I am using a Centos based EC2 instance and had shared the ppk file with a passphrase with the team. Now I want to secure it and hence generated ppk file with new passphrase using Puttygen. But I can still connect to the instance from Filezilla using the old passphrase. Please let me know how do I disable that without changing the entire keypair.
Asked
Active
Viewed 93 times
0
-
Do you mean you can still use the old ppk file? And both the old and the new ppk file contain the same private key? In this case, you either remove the old ppk file or you load it in Puttygen and replace its passphrase. If I misunderstood you, please [edit your question](https://serverfault.com/posts/1061713/edit) and add a little more detail to make it clearer. – berndbausch Apr 27 '21 at 14:43
-
Yes I can still use the old ppk file.. And yes both ppk files use the same public key (pem file). Yes I did the same, generated a new ppk using the old pem file through puttygen and replaced the passphrase. – Supriya May 04 '21 at 04:34
1 Answers
0
If you're still using the same key file, just with a different passphrase, then you can't stop the rest of the team from still using the key with the old passphrase. Because they still have the key.
If you want to stop them from using that key, you need to change keys - remove the old one from the authorized_keys file on the server, and add a new one.
Andrew Schulman
- 8,811
- 21
- 32
- 47
-
You mean I need to change the entire keypair is it? How do I do it, without stopping the instance? – Supriya May 04 '21 at 04:35
-
As said in the answer, you remove the key from the `authorized_keys` file. Normally, you find it under `$HOME/.ssh`. I don't know, however, if an EC2 command is available or even required. – berndbausch May 04 '21 at 05:41