Recovery from lost EC2 PEM file: Difference between revisions
No edit summary |
|||
| Line 1: | Line 1: | ||
=Introduction= | =Introduction= | ||
This is a 10 step process that creates a new .PEM file, and copies it to the old EBS volue. | This is a 10-step process that creates a new .PEM file, and copies it to the old EBS volue. | ||
==Take notes== | ==Take notes== | ||
Note down the AZ of the problem server, | Note down the AZ of the problem server, its instance name, and the ID of the root volume. | ||
==Make a recovery instance== | ==Make a recovery instance== | ||
| Line 12: | Line 13: | ||
Create a new instance in the same AZ | Create a new instance in the same AZ | ||
Create a new key pair for the instance and download it. | Create a new key pair for the instance and download it. | ||
Don't lose the.PEM file again!!! | |||
==Make recovery instance accessable== | ==Make recovery instance accessable== | ||
Give the recovery instance an exernal IP and assign security groups. | Give the recovery instance an exernal IP and assign security groups. | ||
==Stop the old instance== | ==Stop the old instance== | ||
| Line 22: | Line 25: | ||
Stop the old instance. | Stop the old instance. | ||
Don't delete it! | Don't delete it! | ||
==Detatch the root vloume== | ==Detatch the root vloume== | ||
| Line 27: | Line 31: | ||
Detatch the root valoue from the old instance | Detatch the root valoue from the old instance | ||
Attach it to the recovery instance - it is best to use /xvdf | Attach it to the recovery instance - it is best to use /xvdf | ||
==Mount the root volume== | ==Mount the root volume== | ||
use lsblk to find the root volume, it shoud be /dev/xvdf1 | use lsblk to find the root volume, it shoud be /dev/xvdf1 | ||
==Make the Magic happen== | ==Make the Magic happen== | ||
| Line 39: | Line 45: | ||
sudo mount /dev/xvdf1 /mnt/recovery_vol | sudo mount /dev/xvdf1 /mnt/recovery_vol | ||
cp .ssh/authorized_keys /mnt/recovery_vol/home/ubuntu/.ssh/authorized_keys | cp .ssh/authorized_keys /mnt/recovery_vol/home/ubuntu/.ssh/authorized_keys | ||
==Move the volume back== | ==Move the volume back== | ||
Stop the | Stop the recovery instance | ||
Detach the volume from the old server | Detach the volume from the old server | ||
Attach the volume back on the old server | Attach the volume back on the old server | ||
==Start the old server== | ==Start the old server== | ||
| Line 50: | Line 58: | ||
Sart the original instance | Sart the original instance | ||
Connect with the new .PEM file | Connect with the new .PEM file | ||
==Cleanup== | ==Cleanup== | ||
Terminate and the recovery instance | Terminate and the recovery instance | ||
Revision as of 21:04, 8 November 2024
Introduction
This is a 10-step process that creates a new .PEM file, and copies it to the old EBS volue.
Take notes
Note down the AZ of the problem server, its instance name, and the ID of the root volume.
Make a recovery instance
Create a new instance in the same AZ Create a new key pair for the instance and download it. Don't lose the.PEM file again!!!
Make recovery instance accessable
Give the recovery instance an exernal IP and assign security groups.
Stop the old instance
Stop the old instance. Don't delete it!
Detatch the root vloume
Detatch the root valoue from the old instance Attach it to the recovery instance - it is best to use /xvdf
Mount the root volume
use lsblk to find the root volume, it shoud be /dev/xvdf1
Make the Magic happen
Copy the certs:
sudo mkdir /mnt/removery_vol sudo mount /dev/xvdf1 /mnt/recovery_vol cp .ssh/authorized_keys /mnt/recovery_vol/home/ubuntu/.ssh/authorized_keys
Move the volume back
Stop the recovery instance Detach the volume from the old server Attach the volume back on the old server
Start the old server
Sart the original instance Connect with the new .PEM file
Cleanup
Terminate and the recovery instance
