1. Amazon Ec2 Generate New Key Pair Code
  2. Replace Key Pair Ec2

Dec 11, 2013  In this tutorial I went through how to create key pairs from amazon AWS. I also generate private key pair using putty for our connection to the instance. Generating Key pairs. If you create the key via the ec2 console, AWS will keep the public key in the system automatically and your browser will download the private key. See Creating a Key Pair Using Amazon EC2. (this second approach will save you having to upload it to ec2 keypairs). If you create your own key pair using the command line, follow the recommendations at create-key-pair or New-EC2KeyPair Cmdlet for key type and bit length. If you create your own key pair using a third-party tool, be sure that your key matches the guidelines at Importing Your Own Public Key to Amazon EC2.

Replace username with your user name, such as ec2-user. You can enter the default user name, or enter a custom user name, if one was previously set up for the instance. For a list of default user names, see General Prerequisites for Connecting to Your Instance.

Replace PublicKeypair with the public key retrieved in step 2. Be sure to enter the entire public key, starting with ssh-rsa.

7. Choose Save.

Amazon ec2 generate new key pair of roller skates

8. Start your instance.

9. After the cloud-init phase is complete, validate that the public key was replaced.

Important: Because the script contains a key pair, remove the script from the User Data field.

10. Stop your instance.

11. Choose Actions, Instance Settings, and then choose View/Change User Data.

12. Delete all the text in the View/Change User Data dialog box, and then choose Save.


13. Start your instance.

Note: If your instance is Amazon Linux 2 2.0.20190618 or later, you can use EC2 Instance Connect to connect to the instance.

Method 2: Use AWS Systems Manager

If your unreachable instance is listed in AWS Systems Manager as a managed instance, you can use the AWSSupport-ResetAccess document to recover from a lost key pair scenario. This Automation document uses the EC2Rescue for Linux tool on the specified EC2 instance to automatically generate and add a new SSH (Public/Private) key pair.

The new SSH private key for your instance is encrypted and saved in the Parameter Store. The parameter name is /ec2rl/openssh/instance_id/key. Create a new .pem file with this parameter's value as its content and use it to connect back to your unreachable instance.

Note: The Automation workflow creates a backup, password-enabled Amazon Machine Image (AMI). The new AMI is not automatically deleted and remains in your account.

To locate these AMIs:

1. Open the Amazon EC2 console, and then choose AMIs.

2. Enter the Automation execution ID in the search field.

In the video on the left, Emanuel shows you
how to create an AWS access key for an existing IAM user

In the video on the right, Deren shows you
how to create an access key ID for a new IAM user

I need an AWS access key to allow a program, script, or developer to have programmatic access to the resources on my AWS account. How do I create a new access key?

An access key grants programmatic access to your resources. This means that the access key should be guarded as carefully as the AWS account root user sign-in credentials.

It's a best practice to do the following:

  1. Create an IAM user and then define that user's permissions as narrowly as possible.
  2. Create the access key under that IAM user.

For more information, see What are some best practices for securing my AWS account and its resources?

Did this page help you? Yes No

Back to the AWS Support Knowledge Center

Amazon Ec2 Generate New Key Pair Code

Need help? Visit the AWS Support Center

Published: 2016-01-28

Replace Key Pair Ec2

Updated: 2018-10-24

Coments are closed
Scroll to top