AWS Security ChangesHomeSearch

AWS iot high security documentation change

Service: iot · 2025-06-04 · Security-related high

File: iot/latest/developerguide/tunneling-tutorial-quick-setup.md

Summary

Updated SSH authentication documentation to specify only PEM-formatted RSA keys (256/512) are supported

Security assessment

Restriction to RSA keys with specific lengths removes support for potentially weaker cryptographic algorithms (DSA, ECDSA, ED25519) that were previously listed, indicating a security-focused update to enforce stronger encryption standards.

Diff

diff --git a/iot/latest/developerguide/tunneling-tutorial-quick-setup.md b/iot/latest/developerguide/tunneling-tutorial-quick-setup.md
index 3c78d0960..b018d5b80 100644
--- a//iot/latest/developerguide/tunneling-tutorial-quick-setup.md
+++ b//iot/latest/developerguide/tunneling-tutorial-quick-setup.md
@@ -92 +92 @@ After you create a tunnel using the quick setup method, and your destination dev
-  3. Choose whether you want to authenticate into the SSH connection by providing your username and password, or, for more secure authentication, you can use your device's private key. If you're authenticating using the private key, you can use RSA, DSA, ECDSA (nistp-*) and ED25519 key types, in PEM (PKCS#1, PKCS#8) and OpenSSH formats. 
+  3. Choose whether you want to authenticate into the SSH connection by providing your username and password, or, for more secure authentication, you can use your device's private key. If you're authenticating using the private key, note that only PEM formatted (256 and 512) RSA keys work with AWS IoT Secure Tunneling SSH console.