together with ssh-agent. Load the my-new-key.pem file to your agent using ssh-add ~/.ssh/my-new-key.pem and then ssh-copy-id will copy it to the new instance.
Alternatively you can run a new ssh-agent for a better control of what's going to be copied:
~ $ ssh-agent bash -c "ssh-add ~/.ssh/my-new-key.pem; ssh-copy-id -i already-on-remote-server-key.pem user@host"
One unsolicited advice - you can reuse the EC2 keys across all AWS regions to reduce the number of keys you need to generate and maintain: Re-using EC2 Key Pair in multiple regions.
Hope that helps :)
