How to Recreate a lost Private Key for AWS EC2 Linux Instance
In this article, I am going to explain you about the Recreate a lost Private Key (.pem) to access your AWS EC2 instances. This Recreate a lost Private Key process needs minimum downtime to copy the new private key from new instance to the running Amazon Linux EC2 instance.
Unfortunately, If You’ve deleted your old key pairs so let’s forget about those and concentrate on getting back control on your AWS Instance- they’re gone but thankfully you can still get things back on track with this Recreate a lost Private Key process.
In this Recreate a lost Private Key process what I did have I created a new public-private key pair by generating one locally then uploading the key pair to AWS. In that way when I create a new EC2 instance I can assign the key pair I just created and access the boxes via SSH.
If you’re new to Amazone Web Services or already working, you might be noticed that, while launching the AWS instance you’re securing it specifying a security group and a key pair. When you want to connect your instance, you must specify the same private key pair that you specified when you launching the instance.
If you lost your private key you can’t log in AWS instance, or if you don’t have any backup user with login private key. it does not allow you to log in without matching key. have to look on below image to know about how the AWS login authentication works.
Image source: http://docs.aws.amazon.com
An instance can be associated with a key pair only at launch time (either to an existing key pair or by creating a new key pair). That means if we lose the key pair then we won’t be able to generate another one for that already running instance or associate it with an already existing key pair.
Once the instance is up and running, you would be able to log into the new instance using the new key pair. The new instance is identical in every aspect to the original instance and we can carry on our work from there.
Suggestable Read: How to Create Amazon EC2 Instance | Step by Step guide | WebGUI
Here are the steps to Recreate a lost Private Key file for Amazon Linux EC2 instance. Before recreating the pem file need to launch new Linux instance in the same availability zone.
Step 1: Firstly, we need to note down the original instance’s Availability Zone (us-east-1d), Instance name and Instance ID.
Step 2: Launching a new instance using the Launch Instance wizard:
Click here to know more about AWS EC2 and how to launch AWS EC2 Instance step by step
It is the very important step, we need to make sure that we are launching the instance in same Availability Zone (AZ) as our original instance. We can choose AZ from Subnet as shown in below image.
Before we launch the instance we will see the key pair section from there we will create and download a new key pair and then we will launch the instance.
The new instance is in running state.
Step 4: Now login to the newly launched instance using with DNS/Public IP.
Step 5: Find out the EBS root Volume details of your lost private key instance.
Step 6: Now detach the volume from original instance and attach it to the new instance, in order to do that we need to stop the original instance. To stop the instance right click on the instance go to Instance State and choose Stop.
After confirming the operation you can right-click again on the same volume choosing the Attach option.
Step 7: In the dialog, just choose to connect the volume to the recovery instance and also add a Device path as /dev/sdf that we have to note down.
Once you attach the volume to recovery instance, now ready to mount that in the same instance. You can access the instance using the key pair generated during the instance launch.
Step 8: Now you need to update the authorized keys in /home/ec2-user/.ssh, and then revert the steps – disassociate from the temporary instance, associate it with the original instance, then restart the original instance.
Step 9: Once you are done with copying the authorized keys, now you can detach the volume from recovery instance. After that, re-attach it to the Original instance, make sure when you are re-attaching the volume.
Step 10: Now you can start the original instance back, and you can access it using the new key pair.
Conclusion: I hope this guide will help you to Recreate a lost Private Key and how to use the new private key to log in your old running instance. if you have any queries please comment below, I will try to help you. And share with communities to help others.