Regain access to EC2 instance, after a botched sshd_config.

I just made a big mistake. Made a change to the sshd_config on a production server that locked me out. My heart skipped a beat when I lost connection and was presented with

brandons_mbp:~ bleon$ ssh domain

ssh: connect to host domain port 22: Connection refused

This is on one of my clients web servers. But I was able to revert the changes. It was a little complicated but it worked.

I knew the exact lines that needed to be removed just getting to them without connecting to the server was the trick. This is why running on EC2 saved me. I stopped the running instance for the web server and disconnected the volume from the instance.

I fired up a temporary CentOS instance (any *nix instance should work, CentOS just happens to be my favorite) and attached the volume to the new instance as a secondary disk. This allowed me to SSH into the new instance and browse the filesystem of the server I locked myself out of. Now using vi or your favorite editor edit the sshd_config file, shutdown the server, disconnect the volume and re attache it to your web-server instance.

I started the webserver instance and crossed my fingers, and when I tried to SSH in again I was successfull.

It would also be a good idea to create a snapshot of your volume before attempting any of this to be safe. And to test any changes your going to make that could potentially lock you out on a system you have physical access to.

No tips yet.
Be the first to tip!

Like this post? Tip with bitcoin!


If you enjoyed reading this post, please consider tipping me using Bitcoin. Each post gets its own unique Bitcoin address so by tipping you're not only making my continued efforts possible but telling me what you liked.