Recovery from lost EC2 PEM file: Difference between revisions
| (6 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
=Introduction= | =Introduction= | ||
This | This 10-step process will enable access to an EC2 instance you have lost access to. | ||
This assumes basic AWS / Linux knowledge. | |||
==Take notes== | ==Take notes== | ||
Note down the AZ of the problem server, | Note down the AZ of the problem server, its instance name, and the ID of the root volume. | ||
==Make a recovery instance== | ==Make a recovery instance== | ||
| Line 12: | Line 15: | ||
Create a new instance in the same AZ | Create a new instance in the same AZ | ||
Create a new key pair for the instance and download it. | Create a new key pair for the instance and download it. | ||
Don't lose the.PEM file again!!! | |||
==Make recovery instance accessable== | ==Make recovery instance accessable== | ||
Give the recovery instance an | Give the recovery instance an external IP and assign security groups. | ||
==Stop the old instance== | ==Stop the old instance== | ||
| Line 22: | Line 27: | ||
Stop the old instance. | Stop the old instance. | ||
Don't delete it! | Don't delete it! | ||
==Detatch the root vloume== | ==Detatch the root vloume== | ||
Detach the root volume from the old instance | |||
Attach it to the recovery instance - it is best to use /xvdf | Attach it to the recovery instance - it is best to use /xvdf | ||
==Mount the root volume | |||
==Mount the root volume== | |||
use lsblk to find the root volume, it shoud be /dev/xvdf1 | use lsblk to find the root volume, it shoud be /dev/xvdf1 | ||
==Make the Magic happen== | |||
Copy the certs: | Copy the certs: | ||
| Line 41: | Line 48: | ||
cp .ssh/authorized_keys /mnt/recovery_vol/home/ubuntu/.ssh/authorized_keys | cp .ssh/authorized_keys /mnt/recovery_vol/home/ubuntu/.ssh/authorized_keys | ||
Stop the | ==Move the volume back== | ||
Stop the recovery instance | |||
Detach the volume from the old server | Detach the volume from the old server | ||
Attach the volume back on the old server | Attach the volume back on the old server | ||
==Start the old server== | ==Start the old server== | ||
| Line 51: | Line 60: | ||
Sart the original instance | Sart the original instance | ||
Connect with the new .PEM file | Connect with the new .PEM file | ||
==Cleanup== | ==Cleanup== | ||
Terminate | Terminate the recovery instance | ||
Latest revision as of 21:07, 8 November 2024
Introduction
This 10-step process will enable access to an EC2 instance you have lost access to.
This assumes basic AWS / Linux knowledge.
Take notes
Note down the AZ of the problem server, its instance name, and the ID of the root volume.
Make a recovery instance
Create a new instance in the same AZ Create a new key pair for the instance and download it. Don't lose the.PEM file again!!!
Make recovery instance accessable
Give the recovery instance an external IP and assign security groups.
Stop the old instance
Stop the old instance. Don't delete it!
Detatch the root vloume
Detach the root volume from the old instance Attach it to the recovery instance - it is best to use /xvdf
Mount the root volume
use lsblk to find the root volume, it shoud be /dev/xvdf1
Make the Magic happen
Copy the certs:
sudo mkdir /mnt/removery_vol sudo mount /dev/xvdf1 /mnt/recovery_vol cp .ssh/authorized_keys /mnt/recovery_vol/home/ubuntu/.ssh/authorized_keys
Move the volume back
Stop the recovery instance Detach the volume from the old server Attach the volume back on the old server
Start the old server
Sart the original instance Connect with the new .PEM file
Cleanup
Terminate the recovery instance
