丢失密钥对后访问EC2实例 [英] Accessing EC2 instance after losing keypair
问题描述
几个月前我启动了一个 EC2 实例,当时我将 .pem 密钥存储在我的 PC 中.PC 崩溃了,我不得不在上面重新安装 Windows,而且我没有 .pem 文件的备份
I booted up an EC2 instance months ago and at that time I had the .pem key stored in my PC. The PC since crashed and I had to reinstall Windows on it and I don't have a backup of the .pem file
有什么方法可以让我进入 EC2 实例上的提示 - 任何通过 ssh 或其他方式进入实例的方法?
Is there any way at all for me to get to the prompt on the EC2 instance- any way to ssh or otherwise get to the instance?
推荐答案
不容易.
论坛上的指南表明,您可以通过生成一个新的密钥对,然后启动一个新实例并从原始实例安装卷并在该卷中安装密钥对来实现这一点.之后,原始实例应该能够使用新的密钥对.
Guidance on the forums indicate that you can kind of do it by generating a new key pair and then bringing up a new instance and mounting the volume from the original instance and installing the keypair in that volume. After that the original instance should be able to use the new keypair.
根据 AWS 开发人员论坛上的这篇帖子 可以通过以下方式完成:
According to this post on AWS Developer Forums it can be accomplished via:
创建新的密钥对会将私钥下载到您的机器上,而公钥则存储在您的 AWS 账户中.当您启动一个新的 (linux) 实例时,公钥被放入/root/.ssh/authorized_keys 文件(或/home/ubuntu/.ssh/authorized_keys 用于 Canonical Ubuntu AMI),允许您的私钥访问该实例.
Creating a new keypair downloads the private key to your machine and the public key is stored in your AWS account. When you launch a new (linux) instance the public key is placed into the /root/.ssh/authorized_keys file (or /home/ubuntu/.ssh/authorized_keys for Canonical Ubuntu AMIs), allowing your private key access to the instance.
如果您已经设置了一个 linux 帐户,可以通过另一个 linux 帐户登录到实例来解决丢失私钥的问题.
Losing the private key can be fixed by logging in to the instance via another linux account if you have set one up.
或者,如果您正在运行一个 EBS 支持的实例,那么您可以停止它,将根 EBS 卷附加到另一个实例,并将一个新的公钥放入authorized_keys 文件中,然后将该卷返回到原始(停止) 实例并再次启动实例.
Alternatively, if you're running an EBS-backed instance then you can Stop it, attach the root EBS volume to another instance, and place a new public key into the authorized_keys file, then return the volume to the original (stopped) instance and Start the instance again.
如果这些都不起作用,那么 - 抱歉 - 你运气不好.之所以叫钥匙,是因为没有它就进不去.
If none of these work, then - sorry - you're out of luck. It's called a key because you can't get in without it.
这篇关于丢失密钥对后访问EC2实例的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
