4

I am running an Ubuntu instance on Amazon AWS EC2. I have a root user named ubuntu. I also have another user named ellis. My ubuntu user is the administrative user that has the control of all other users and creating files and directories in the root.

When I was copying the .ssh/authorized_keys from /home/ubuntu/.ssh/authorized_keys to /home/ellis/.ssh I must have accidentally deleted the directory .ssh that was within ubuntu. Now, I am not able to login to my instance as ubuntu, only as ellis. I tried changing permissions within ellis to gain access to ubuntu with no luck.

I used FileZilla as ellis and was able to see the directories and files within ubuntu, that is why I know that .ssh was removed from ubuntu.

I need to be able to access ubuntu. I have tried copying my ssh directory from ellis to ubuntu, but with the permissions that are set up, nothing administrative can be done from other users. Any way to fix this?

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
David Ellis
  • 61
  • 5
  • I dont think you can do anything ..... just try to recover the deleted .ssh.... otherwise you are lockedout for good!!! – z atef Oct 16 '15 at 00:39
  • I have the same service as yours with amazon with user ubuntu and I know if I ever lose the key.pem I will not be able to access my instance ever again... – z atef Oct 16 '15 at 00:43
  • read this page where it talks about losing private key.. http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-key-pairs.html – z atef Oct 16 '15 at 00:44
  • I think @zee has the best Answer that worked for me – Stephen Ngethe Apr 26 '17 at 07:25

1 Answers1

9

You can still access the disk by attaching it to another instance. That way, you can copy across a new key file.

Try this:

  • Stop your instance (let's call it Instance A)
  • Start another Linux instance or use one you already have (let's call this Instance B)
  • Detach your root EBS Volume from Instance A (let's call this Volume A) -- make a note of the mount device, eg /dev/sda1

  • Attach Volume A to Instance B as some /dev/sdf via console. Though device name provided is /dev/sdf, aws might attach it as /dev/xvdf or /dev/xvdf1. You might have to reboot instance B, if you do not see either /dev/sdf or /dev/xvdf or /dev/xvdf1

  • Try to mount the volume /dev/xvdf or /dev/xvdf1, access the content, navigate to the ubuntu user's home directory, store a correct ssh-key

  • Detach Volume A from Instance B
  • Attach Volume A to Instance A (on the same mount-device as above)
  • Start Instance A and try to login
rahul.deshmukhpatil
  • 977
  • 1
  • 16
  • 31
John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
  • Wow. Thank you so much. I followed all of your steps down to mounting the volume. I was able to sign on as ubuntu using the authorization key I already had. The funny part is, /home/ubuntu/.ssh/authorized_keys was still there, I don't know why it wasn't visible before. I also tried logging on as ellis and that works as well. Since it is working, I didn't detach the volume from my new instance, does this matter? Also, if my key is working and was never deleted, why was I not able to login as ubuntu? – David Ellis Oct 16 '15 at 20:13
  • Why do people have to dislike someone's post? I did look into the topic and do research on it. It is also quite clear what I was trying to achieve. Thanks. – David Ellis Oct 22 '15 at 20:14
  • @njoshsn If you have a different question, please create a New question rather than asking in a comment on an old question. – John Rotenstein Apr 26 '17 at 08:04
  • @JohnRotenstein says `store a correct ssh-key` in *4th last point*. How can I achieve this? – ajinzrathod May 05 '21 at 06:25
  • 1
    @ajinzrathod Public keys are stored in the user's home directory, under `~/.ssh/authorized_keys`. For more info, do a web search on "Linux authorized_keys". – John Rotenstein May 05 '21 at 10:05