Scenario / Questions

I am working with some Amazon EC2 servers that are up and running, and I need to SSH into the servers. I don’t have any keys that were generated when the servers were first set up (someone else did it long before I got here). Can I still get into the servers without the key files?

FWIW I’ve tried a lot of things to SSH into the box so far, including generating new key pairs in the EC2 dashboard, and nothing seems to be working. This Amazon AWS support post and this answer seem to indicate that I’m out of luck unless I want to make an AMI of my current server and then use it to instantiate a whole new EC2 server instance (just to get the .pem file generated at that time). Is that really the only way I can get into the box at this point?!

Find below all possible solutions or suggestions for the above questions..

Suggestion: 1

In short: Yes, you can, but not without some work.

You’ll need to do the following:

(For these steps, assume that the machine you’re having trouble connecting to is called server-01.)

First, before starting these steps, take a snapshot of your server.

  1. Start a new, temporary instance. Call it server-02.
  2. Stop server-01. Don’t terminate it, just stop it.
  3. Un-attach the root (/) EBS volume from server-01, and attach it to server-02 as, say /dev/sdb.
  4. Sign into server-02, and run: $ mkdir /mnt/temp && mount /dev/sdb /mnt/temp. This will mount server-01’s root partition within the (temporary) server-02.
  5. Now you should be able to: $ vi /home/<user>/.ssh/authorized_keys and copy/paste in your public key. When you’ve done that, save and close the file.
  6. Now run: $ cd / && umount /mnt/temp to umount server-01’s root partition from server-02.
  7. Now, just un-attach that volume from server-02, attach it back to server-01, and then start server-01. When it starts up, you should be able to ssh in again.

Suggestion: 2

Just a tip before anyone tries EEAA‘s answer,

If you have not run the iptables save or iptables-save command to save your configurations, then just restart the server. Citing this answer on AskUbuntu, I learnt that iptables saves your configurations in the RAM itself unless you explicitly save it to the configuration files.

EC2 instances can be easily rebooted from the EC2 Dashboard or aws-cli