amazon web services - Change key pair for ec2 instance

Question

How do I change the key pair for my ec2 instance in AWS management console? I can stop the instance, I can create new key pair, but I don't see any link to modify the instance's key pair.

Answer 1

This answer is useful in the case you no longer have SSH access to the existing server (i.e. you lost your private key).

If you still have SSH access, please use one of the answers below.

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html#replacing-lost-key-pair

Here is what I did, thanks to Eric Hammond's blog post:

1. Stop the running EC2 instance
2. Detach its /dev/xvda1 volume (let's call it volume A) - see here
3. Start new t1.micro EC2 instance, using my new key pair. Make sure you create it in the same subnet, otherwise you will have to terminate the instance and create it again. - see here
4. Attach volume A to the new micro instance, as /dev/xvdf (or /dev/sdf)
5. SSH to the new micro instance and mount volume A to /mnt/tmp

$ sudo mkdir /mnt/tmp; sudo mount /dev/xvdf1 /mnt/tmp

6. Copy ~/.ssh/authorized_keys to /mnt/tmp/home/ubuntu/.ssh/authorized_keys
7. Logout
8. Terminate micro instance
9. Detach volume A from it
10. Attach volume A back to the main instance as /dev/xvda
11. Start the main instance
12. Login as before, using your new .pem file

That's it.