0

Scenario:

  • I have a running ec2 instance but don't have the key pair for the instance.
  • I have a ftp-user account set up but don't have root access.
  • I want to duplicate the running instance to a new instance go gain root access.

Problem:

  • When I try to create a new instance, from a snapshot of the old one, putty says "Server refused our key" when trying to ssh into it...

This is what I did:

  1. Created a snapshot of the old instance's ebs volume
  2. From the snapshot I created an image
    • Made sure the architecture and kernel-id matched the old instance
  3. I launched a new instance from the image
    • Created a new key pair
    • Created a new security group and made sure port 22 was open
  4. Assigned an elastic ip to the instance
  5. I downloaded and converted the key pair .pem file with puTTYgen
    • Loaded .pem file into puTTYgen
    • Used SSH-2 RSA 1024
    • Saved private key
  6. Tried to ssh into the instance with putty (BUT FAILING)
    • Used elastic ip address
    • Tried with usernames: "ec2-user", "root", "ubuntu", "bitnami"

What could be wrong?

a_b
  • 1,828
  • 5
  • 23
  • 37
  • 1
    see http://stackoverflow.com/questions/7881469/change-key-pair-for-ec2-instance/11776183#11776183 – yegor256 Jun 23 '13 at 14:14

1 Answers1

2

The image and your new instance still use the original keypair. Unless you prepare the instance to accept a new key at launch, it will not.

What you need to do is attach the volume to a new instance entirely, (created from a public ami). Mount the volume and edit the user's authorized_keys file on that volume. Put in your new key, and then move it back to the original instance.

datasage
  • 19,153
  • 2
  • 48
  • 54
  • thanks, step-by-step description of your above answer found here: http://stackoverflow.com/questions/7881469/change-key-pair-for-ec2-instance/11776183#11776183 – a_b Jun 24 '13 at 22:24