How to connect Amazon EC2 Linux Instance if you lose Private Key

  1. From AWS EC2 Management Console, click Instances, select the original instance (that you lose the private key)
  2. Memo the detail information of the original instance:
    • the instance ID (i-xxxxxxxx), AMI ID (ami-xxxxxxxx), and Availability Zone of the original instance from the details pane.
    • volume ID in the EBS ID field (vol-xxxxxxxx) under Block devices  the details pane.
    • [EC2-Classic] If the original instance has an associated Elastic IP address, write down the Elastic IP address shown under Elastic IP in the details pane.
  3. Select the original instance to click stop.
  4. Launch a new instance with same config as  the original instance. You can tag the new instance as Name=Temporary and create a new key pair, download it.
  5. Click Volumes in the navigation pane, select the root device volume for the original instance. Click Detach Volume to detach the volum. Wait for the state of the volume to become available. (You might need to click the Refresh icon.)
  6. Atach the original instance’s root volume to the new instance and specify the device name (for example, /dev/sdf ) .
  7. Use PuTTY to connect the new instance via SSH.
  8. Mount the root device volume for the original instance to the new instance.
    • Use the lsblk command to determine if the volume is partitioned.

      In the above example, /dev/xvda and /dev/xvdf are partitioned volumes, and /dev/xvdg is not. If your volume is partitioned, you mount the partition (/dev/xvdf1) instead of the raw device (/dev/xvdf) in the next steps.
    • Create a temporary directory to mount the volume.

    • Mount the volume (or partition) at the temporary mount point, using the volume name or device name you identified earlier.
  9. Use the new instance’s authorized_keys to update the original instance‘s authorized_keys

    If copy failed, please modify the file permission.
  10. Unmount the /mnt/tempvol

    So you can reattach it to the original instance again
  11. From the Amazon EC2 Management Console, select the original instance’s volume, click Actions, and then click Detach Volume. Wait for the state of the volume to become available. (You might need to click the Refresh icon.)
  12. Then select original instance’s volume, click Actions and click Attach Volume. Select the original instance ID,  specify the device name that you memoed (for example, /dev/xvda), and then click Yes, Attach.
  13. Select the original instance to start. After the instance’s state becomes running , you can connect to it using the private key file for your new key pair.

Leave a Reply

Your email address will not be published. Required fields are marked *