Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

EC2, Ubuntu, forgot Passphrase

0

Hi, I have PEM key pair to my EC2 instance, which have Passphrase (the password it ask when we SSH in) , for reason not clear to me, the Passphrase that in my record is not working and I keep getting access denied , tried the this two method, https://aws.amazon.com/premiumsupport/knowledge-center/user-data-replace-key-pair-ec2/ and https://docs.aws.amazon.com/systems-manager/latest/userguide/automation-ec2reset.html

Both once completed, still asking for password when SSH in.

Please guide me guide on how to reset/remove the password (Passphrase ) request when SSH in to this instance.

Tópicos
Computação
Tags
Amazon EC2
Idioma
English
MuPathma
feita há um ano566 visualizações
3 Respostas
0
Resposta aceita

Dear Friends,

Thank you for those took the initiative to suggest solution for me.

  1. My problem root cause was the passphase we assgined for the KeyPairA did not work, so, either my guys recorded wrong passphrase in our record, or something crazy caused this,
  2. so when we used KeyPairA, our Instance A keep asking password, and we tried all he standard password my company use non of it worked
  3. We follow the two guide shown in the OP , both did not solve my problem
  4. I think because the Instance A is on ubuntu 14.04 and all he automation or vol attachment uses Ubuntu22 (assumed only)
  5. What we did is we AMI the instance, detach the volume and attached in a TEMP Instance (which is Ubuntu 14) , mount the volume to a folder in sda1
  6. SSH to Temp Instance, do this two this, sudo cp .ssh/authorized_keys /mnt/tempvol/home/ubuntu/.ssh/authorized_keys sudo cp etc/ssh/sshd_configs /mnt/tempvol/home/ubuntu/etc/ssh/sshd_config few files from the etc/ssh/ folder copied over too, I can not for sure say which file, copy the whole thing might solve so
  7. after this unmount, detach and attach back to Instance A and the KeyPair used in Temp Instance should work (at least it worked for me)
MuPathma
respondido há um ano
0

In the past, you could take a snapshot of an instance, create an AMI from that snapshot, create a new keypair, then run an instance based on the AMI with the new SSH keypair.

Then, login with the new keypair.

You would lose an instance store with this approach.

Bazzer
respondido há um ano
  • MuPathma
    há um ano

    I tried to detach the volume, attached to temp_instance, mount it, copy the autorized key details form temp_instance to mounted volume, test and facing same asking for pasword.

  • MuPathma
    há um ano

    Problem solved and here updating why this idea did not work for me, Instance A was on Ubuntu 14.04 Temp Instance B which was used to attached Volume form Instance A was on Ubuntu 22

    So, some miss match and the new SSH keypair which was generated in Ubuntu 22 did not work with Ubuntu 14, honestly I do not know the root cause, did not spend time as I solved my problem (as explained below)

0

Try SSM connect which will allow you in assuming a few things:

  1. Agent is installed (by default in most newer AMIs)
  2. EC2 Instance Profile grants permission to SSM agent
  3. Your account has access to connect via SSM.

Once these are met in EC2 right click and select "Connect".

You can read details on setting it up at: https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started.html

profile picture
Steve Radich
respondido há um ano
  • MuPathma
    há um ano

    Thanks for taking a bit time to answer my question, apricate it, we could not get SSM to work on the Instance A (the instance that have passphrase-forgotten keypair) I have solved this issue and I explained how I solve this for others reference

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante