Accidentally Deleted ec2-user Folder – Unable to SSH into EC2 Instance

To recover access to your EC2 instance after accidentally deleting the /home/ec2-user folder, you can follow these steps:

1. Stop the EC2 instance if it's still running.

2. Create a snapshot of the instance's root EBS volume for backup purposes.

3. Detach the root EBS volume from the affected instance.

4. Launch a new temporary EC2 instance in the same Availability Zone.

5. Attach the detached root volume to the temporary instance as a secondary volume.

6. Mount the attached volume on the temporary instance:

   sudo mkdir /mnt/temp
   sudo mount /dev/xvdf1 /mnt/temp
   

7. Recreate the ec2-user home directory and necessary files:

   sudo mkdir -p /mnt/temp/home/ec2-user
   sudo chown ec2-user:ec2-user /mnt/temp/home/ec2-user
   

8. Copy the default ec2-user files from the temporary instance:

   sudo cp -r /home/ec2-user/. /mnt/temp/home/ec2-user/
   

9. Ensure correct permissions are set:

   sudo chmod -R 755 /mnt/temp/home/ec2-user
   

10. Unmount the volume:

    sudo umount /mnt/temp
    

11. Detach the volume from the temporary instance.

12. Reattach the volume to your original instance as the root volume.

13. Start your original instance.

14. Try to SSH into your instance using your original key pair.

If you're still unable to access the instance after these steps, you may need to use AWS Systems Manager to regain access:

1. Ensure the SSM agent is installed on your instance.
2. Configure the necessary IAM role for Systems Manager access.
3. Use the AWSSupport-ResetAccess automation document to reset access to your instance.

Remember to regularly back up critical system files and use IAM roles and policies to restrict access to sensitive directories to prevent similar issues in the future.

Sources
EC2 instance /etc folder deleted , couldnt connect now AMI- ami-04b4f1a9cf54c11d0 | AWS re:Post
Community | Recovering Access: A Guide for Lost EC2 Key Pair in Linux

Accidentally deleting the /home/ec2-user directory is a tough one, but you can recover access without losing your instance. Here’s how to proceed:

Option 1: Recover Using a Rescue Instance Stop your EC2 instance (don't terminate it).

Detach the root volume (usually /dev/xvda) from the instance.

Attach the volume to another temporary EC2 instance (use the same OS and instance type if possible) as a secondary volume (e.g., /dev/xvdf).

SSH into the temporary instance, then:

bash Copy Edit sudo mkdir /mnt/tempvol sudo mount /dev/xvdf1 /mnt/tempvol Recreate the ec2-user home directory:

bash Copy Edit sudo mkdir /mnt/tempvol/home/ec2-user sudo chown ec2-user:ec2-user /mnt/tempvol/home/ec2-user sudo chmod 700 /mnt/tempvol/home/ec2-user Unmount the volume:

bash Copy Edit sudo umount /mnt/tempvol Detach the volume from the rescue instance and re-attach it to the original instance as /dev/xvda.

Start your instance and try SSH again.

If EC2 Serial Console Prompts for Username/Password: That won’t help in this case unless you had previously set up a password for a user. EC2 Linux AMIs typically use key-based authentication, not passwords.

Pro Tip: Once you’re back in, consider creating a backup AMI or snapshot so you can recover quickly in the future.

Let me know if you need help choosing a temporary instance or working with the volumes—happy to walk you through it!