No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

You don't need rsaBits set as that only applies to rsa.

It looks like the TLS provider has an output `privateKeyOpenssh` for ssh usage, that should work provided the public key is loaded onto the server
<https://www.pulumi.com/registry/packages/tls/api-docs/privatekey/#privatekeyopenssh_nodejs|https://www.pulumi.com/registry/packages/tls/api-docs/privatekey/#privatekeyopenssh_nodejs>

<@U04D2DBKUF9> Thanks, I made the changes you suggested. I have found the problem though, for some reason my public key is not being added to the authorized_keys for the ansible user in my userData. Can you see anything wrong with my code below.

```const tlsKey = new tls.PrivateKey("tls-key", {
  algorithm: "ED25519",
});
const publicKey = tlsKey.publicKeyOpenssh

const k3sMaster1 = new hcloud.Server("k3s-master-1", {
  name: "k3s-master-1",
  image: "rocky-9",
  serverType,
  deleteProtection,
  sshKeys: [hKey.name, localKey],
  labels: {
    "k3s-master": "true"
  },
  networks: [{
    networkId: k3sNetwork.id,
    ip: "10.8.8.10"
  }],
  userData: `
#cloud-config
users:
  - name: ansible
    sudo: ALL=(ALL) NOPASSWD:ALL
    shell: /bin/bash
    ssh_authorized_keys:
      - "${publicKey}"
    sudo: 'ALL=(ALL) NOPASSWD:ALL'
runcmd:
  - sudo yum update -y
  - sudo reboot
  `
}, {
  dependsOn: [k3sNetwork, hKey]
})```


publicKey here is an `Output&lt;string&gt;`, so you'll need to use something like `pulumi.interpolate` to access the contents.

See here: <https://www.pulumi.com/docs/concepts/inputs-outputs/#outputs-and-strings|https://www.pulumi.com/docs/concepts/inputs-outputs/#outputs-and-strings>