I finally got around the issue by using the --server-connect-attribute
option, which is supposed to be used along with a --ssh-gateway
attribute.
Add --server-connect-attribute public_ip_address
to above knife ec2 create server command, which will make knife use public_ip_address of your server.
Note: This hack works using knife-ec2 (0.6.4). Refer def ssh_connect_host
here