Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Download private key pem file again

0

I have been using ssh to access to my EC2 instance. I am setting up the same ssh on my laptop while I am overseas. But I need the private key pc_key.pem file which is assigned to the instance. It does not give me an option to download it again.

On EC2, I generate a new key pair and save the laptop_key.pem file onto my laptop and use this pem file in ssh command like this: ssh -i laptop_key.pem ubuntu@mysite.com It responses with Permission Denied (public key). I can see that this key is not assigned to the instance. That may be the reason. I don't want to change this though as the pc_key.pem is used on my PC while I ssh to this instance.

I am overseas and can't access to my pc. Can anyone help me to solve this problem please? Regards Ray

Topics
Management & GovernanceComputeSecurity, Identity, & Compliance
Tags
Amazon EC2AWS Key Management ServiceAWS Command Line Interface
Language
English
asked 2 years ago3.6K views
1 Answer
0
Accepted Answer

Hi Ray,

Unfortunately, once a private key PEM file is downloaded from AWS, it cannot be re-downloaded. Here are a few steps you can take to solve your problem:

  1. Accessing the EC2 Instance with the Original Key:

    • Since you can't download the pc_key.pem again, you need to find a way to access your original PC to get the pc_key.pem file. You might consider using a remote desktop or VPN to access your PC if that's an option.

  2. Creating a New Key Pair and Adding It to the Instance:

    • You mentioned you created a new key pair (laptop_key.pem). To use this key, you need to add the new public key to your instance.
    • First, access your EC2 instance using the pc_key.pem on your original PC.
    • Add the public key from laptop_key.pem to the ~/.ssh/authorized_keys file on your instance. Here’s how: 
      ssh -i pc_key.pem ubuntu@mysite.com
      Once logged in, open the authorized_keys file: 
      nano ~/.ssh/authorized_keys
      Add the contents of the new public key (found in laptop_key.pem.pub) to this file. Save and exit.

  3. Using SSH Agent Forwarding:

    • If you have another machine that has the pc_key.pem file, you can use SSH agent forwarding to connect to your instance from your laptop. This requires setting up SSH agent forwarding on the machine with the key and on your laptop.

  4. Using AWS Systems Manager Session Manager:

    • If your instance has the SSM agent installed and configured, you can use the AWS Systems Manager Session Manager to connect to your instance without needing the PEM key. This would allow you to update the authorized_keys file with your new key.

Here is a link to AWS documentation on Setting Up Session Manager.

I hope one of these solutions helps you regain access to your EC2 instance.

ref: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html

ref2: https://docs.aws.amazon.com/systems-manager/latest/userguide/automation-ec2reset.html

ref3: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/replacing-key-pair.html

EXPERT
answered 2 years ago
  • RCNZ
    2 years ago

    Thanks Vitor. Since I am overseas and can't reach my pc which has the original key, step 1 to 3 can't be applied by myself but they are helpful. Step 4 may be ok but I don't want to change the original key though. Eventually I manage to have someone else to access to the server from another PC.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content