AWS Security ChangesHomeSearch

AWS transfer documentation change

Service: transfer · 2025-02-27 · Documentation low

File: transfer/latest/userguide/configuring-servers-change-host-key.md

Summary

Added explanation about server host keys and their role in SSH authentication

Security assessment

The change explains the security mechanism of SSH host keys, which is a security feature, but does not address any specific security issue.

Diff

diff --git a/transfer/latest/userguide/configuring-servers-change-host-key.md
index 16f36ac9f..eab56c819 100644
--- a/transfer/latest/userguide/configuring-servers-change-host-key.md
+++ b/transfer/latest/userguide/configuring-servers-change-host-key.md
@@ -6,0 +7,2 @@
+The server host key is a private key used by the Transfer Family server to provide a unique identity to the caller, and to guarantee that it is the correct server. That guarantee is enforced by the presence of the correct public key in the caller's `known_hosts` file. (The `known_hosts` file is a standard feature used by most SSH clients to store the public keys for the servers that you've connected to.) You can retrieve the public key that corresponds to your server host key by running `ssh-keyscan` for your server.
+