[jackalope]

How is downloading a key pair generated by someone else safer? If this is only for login purposes (I don't use AWS, so maybe there is another reason), you should generate your own key pair and send them only your public key (which doesn't require an encrypted transfer, BTW). If AWS knows your private key and can view it or provide it to you at anytime, that's no different than storing passwords in plaintext.

[count]

AWS generates the key pair client side, and never sees your private key. Also, you can just chose to upload your own public key that AWS will utilize (which is best practice).

AWS cannot view or provide you your private key at any time - once you click 'ok' on that javascript window, that private key is gone for good.

[jivid]

The keypair AWS generates can only be downloaded once, at the time of instance creation. Beyond that, they expect you to be in possession of the keypair when launching another instance that uses the same keypair. If you happen to lose the file, you're basically out of luck.

So to directly address your concern, you can't download the keypair at any point in time, it's just a one time thing. To me that seems much more secure than emailing out a root password and enabling password authentication by default.

[aianus]

I much prefer DigitalOcean's option of no root password and letting me upload my public key. There's no need for them ever to know my password or private key.