How to replace add key pair for a Windows EC2 instance

0 votes
I have the running Windows server image on EC2.
I have created an extra administrator login and have been using it login by using RDP. Sadly, I've lost the PEM file for the "Administrator" account and I've also disabled it for  its "safety"

As I have access to the instance through an alternative administrative account I'm trying to figure out few things:

Do I need the "Administrator" account PEM file in for the future?
If I ask Amazon to generate a new PEM file using the same name that I currently have, how do I replace the "Administrator" key pair for that instance?
I asked same at many places and people but got no relevant response, Everyone talks about shutting down and creating a new instance. I cannot shut down this server, so there must be a way to replace the key pair for the "Administrator" account.
I cannot even find where Windows stores the key pair in a Windows server.
Apr 13, 2018 in AWS by Flying geek
 • 3,280 points 7,986 views

3 answers to this question.

0 votes
Whenever an instance is first launched from one of the Amazon-supplied Windows AMIs, some code on the instance generates a random Administrator password. This password is then encrypted through the selected Keypair and is then passed back to AWS (you can actually see it in the System Log).

When you wish to first login into the instance, you will have to use the PEM to decrypt the Administrator password. Then you will be able to login to the Windows instance using that same password.

It is recommended that you should immediately change the Administrator password or you should connect the instance to those Active Directories. Basically, you must follow your standard company security practices.

If you remember the password, you won't require the PEM file again. In fact, if you change the password, then even having the PEM will not provide you an access because it will only decrypt the original password.
Mainly, in the end, you need to Ignore the PEM file. You still have administrative access to the instance, so you don't even need the Administrator account anymore. If you wish to use the Administrator account, simply use your existing administrative login to reactive it and set the password. Hope it helps, cheers friend :)
answered Apr 13, 2018 by Cloud gunner
 • 4,670 points
0 votes
No, this is not possible for you to change the .pem file associated with your EC2 instance.
answered Nov 30, 2018 by Aniket
0 votes
  1. Stop the EC2 instance for which you want to change the .pem file.
  2. Detach its /dev/xvda1 volume (let's call it volume A) - see here
  3. Start new t1.micro EC2 instance, using my new key pair. Make sure you create it in the same subnet, otherwise you will have to terminate the instance and create it again. - see here
  4. Attach volume A to the new micro instance, as /dev/xvdf (or /dev/sdf)
  5. SSH to the new micro instance and mount volume A to /mnt/tmp
  6. $ sudo mount /dev/xvdf1 /mnt/tmp
  7. Copy ~/.ssh/authorized_keys to /mnt/tmp/home/ubuntu/.ssh/authorized_keys
  8. Logout
  9. Terminate micro instance
  10. Detach volume A from it
  11. Attach volume A back to the main instance as /dev/xvda
  12. Start the main instance
  13. Login as before, using your new .pem file

That's it.

answered Nov 30, 2018 by Abhinav
This is not instructions for a windows instance..
commented Nov 23, 2021 by anonymous

Related Questions In AWS

0 votes
1 answer

How to set up a SPF(Sender Policy Framework) for AWS EC2 instance?

Setting up a SPF record is pretty ...READ MORE

answered Aug 16, 2018 in AWS by Archana
 • 4,170 points 1,599 views
0 votes
1 answer

How to upload a lib for Tomcat in Amazon EC2?

You need to set the proper privileges ...READ MORE

answered Aug 20, 2018 in AWS by Archana
 • 4,170 points 905 views
0 votes
1 answer

How to add swap to Amazon EC2 instance?

A fix for this problem is to ...READ MORE

answered Sep 11, 2018 in AWS by Archana
 • 4,170 points 621 views
0 votes
1 answer

how to connect my ec2 instance to a registered domain?

Hard to troubleshoot on here- but I ...READ MORE

answered Sep 24, 2018 in AWS by Priyaj
 • 58,100 points 1,046 views
0 votes
1 answer

Using Shapely on AWS Lambda with Python 3

For some reason, the pip install of ...READ MORE

answered Oct 8, 2018 in AWS by Priyaj
 • 58,100 points 2,929 views
0 votes
1 answer

Unable to connect to putty and winscp

Check if the FTP ports are enabled ...READ MORE

answered Jul 20, 2018 in Cloud Computing by Gopalan
 • 1,360 points 2,158 views
+2 votes
1 answer

How to connect to EC2 file directory using SFTP and Filezilla?

To connect to EC2 instance using Filezilla, ...READ MORE

answered Jul 27, 2018 in Cloud Computing by Gopalan
 • 1,360 points 25,864 views
0 votes
1 answer

Not able to stream PDF, using AWS gateway/Lambda setup

I had a similar problem with trying ...READ MORE

answered Jul 31, 2018 in AWS by Priyaj
 • 58,100 points 3,389 views
+1 vote
1 answer

How to put up a maintenance page in AWS when I want to deploy the new versions of own applications behind an ELB?

You can try these steps to put ...READ MORE

answered Apr 13, 2018 in AWS by Cloud gunner
 • 4,670 points 9,878 views
+1 vote
2 answers

How do I run python script on aws EC2 instance(ubuntu)?

I believe that you are using the ...READ MORE

answered Apr 17, 2018 in AWS by Cloud gunner
 • 4,670 points 10,269 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.