Recovering or Replacing a Key Pair in AWS EC2: A Step-by-Step Guide

Solai Rajan
5 min readJun 20, 2023

--

Introduction:

Losing access to your EC2 instance due to a misplaced or compromised key pair can be a frustrating experience. Fortunately, Amazon Web Services (AWS) provides a straightforward solution to recover or replace a key pair without losing valuable data or configurations. In this guide, we will walk you through the process of recovering or replacing a key pair in an AWS EC2 instance.

Step 1: Create an EC2 Instance Named “Original”

To initiate the recovery process, start by launching an EC2 instance named “Original” with the existing key pair associated with it. This instance will serve as a recovery point for your data and configurations.

Step 2: Launch a Temporary EC2 Instance with the New Key Pair

Create a new key pair in the AWS Management Console. Then, launch a temporary EC2 instance, ensuring that you associate it with the new key pair.

Step 3: Stop the Instance with the Lost Key Pair and Detach Its Volume

Stop the EC2 instance that you have lost access to, which currently has the lost key pair associated with it. After the instance is stopped, detach its root volume to prepare for attachment to the temporary instance.

  1. Stop the EC2 instance

2.Detach the root volume

Step 4: Attach the Detached Volume to the Temporary Instance

Attach the detached root volume from the instance with the lost key pair to the temporary instance. This step allows us to access the volume and make necessary modifications.

Step 5: Mount the New Volume on the Temporary Instance

Once the volume is attached to the temporary instance, you need to mount it to make the necessary changes. Connect to the temporary instance using SSH or any other method available, and mount the attached volume to a directory.

  1. Connect to the temporary instance

2. List block devices in Linux including disks, partitions by using ‘ lsblk

3. Create a directory using this command “mkdir -p /var/old-disk

4. Mount the Old disk to the temporary instance by using this command “mount -o nouuid /dev/xvdf1 /var/old-disk

5. To find the disk space usage “df -h

Step 6: Copy the New Public Key to the Mounted Disk

Navigate to the mounted volume and locate the file that contains the authorized keys for SSH access. Replace the existing public key with the new public key associated with the temporary instance.

cat /home/ec2-user/.ssh/authorized_keys >> /var/old-disk/home/ec2-user/.ssh/authorized_keys

Step 7: Unmount the Disk from the Temporary Instance

After modifying the authorized keys file, unmount the volume from the temporary instance. This step ensures that the changes made to the disk are preserved. “umount /var/old-disk

Step 8: Attach the Disk Back to the Instance with the Lost Key Pair

Now, it’s time to reattach the modified disk back to the original instance, which had the lost key pair associated with it. Make sure the instance is still in a stopped state, and then attach the disk as the root volume.

  1. Detach The Original volume from the temporary instance.

2. Reattach the disk to the original instance, ensuring that the device name matches the previous configuration.

Step 9: Access the Instance with the New Key Pair

Once the disk is attached to the original instance, start the instance and wait for it to reach a running state. You can now access the instance using the new key pair associated with the temporary instance. Ensure that you can successfully connect to the instance via SSH or any other required method.

  1. Here, we connect using PuTTY with the new key pair.

2. Successfully connected using new key pair.

Conclusion:

Losing access to an EC2 instance due to a lost or compromised key pair can be a stressful situation, but AWS provides a straightforward solution for recovery or replacement. By following the steps outlined in this guide, you can regain access to your instance while preserving your data and configurations.

Powered by solairajan.online

Follow me on

linkedin | linktr.ee

--

--

Solai Rajan
Solai Rajan

Written by Solai Rajan

Cloud Engineer with a strong focus on Amazon Web Services (AWS), proficient in designing, implementing, and managing cloud solutions on the AWS platform.

No responses yet