Change ssh key-pair of Running EC2 Instance

19 / Aug / 2014 by Vikash Jha 5 comments

Sometimes we get the requirement to change the key-pair for some security reasons. In this article, we will be changing the key pair of running EC2 instances.

Steps:

1. Create a new key pair from AWS Console.
2. Generate Public key from newly created key pair ( Private Key ).
3. Paste the generated public key ( from Step 2 ) in ~/.ssh/authorized_keys of Server.
4. Delete the existing key from ~/.ssh/authorized_keys of Server
5. Perform ssh using new key.

I have a running EC2 Instance ( Ubuntu 14.04 ) having key-pair “testing-key”.

Screenshot from 2014-08-19 13:16:14

Let’s change the key

1. Create a new key pair from AWS Console

Screenshot from 2014-08-19 14:08:14

This is a private key that you have to download on your local machine.

2. Generate Public Key from Private Key (testing-ssh-key)

Execute

"$ ssh-keygen -y"

and provide the path for private key.
Here “testing-ssh-key.pem” is the new private key

Screenshot from 2014-08-19 14:59:48

3. Append the above generated public key to ~/.ssh/authorized_keys

4. Remove the old key from ~/.ssh/authorized_keys ( “testing-key.pem” )

5. Perform ssh using new key

$ ssh -i testing-ssh-key.pem ubuntu@X.X.X.X

You can now log in using new key.

Screenshot from 2014-08-19 14:29:03

Read more about our DevOps AWS capabilities.

Note: This article is not for changing key-pair if it is lost or deleted. Before performing below actions, it is advisable to take the backup of existing EC2 Instance.

FOUND THIS USEFUL? SHARE IT

comments (5)

  1. Akhil T

    Thanks. This worked perfectly. Only issue is the EC2 instance is still showing the old key name in dashboard. Any suggestions to change it to new name?

    Reply
  2. sandeep

    i followed the above steps for changing the key pair and i changed the authorized keys after that i am not able to login into my ec2 instance . please help me .thanks

    Reply

Leave a comment -