How to replace/add key pair for a Windows EC2 instance

0 votes
I have the running Windows server image on EC2.
I have created an extra administrator login and have been using it login by using RDP. Sadly, I've lost the PEM file for the "Administrator" account and I've also disabled it for  its "safety"

As I have access to the instance through an alternative administrative account I'm trying to figure out few things:

Do I need the "Administrator" account PEM file in for the future?
If I ask Amazon to generate a new PEM file using the same name that I currently have, how do I replace the "Administrator" key pair for that instance?
I asked same at many places and people but got no relevant response, Everyone talks about shutting down and creating a new instance. I cannot shut down this server, so there must be a way to replace the key pair for the "Administrator" account.
I cannot even find where Windows stores the key pair in a Windows server.
Apr 13, 2018 in AWS by Flying geek
• 3,150 points
1,186 views

3 answers to this question.

0 votes
Whenever an instance is first launched from one of the Amazon-supplied Windows AMIs, some code on the instance generates a random Administrator password. This password is then encrypted through the selected Keypair and is then passed back to AWS (you can actually see it in the System Log).

When you wish to first login into the instance, you will have to use the PEM to decrypt the Administrator password. Then you will be able to login to the Windows instance using that same password.

It is recommended that you should immediately change the Administrator password or you should connect the instance to those Active Directories. Basically, you must follow your standard company security practices.

If you remember the password, you won't require the PEM file again. In fact, if you change the password, then even having the PEM will not provide you an access because it will only decrypt the original password.
Mainly, in the end, you need to Ignore the PEM file. You still have administrative access to the instance, so you don't even need the Administrator account anymore. If you wish to use the Administrator account, simply use your existing administrative login to reactive it and set the password. Hope it helps, cheers friend :)
answered Apr 13, 2018 by Cloud gunner
• 4,260 points
0 votes
No, this is not possible for you to change the .pem file associated with your EC2 instance.
answered Nov 30, 2018 by Aniket
0 votes
  1. Stop the EC2 instance for which you want to change the .pem file.
  2. Detach its /dev/xvda1 volume (let's call it volume A) - see here
  3. Start new t1.micro EC2 instance, using my new key pair. Make sure you create it in the same subnet, otherwise you will have to terminate the instance and create it again. - see here
  4. Attach volume A to the new micro instance, as /dev/xvdf (or /dev/sdf)
  5. SSH to the new micro instance and mount volume A to /mnt/tmp
  6. $ sudo mount /dev/xvdf1 /mnt/tmp
  7. Copy ~/.ssh/authorized_keys to /mnt/tmp/home/ubuntu/.ssh/authorized_keys
  8. Logout
  9. Terminate micro instance
  10. Detach volume A from it
  11. Attach volume A back to the main instance as /dev/xvda
  12. Start the main instance
  13. Login as before, using your new .pem file

That's it.

answered Nov 30, 2018 by Abhinav

Related Questions In AWS

0 votes
1 answer

How to set up a SPF(Sender Policy Framework) for AWS EC2 instance?

Setting up a SPF record is pretty ...READ MORE

answered Aug 16, 2018 in AWS by Archana
• 4,090 points
167 views
0 votes
1 answer

How to upload a lib for Tomcat in Amazon EC2?

You need to set the proper privileges ...READ MORE

answered Aug 20, 2018 in AWS by Archana
• 4,090 points
39 views
0 votes
1 answer

How to add swap to Amazon EC2 instance?

A fix for this problem is to ...READ MORE

answered Sep 11, 2018 in AWS by Archana
• 4,090 points
30 views
0 votes
1 answer

how to connect my ec2 instance to a registered domain?

Hard to troubleshoot on here- but I ...READ MORE

answered Sep 24, 2018 in AWS by Priyaj
• 56,520 points
29 views
0 votes
1 answer
0 votes
1 answer
0 votes
1 answer
+1 vote
2 answers

How do I run python script on aws EC2 instance(ubuntu)?

I believe that you are using the ...READ MORE

answered Apr 17, 2018 in AWS by Cloud gunner
• 4,260 points
1,809 views