Azure
diff --git a/‎src/azure-cli/azure/cli/command_modules/acs/_help.py‎
Lines changed: 5 additions & 1 deletion b/‎src/azure-cli/azure/cli/command_modules/acs/_help.py‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎src/azure-cli/azure/cli/command_modules/acs/_validators.py‎
Lines changed: 10 additions & 2 deletions b/‎src/azure-cli/azure/cli/command_modules/acs/_validators.py‎
Lines changed: 10 additions & 2 deletions
@@ -95,6 +95,10 @@
   - name: --ssh-key-value
     type: string
     short-summary: Public key path or key contents to install on node VMs for SSH access. For example, 'ssh-rsa AAAAB...snip...UcyupgH azureuser@linuxvm'.
+    long-summary: |-
+      If omitted:
+          - The CLI will use '~/.ssh/id_rsa.pub' when present
+          - If that file is not present the CLI will default to server-side generated keys (equivalent to using --no-ssh-key)
   - name: --admin-username -u
     type: string
     short-summary: User account to create on node VMs for SSH access.
@@ -263,7 +267,7 @@
   - name: --no-ssh-key -x
     type: string
     short-summary: Do not use or create a local SSH key.
-    long-summary: To access nodes after creating a cluster with this option, use the Azure Portal.
+    long-summary: If omitted and no local public key exists, the CLI will default to this behavior. To access nodes after creating a cluster with this option, use the Azure Portal.
   - name: --pod-cidr
     type: string
     short-summary: A CIDR notation IP range from which to assign pod IPs when Azure CNI Overlay or Kubenet is used (On 31 March 2028, Kubenet will be retired).
 
@@ -65,8 +65,16 @@ def validate_ssh_key(namespace):
                            "file share, back up your keys to a safe location",
                            private_key_filepath, public_key_filepath)
         else:
-            raise CLIError('An RSA key file or key value must be supplied to SSH Key Value. '
-                           'You can use --generate-ssh-keys to let CLI generate one for you')
+            if (not content or str(content).strip() == "" or
+                    (content == os.path.join(os.path.expanduser('~'), '.ssh', 'id_rsa.pub'))):
+                namespace.no_ssh_key = True
+                return
+            raise CLIError(
+                "The SSH key provided is not a valid RSA public key. "
+                "Provide the contents of a valid SSH public key (for example, '~/.ssh/id_rsa.pub'), "
+                "specify a path to a public key file, "
+                "or add --generate-ssh-keys as a parameter to create a new key pair."
+            )
     namespace.ssh_key_value = content