This article Change Key Pair on Running AWS EC2 Instance by Image Method Easily will help you to deal with lost keypairs. Many people just go blank on the key pair question and never creates them in the first place. Whatever may be the case, the result is – now you are unable to access the AWS EC2 or VPC server.
AWS doesn’t allow password logins (unless the server is forced via commands and settings). Your server needs to have assigned at least 1 key pair which you must have on your system to access your server. Authenticity checks.
Follow this guide and you will be fine. This guide involves changing of key pairs by re-launching the same instance from images created by backup of your server. It is not that complicated method in which you have to change authorized keys etc. It is very simple and all graphical. So let’s start.
1. Log on to your AWS EC2 panel.
2. Go to option ‘Key Pairs’.
3. Create new key by clicking on it and give it a name. As soon as you are done this will be downloaded and saved on your system.
4. Now go to Instance list and click on the instance which you want to change the key pair. Right click it and select STOP.
5. Wait until it stops. It will take 2-3 minutes at max depending on the size and data of the instance.
6. Now again Right click it and select Create Image (EBS AMI).
7. A box will appear. Give this backup image a name. You can write some description if wanted. Try not to change any option present in this box. They will all get automatically selected as per your current instance.
8. Hit ‘CREATE’. This will take some time. May be 4-5 minutes. Close the dialogue box. You can check the completion under Images >> AMIs.
9. When it is completed then recheck AMIs and Snapshot section under EBS. There should be 1 EBS backup and 1 AMI (instance) backup.
10. Now. Go to AMIs and Right click the backed up Instance Image. Select ‘Launch Instance’. This will bring you to same first time Launch instance wizard. Here keep all options same as previous instance but change Key Pair to newly created one.
11. Launch it. It will take some time. After it is started without errors. Go and check it via SSH. You may need to convert a key pair using PuTTYgen first and change the IP address in SSH as it may change. Guide to Key pair files to access AWS EC2 is HERE. If you are using Elastic IP then assign it to this running instance and use the same IP.
12. When you are are sure and done checking that everything is there from the Snapshot, you can terminate previously stopped Instance which will also delete the unused old EBS with it.
Now some warnings:
1. Stopping instance will also stop your website and apps. Everything will be unavailable till instance is started again.
2. If you are using Ephemeral storage instead of EBS (which is very highly unlikely) then stopping instance will delete all data on ephemeral storage.
3. If you are not using Elastic IP then your IP address will change and due to that Apps and Websites pointed to will stop working. Take care of that.
4. If you are using Elastic IP then be sure to reassign it back to newly ran instance. EIP not in use is chargeable.
5. Keeping a Snaphot Image and extra EBS (not attached to running instance) is chargeable. Don’t forget to delete/de-register them as soon as you are done cross-checking.
6. In short this is just a process to create a backup AMI (instance image) called as Snapshot and launching it with a new key. Not seen by anyone yet but this may have unexpected chance of data loss.
Now some troubleshooting:
Actually there is 0nly one issue which I saw after doing this key pair change method several times. The newly launched instance fails to complete the reachability check. Yes! That 2/2 checks passed thing.
If that happens you will not be able to connect to server via SSH. I have already posted methods to solve this in this article.
Change Key Pair on Running AWS EC2 Instance by Image Method Easily by Mrinal Buddekar is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.