Recovering AWS Key Pairs

How to recover AWS Key Pairs step by step

Binh Nguyen Xuan

Last week, I faced some trouble with my AWS server. In a beautiful day, I can not access my server, have no idea why. Can not access, can not check.

After my research, we can change the key pairs very easy, like you go to a shop and buy a new lock to replace your old one which lost the key. Very simple.

Step 1: Stop running server and get the Availability Zone, root device

Click select "VM-LOST-KEY" and focus on description tab bellow:

In this case

Availability Zone (AZ): ap-southeast-1a

Root device: /dev/sda1 (very important)

Step 2: Create a new virtual machine of the same type in the same area with new access key

In the AWS Instance Launch wizard, at step 3:

Choose Subnet which has same AZ with old server

Step 3: Detach the root device from the (OLD) virtual machine and attach it as a secondary disk to the new one.

Click on Root device or Block devices to show ESB Disk information (that is the Virtual Disk of instance on AWS):

Then, click on ESB ID link to move to volume page. Select disk and right click:

Click on "Detach Volume" to temporary move the virtual disk out of origin virtual machine. After that, right click on virtual disk again and click on "Attach Volume":

Instance: Select new instance just created a few minutes ago.

Device: replace by /dev/sdg

Step 4: Access to new VM and mount the OLD Disk. Replace the SSH key settings.

Please follow (or copy) steps bellow:

# lsblk
# mkdir /mnt/recovery
# mount /dev/xvdg /mnt/recovery
# cat /home/ubuntu/.ssh/authorized_keys > /mnt/recovery/home/ubuntu/.ssh/authorizd_keys
# cd /
# umount /mnt/recovery/

Step 5: After umount, remove association and attach this device back to original VM

First, detach, right click on disk and click on detach

Next, go to the old disk and attach to original VM

Instance: select original instance.

Device: /dev/sda1 

Step 6: Turn on your original VM and try to access it using new key

ssh -i "new_key_pairs_path" ubuntu@IP_Address

Hope this help.