Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Lost the root password to our Disaster Recovery ec2 Instances. How to reset it

0

I'm facing a critical situation where my manager, who had all the necessary credentials has unexpectedly left the company and is now unreachable. We urgently need to access our Disaster Recovery site, but we don't have the root password to our ec2 instances in our DR region. Connect to instance is not available, don't have access to any ssh keys that I know of. Can anyone advise on the best steps to regain access securely or how to handle such a situation? Any help would be greatly appreciated.

  • SHAJAM EXPERT
    a year ago

    Are the EC2s configured with SSM, if so, at a minimum, you can login with SSM and do your task.

Topics
Compute
Tags
Amazon EC2
Language
English
asked a year ago211 views
1 Answer
0

Could you please follow the below troubleshooting steps

Steps to Regain Access to EC2 Instances

  1. Stop the Instance:

    • Go to the EC2 console: EC2 Console.
    • Select the instance you need to access and stop it.
    aws ec2 stop-instances --instance-ids i-1234567890ab

  2. Detach the Root Volume:

    • Detach the root EBS volume from the stopped instance.
    aws ec2 detach-volume --volume-id vol-1234567890ab

  3. Attach the Volume to Another Instance:

    • Attach the detached volume to another running instance where you have access. Attach it as a secondary volume (e.g., /dev/sdf).
    aws ec2 attach-volume --volume-id vol-1234567890ab --instance-id i-0987654321fe --device /dev/sdf

  4. Access the Attached Volume:

    • SSH into the instance where you attached the volume.
    ssh -i /path/to/your/key.pem ec2-user@<instance-public-dns>
    • Mount the attached volume.
    sudo mkdir /mnt/recovery
sudo mount /dev/xvdf1 /mnt/recovery

  5. Modify the Necessary Files:

    • Option 1: Reset the Root Password:

      • Edit the /etc/shadow file on the mounted volume to reset the root password.
      sudo chroot /mnt/recovery
sudo passwd root
exit

    • Option 2: Add a New SSH Key:

      • Add your SSH public key to the ~/.ssh/authorized_keys file for the root user.
      sudo chroot /mnt/recovery
sudo mkdir -p /root/.ssh
sudo nano /root/.ssh/authorized_keys
# Paste your SSH public key into the file
exit

  6. Unmount the Volume:

    • Unmount the volume from the recovery instance.
    sudo umount /mnt/recovery

  7. Detach the Volume from the Recovery Instance:

    • Detach the volume from the recovery instance.
    aws ec2 detach-volume --volume-id vol-1234567890ab

  8. Reattach the Volume to the Original Instance:

    • Reattach the volume to the original instance as the root volume (e.g., /dev/sda1).
    aws ec2 attach-volume --volume-id vol-1234567890abcdef0 --instance-id i-1234567890ab --device /dev/sda1

  9. Start the Original Instance:

    • Start the original instance.
    aws ec2 start-instances --instance-ids i-1234567890B

  10. Access the Instance:

    • SSH into the instance using the new root password or the new SSH key you added.
    ssh -i /path/to/your/key.pem root@<instance-public-dns>
EXPERT
answered a year ago
EXPERT
reviewed a year ago
EXPERT
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content