How to Regain Access to an AWS EC2 Instance Without a Private Key and Set Up SFTP with FileZilla

Method 1: Use EC2 Instance Connect

1. EC2 Instance Connect is a feature that allows you to connect to your instance without needing the private key.

2. Ensure that your instance is running Amazon Linux 2 or Ubuntu, and your instance's security group allows inbound SSH (port 22) traffic from your IP address.

3. Open the AWS Management Console.

4. Navigate to the EC2 Dashboard.

5. Select your instance and click on Connect.

6. Choose EC2 Instance Connect and click Connect.

Method-2

Here’s a step-by-step guide to detaching and attaching the root volume to another instance to regain access

Step-by-Step Guide to Attach and Detach the Root Volume

Prerequisites:

1. Ensure you have another EC2 instance (let's call it HelperInstance) in the same region and availability zone where you have access.

2. Ensure you have SSH access to the HelperInstance.

Step 1: Stop the Inaccessible Instance

1. Open the AWS Management Console.

2. Navigate to the EC2 Dashboard.

3. Select the instance you cannot access (let's call it TargetInstance).

4. Click on Instance State and select Stop.

Step 2: Detach the Root Volume

1. In the EC2 Dashboard, with the TargetInstance still selected, go to the Description tab.

2. Find the Root device (e.g., /dev/xvda).

3. Click on the Volume ID to open the volume details page.

4. In the volume details page, click on Actions and select Detach Volume.

5. Confirm the detachment.

Step 3: Attach the Volume to the Helper Instance

1. Go back to the Volumes page in the EC2 Dashboard.

2. Select the detached volume (from the TargetInstance).

3. Click on Actions and select Attach Volume.

4. In the Instance field, select the HelperInstance.

5. Set a device name (e.g., /dev/xvdf for Linux).

6. Click on Attach.

Step 4: Modify the Volume on the Helper Instance

1. SSH into the HelperInstance.

2. List the block devices to ensure the volume is attached:

    lsblk
   

   You should see a device, such as /dev/xvdf, which represents the attached volume.

3. Mount the volume:

    sudo mkdir /mnt/recover
    sudo mount /dev/xvdf1 /mnt/recover
   

   Note: The device name might be /dev/xvdf1 or similar, depending on your instance.

4. Add a new SSH key to the authorized_keys file:

    sudo nano /mnt/recover/home/ec2-user/.ssh/authorized_keys
   

   Add your new public SSH key to this file. Save and exit the editor.

5. Unmount the volume:

    sudo umount /mnt/recover
   

Step 5: Reattach the Volume to the Original Instance

1. Go back to the Volumes page in the EC2 Dashboard.

2. Select the volume you modified.

3. Click on Actions and select Detach Volume.

4. Confirm the detachment.

5. Once detached, select the volume again.

6. Click on Actions and select Attach Volume.

7. In the Instance field, select the TargetInstance.

8. Set the device name back to its original value (e.g., /dev/xvda).

9. Click on Attach.

Step 6: Start the Original Instance

1. Go back to the Instances page in the EC2 Dashboard.

2. Select the TargetInstance.

3. Click on Instance State and select Start.

Step 7: Connect to the Original Instance

1. Once the instance is running, use your SSH client to connect to the TargetInstance using the new private key that corresponds to the public key you added.

Connecting via FileZilla

After regaining SSH access, you can set up SFTP in FileZilla:

1. Open FileZilla.

2. Go to File > Site Manager.

3. Click New Site.

4. Set Protocol to SFTP - SSH File Transfer Protocol.

5. Enter the Host (public IP or DNS of your TargetInstance).

6. Set Logon Type to Key file.

7. Enter the User (e.g., ec2-user).

8. Use the new private key file you used to regain SSH access.

9. Click Connect.

Following these steps should allow you to regain access to your EC2 instance and set up SFTP access using FileZilla.