Lost the root password to our Disaster Recovery ec2 Instances. How to reset it

Question

I'm facing a critical situation where my manager, who had all the necessary credentials has unexpectedly left the company and is now unreachable. We urgently need to access our Disaster Recovery site, but we don't have the root password to our ec2 instances in our DR region. Connect to instance is not available, don't have access to any ssh keys that I know of. Can anyone advise on the best steps to regain access securely or how to handle such a situation? Any help would be greatly appreciated.

SHAJAM
há um mês
Are the EC2s configured with SSM, if so, at a minimum, you can login with SSM and do your task.

Adeleke Adebowale Julius · Answer

Could you please follow the below troubleshooting steps

### Steps to Regain Access to EC2 Instances

1. **Stop the Instance**:
   - Go to the EC2 console: [EC2 Console](https://console.aws.amazon.com/ec2/).
   - Select the instance you need to access and stop it.

```sh
   aws ec2 stop-instances --instance-ids i-1234567890ab
   ```

2. **Detach the Root Volume**:
   - Detach the root EBS volume from the stopped instance.

```sh
   aws ec2 detach-volume --volume-id vol-1234567890ab
   ```

3. **Attach the Volume to Another Instance**:
   - Attach the detached volume to another running instance where you have access. Attach it as a secondary volume (e.g., `/dev/sdf`).

```sh
   aws ec2 attach-volume --volume-id vol-1234567890ab --instance-id i-0987654321fe --device /dev/sdf
   ```

4. **Access the Attached Volume**:
   - SSH into the instance where you attached the volume.

```sh
   ssh -i /path/to/your/key.pem ec2-user@
   ```

- Mount the attached volume.

```sh
   sudo mkdir /mnt/recovery
   sudo mount /dev/xvdf1 /mnt/recovery
   ```

5. **Modify the Necessary Files**:
   - **Option 1: Reset the Root Password**:
     - Edit the `/etc/shadow` file on the mounted volume to reset the root password.

```sh
     sudo chroot /mnt/recovery
     sudo passwd root
     exit
     ```

- **Option 2: Add a New SSH Key**:
     - Add your SSH public key to the `~/.ssh/authorized_keys` file for the root user.

```sh
     sudo chroot /mnt/recovery
     sudo mkdir -p /root/.ssh
     sudo nano /root/.ssh/authorized_keys
     # Paste your SSH public key into the file
     exit
     ```

6. **Unmount the Volume**:
   - Unmount the volume from the recovery instance.

```sh
   sudo umount /mnt/recovery
   ```

7. **Detach the Volume from the Recovery Instance**:
   - Detach the volume from the recovery instance.

```sh
   aws ec2 detach-volume --volume-id vol-1234567890ab
   ```

8. **Reattach the Volume to the Original Instance**:
   - Reattach the volume to the original instance as the root volume (e.g., `/dev/sda1`).

```sh
   aws ec2 attach-volume --volume-id vol-1234567890abcdef0 --instance-id i-1234567890ab --device /dev/sda1
   ```

9. **Start the Original Instance**:
   - Start the original instance.

```sh
   aws ec2 start-instances --instance-ids i-1234567890B
   ```

10. **Access the Instance**:
    - SSH into the instance using the new root password or the new SSH key you added.

```sh
    ssh -i /path/to/your/key.pem root@
    ```

Lost the root password to our Disaster Recovery ec2 Instances. How to reset it

Steps to Regain Access to EC2 Instances

Conteúdo relevante