CODEWITHSUNDEEP
amazon-web-servicesamazon-ec2
Ishwar
Ishwar

Reputation: 6161

How to change pem file for an ec2-instance without creating new ec2-instance?

I have created an instance and its pem file named as demo.pem,
But due to some security i have to change my old demo.pem file with demos.pem for the same instance.
I do not want to create new instance for changing pem file => Is it possible? | Help?

Upvotes: 1

Views: 1751

Answers (2)

OAH
OAH

Reputation: 1210

Answer from A to Z:

  1. create a pem key pair in the aws interface at (example) https://console.aws.amazon.com/ec2/v2/home?region=us-east-1#KeyPairs:
  2. then go to your download files and modify access mode
chmod 400 yourNewPemName.pem
  1. then generate the public key:
ssh-keygen -y -f yourNewPemName.pem > yourNewPemName.pub
  1. connect to the ec2 instance:
cd ~ / .ssh
  1. then replace the contents of the authorized_keys file, with the contents of your public key contents generated above step 3

Upvotes: 1

John Rotenstein
John Rotenstein

Reputation: 269330

It's worth understanding how keypairs work...

When logging into Linux using keypairs, you specify a username and a keypair, eg:

ssh -i demo.pem [email protected]

Linux then looks in the .ssh/authorized_keys file belonging to that user, eg:

/home/users/ec2-user/.ssh/authorized_keys

If looks for the public key in that file that matches the private key used for login. It then does keypair magical stuff and determines whether to allow the person to login.

Therefore, to enable login on an instance using a new keypair:

  • Add the public half of the keypair to the ~/.ssh/authorized_keys file in the appropriate user's home directory
  • If desired, remove an old key from that file to remove access permissions

You can have multiple keys in that file, which permit login via any of the authorized keypairs.

Upvotes: 4

Related Questions