AWS Recover Key Pair

Steps to recover key Pair:

1.  Create a similar instance (In that example we have lost the key Pair of testdb1 instance running on red hat and to recover the key pair we have create a similar instance name recover-key with red hat operating system)

2. Download the key pair from newly created Instance (recovery-key)

3. Stop the instance that we want to recover key pair (In that example testdb1)

4. Detach the root volume from that instance (testdb1)

5. Attach the root volume to newly created instance (recover-key)

6. Mount the root volume to newly created instance (recover-key)

7. Overwrite the authorized_keys from newly created instance to mounted volume (recover-key)

8. Unmount the volume (recover-key)

9. Detach the added root volume from newly created instance (recover-key)

10. Attach the root volume to the instance (testd1)

11. Start the instance (testdb1)

We will recover  key for testdb1 running on red hat operating system

Click Launch Instance Button

Select Red Hat Enterprise Linux 7.3

Click Next: Configure Instance Details

Click Next: Add Storage

Clieck Next: Add Tags

Click Add Tag

Give Key Name and Volume Name, and Click Next: Configure Security Group

Click Review and Launch

Click Launch

Select Create a new Key pair

Give Key Pair Name and Click Download Key pair. Click Launch.

Now the newly created instance is ready.

Stop testdb1.

Now detatch the Root volume /dev/sda1

Select  /dev/sda1 and Click EBS ID

Click Actions-> Detach Volume

click Yes, Detach. Now we have detached root the volume from testdb1.

Now attach the root volume to newly created instance recover-key. Click Actions->Attach Volume

Select instance recover-key.

Give Device name for the attach volume and Click Attach. 

Now you can see the Block devices /dev/sdf has been attached in recover-key instane

Now Overwrite the authorized_keys from newly created instance to mounted volume. Log in to the recover-key instance using the downloaded key.

[ec2-user@ip-172-31-18-207 ~]$ sudo -i

[root@ip-172-31-18-207 ~]# lsblk

NAME    MAJ:MIN RM SIZE RO TYPE MOUNTPOINT

xvda    202:0    0  10G  0 disk

ââxvda1 202:1    0   1M  0 part

ââxvda2 202:2    0  10G  0 part /

xvdf    202:80   0  10G  0 disk

ââxvdf1 202:81   0   1M  0 part

ââxvdf2 202:82   0  10G  0 part

[root@ip-172-31-18-207 ~]# mkdir /mnt/recovery

[root@ip-172-31-18-207 ~]# mount -o nouuid /dev/xvdf2 /mnt/recovery/

[root@ip-172-31-18-207 ~]# cat /home/ec2-user/.ssh/authorized_keys>/mnt/recovery/home/ec2-user/.ssh/authorized_keys

[root@ip-172-31-18-207 ~]# umount /mnt/recovery/

[root@ip-172-31-18-207 ~]# umount /mnt/recovery/

Now stop the recover-key instance. Click Actions->Instance State->Stop

Click Yes,Stop Button