I lost the SSH key pair (private key) that I configured for my Amazon Lightsail instance. I want to use PuTTY or Filezilla to regain access to the instance.
Resolution
If you created the Lightsail instance with the default SSH key pair, then download the SSH private key from the Lightsail console.
If you created the Lightsail instance with a custom SSH key pair, then configure a new key pair. Either use the Lightsail browser-based SSH console. Or, create a new Lightsail instance from a snapshot.
Use the Lightsail browser-based SSH console to configure a new key pair
Create a new SSH key pair from the Amazon Lightsail console and retrieve the public key
To create the new SSH key pair, complete the following steps:
- Open the Amazon Lightsail console.
- On the navigation pane, choose Account, and then from the dropdown menu, choose Account.
- Choose SSH keys, and then choose Create new.
To retrieve the public key from the private key, use one of the following methods.
Local Linux or macOS computer
Open the terminal, and then run the ssh-keygen command:
$ ssh-keygen -y -f /path_to_key_pair/my-key-pair.pem
The command returns the public key, such as in the following example:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClKsfkNkuSevGj3eYhCe53pcjqP3maAhDFcvBS7O6V
hz2ItxCih+PnDSUaw+WNQn/mZphTk/a/gU8jEzoOWbkM4yxyb/wB96xbiFveSFJuOp/d6RJhJOI0iBXr
lsLnBItntckiJ7FbtxJMXLvvwJryDUilBMTjYtwB+QhYXUMOzce5Pjz5/i8SeJtjnV3iAoG/cQk+0FzZ
qaeJAAHco+CY/5WrUBkrHmFJr6HcXkvJdWPkYQS3xqC0+FmUZofz221CBt5IMucxXPkX4rWi+z7wB3Rb
BQoQzd8v7yeb7OzlPnWOyN0qFU0XA246RA8QFYiCNYwI3f05p6KLxEXAMPLE
Local Windows computer
Complete the following steps:
- Open the puttygen program.
- Choose File, and then Load private key.
- Change the File name type from PuTTy Private Key Files (*.ppk) to All Files (*.*) to view the .pem file.
- Select the key pair file (.pem) that you downloaded, and then choose Open.
- Select the entire public key, and then right-click and choose Copy.
- Open any text editor, and enter the contents.
Connect to the instance through the browser-based SSH console and add the public key to the SSH configuration file
Complete the following steps:
-
Open the Amazon Lightsail console.
-
Select the name of the instance, and then choose Connect.
-
Choose Connect using SSH. For more information, see Connect to your Lightsail Linux or Unix instances.
-
Open the ~/.ssh/authorized_keys file in a text editor.
To view the current public key of the key pair that the instance accepted, run the following command:
$ cat ~/.ssh/authorized_keys
-
Copy and paste the public key into the authorized_keys file.
-
Save the authorized_keys file.
Use PuTTY or Filezilla with the new SSH private key to connect to your Lightsail instance.
Note: Before you connect to your instance, you must convert a .pem file (private key) into a .ppk file.
Create a new Lightsail instance from a snapshot and configure the new key pair
Complete the following steps:
- Open the Amazon Lightsail console.
- Create a snapshot of your Lightsail instance.
- Create a new instance from the snapshot.
- On the Create an instance from a snapshot page, choose an SSH key pair. You can either create a new one or choose an existing key pair.
- Choose Create instance.
Note: If the previous instance had a static IP address, then you can use it on the new instance. On the Networking page of the Lightsail console, detach the static IP address, and then attach it to the new instance. For more information, see Static IP addresses in Amazon Lightsail.