How do I change what keypair my LightSail instance uses?

Asked 14/12, 2016 at 14:45 Answered 30/1, 2020 at 12:7

amazon-web-services ssh amazon-lightsail

At...

https://lightsail.aws.amazon.com/ls/webapp/instances/[my instance name]/connect

...I see...

"You configured this instance to use the somekeypairname key pair."

How do I change that? I have (just a minute ago) deleted that key pair in the hopes that the instance would start using the default key pair. Subsequently, I also rebooted the instance. Where in the GUI do I find where to change the key pair for the instance?

Chaotic answered 14/12, 2016 at 14:45 Comment(0)

You can adjust ~/.ssh/authorized_keys via Amazon Web SSH client (which can be found right in the Lightsail dashboard)

Giltedged answered 30/1, 2020 at 12:7 Comment(3)

appending my new public key to this existing file worked for me. – Carnage 18/4, 2020 at 5:12

Where exactly is this location? – Mclaurin 4/6, 2021 at 10:8

Nvm, found it /home/bitnami/.ssh/authorized_keys at docs.bitnami.com/aws/faq/administration/… – Mclaurin 4/6, 2021 at 10:12

AWS deploys the public key into the appropriate authorized_keys file when the instance is launched.

You cannot change the key after the instance has been created via the GUI.

Now, if there is valuable data on the instance there are ways to get access to it, but you are probably better off deleting the existing instance and creating a new one.

Gibrian answered 14/12, 2016 at 16:54 Comment(3)

are you able to change/remove the default user login? ex. ec2-user or ubuntu? – Vasomotor 29/10, 2017 at 20:46

@SuperVeetz: You cannot change the default, but you can configure your instance any way you like, which might include creating new users. – Gibrian 29/10, 2017 at 22:44

From the Lightsail docs: "After your instance is up and running, you can add a new key to the instance, or replace the key that you originally assigned to it. For example, if a user in your organization requires access to the instance using a separate key, you can add that key to your instance. Another example might be when someone leaves your organization and they have a copy of the private key (.PEM) file. You can prevent them from connecting to your instance by replacing the key with a new one or removing it completely." – Fairley 16/9, 2022 at 0:28

I know this is old, but the best way I have found is to take a snapshot of the instance, make a new instance (save the key - you wont get another chance), make a new EBS volume with the snapshot, mount the EBS volume to the new instance, test the new instance, unbind the elastic IP from the old instance, bind the elastic IP to the new instance, do a live test, stop the old instance (don't terminate it incase there are issues), wipe the sweat from your brow, and get your self a drink.

Now you can access the the server with your new key, and it should match the old one.

It's a little tedious. If anyone wants more info or has a better way please share!

Hebbel answered 27/12, 2019 at 2:42 Comment(0)

Recommended topics

Hot tags