By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Create a Lightsail Windows Instance, Unable to get admin password

0

I am unable to get the Windows Administrator password of my newly created Lightsail Windows instance.

I just created the Windows Instance in Lightsail. I never created an Admin Password. I never changed the Admin password. The documentation says to go to my instance and view my password. But it is not there. `Your instance is assigned a default password at creation.

If you change your password in Windows, or delete the default key, this password will no longer be valid.` I didn't change my password, so that shouldn't even be an option.

I got the cipher of my password (the one I mentioned earlier that I didn't set or change). From this page: https://docs.aws.amazon.com/en_us/lightsail/latest/userguide/use-non-default-key-with-windows-based-instance-in-lightsail.html#decrypt-password-using-cyphertext-and-cli

I have the ciphertext. I have my key that I created the instance with. I tried decrypting with openssl and I am unable to get a password. IF using openssl to decrypt is the correct option I must not be using the correct switches.

Topics
Compute
Tags
Amazon LightsailWindows Provisioning
Language
English
imabev
asked a month ago188 views
3 Answers
0

Thank you. My mistake was using my own key. Initially it looked like this was something that I should use but it is just as secure and effective if I do not choose a key an let it get created automatically for me. I deleted the keyed lightsail instance and created a new one (windows). The password is available in the console "connect" tab. Because I want to learn and maybe this will benefit someone else, referencing the decryption with OpenSSL openssl rsa -in /path/to/your/private/key.pem -out decrypted_password.txt -decrypt Is this correct?

  • The .pem file (the "-in" switch) is my private key
  • the "-out" switch is where I want to output the decrypted password to
  • Where does the cipertext go?...in the .pem file?
imabev
answered a month ago
  • AWS-User-6091936
    a month ago

    You can use the following command to decrypt the password cipher text if the cipher text file is base64 encoded: cat cipher.txt | base64 -d | openssl pkeyutl -decrypt -inkey /path/to/your/private/key.pem.

    If not you can just use: openssl pkeyutl -decrypt -inkey /path/to/your/private/key.pem -in cipher.txt

0

Hi imabev,

Retrieving the Windows Administrator password for your Amazon Lightsail instance should be straightforward if the instance was just created and the password hasn't been manually changed. Here’s a step-by-step guide to access your password:

  1. Access the Lightsail Console: Log in to the Amazon Lightsail console and navigate to the 'Instances' page.

  2. Select Your Instance: Click on the Windows instance for which you need the password.

  3. Connect Using RDP: There should be a “Connect using RDP” button or similar. Click on it to open the remote desktop protocol client built into Lightsail.

  4. Get Password: Look for an option that says “Account access” or “Show default password”. You might need to wait a few minutes after instance creation for the password to be available. Clicking this should reveal the default administrator password.

If you're trying to decrypt the password manually using the ciphertext and your key, ensure you're following the correct OpenSSL command format. The general process involves:

  • Downloading the private key file for your instance (if you're using a custom key pair).
  • Using the OpenSSL command line to decrypt the ciphertext.

The command should look something like this:

openssl rsa -in /path/to/your/private/key.pem -out decrypted_password.txt -decrypt

Make sure you're using the correct path to your private key and the correct file that contains the ciphertext. You might need to adjust the OpenSSL command based on the specific format of your ciphertext and the type of key you're using.

If you're still unable to retrieve your password, double-check that:

  • You're using the correct private key that was associated with the instance at the time of creation.
  • The ciphertext has been correctly copied without any missing characters.

I'm here to help! Tell me if didn't work.

profile picture
Vitor Castellani
answered a month ago
0

Hello.

You should be able to obtain your Lightsail Windows administrator password by following the steps in the document below.
If no changes have been made, you can connect using the password confirmed by following the steps in the document below.
https://docs.aws.amazon.com/lightsail/latest/userguide/connect-to-your-windows-based-instance-using-amazon-lightsail.html#windows-admin-password

profile picture
EXPERT
Riku_Kobayashi
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content