Problem with connect to AWS Linux

Hello Expert

I got a customer that have an AWS environment.
I have never work with AWS before and i am trying to connect to the VM. But i cant because to connect it require a SSH key, but i dont have that and also the previous tech dont have that either.

What is the best way for me to gain access to the VM

Thanks in Advance
Arthit84Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David FavorLinux/LXD/WordPress/Hosting SavantCommented:
When you spin up an AWS instance an ephemeral private key is generated + presented right then.

You must capture this private key, because it's not stored anywhere.

If you don't capture it, well... it's gone forever.

If this is the only ssh key for the instance (no other entries in ~root/.ssh/authorized_keys) then there's no way to access the instance via ssh.

At least this was the way AWS use to work.

They might have fixed this so the private key is now kept somewhere... so...

You must either have the key or AWS must store the key for you to establish ssh access to the instance.
Adelaido JimenezDevOpsCommented:
David is correct you need the private key of the user that deployed the ec2 instance in order to be able to ssh into it. What I would try is create an AMI of the machine you are trying to login to and launch a new machine with your private key. You can do this through the AWS console.
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Many a client has found out the hard way there's no way to get into their instance after it's started.

Tip: Good practice. Anytime you spin up a new AWS instance, use ssh-copy-id to copy a consistent/know public key into all your instances + also record the private cert returned. This little trick ensures, if the ephemeral key is lost, then you can still get in with the known key.

Note: Be sure you run your backup procedure prior to stop/restart of an AWS instance as... depending on how the instance is configured, a stop/restart may lose all data related to the instance.
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

Arthit84Author Commented:
Thanks guys.
The former staff dont have the key:(
so basiclly i am left hanging :(

So is the best way yo create AMI of the machine?
Is ther any otherway that you guys know?

Thanks
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Creating an AMI requires a good bit of conversation, so likely best to close this question + open another.

And... you won't be able to save any data from your current instance without a key... unless you have some other mechanism running, like running WordPress on the instance, so you can use a backup plugin to save your data.

https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.customenv.html provides the starting point for AMI creation.

Tip: If you do create a custom AMI, bake into your AMI ~root/.ssh/authorized_keys to contain the public key for a private key you have on file.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Adelaido JimenezDevOpsCommented:
Another thing you can try is If the instance uses an EBS-backed instance, you can stop the instance, detach its root volume and attach it to another instance as a data volume, modify the authorized_keys file, move the volume back to the original instance, and restart the instance.
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
@Adelaido, thanks for this crafty trick!

I've file this away for future use.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.