EMR 019 Accidentally Deleted Private Key - qyjohn/AWS_Tutorials GitHub Wiki
What should I do if I accidentally delete the private key, which is being used on my EMR cluster?
You can use a step to run a bash script on the master node. In the bash script, you download a public key from your S3 bucket, then append the content into ~/.ssh/authorized_keys. With this approach, you can SSH into the master node with the private key associated with the public key.
The following steps have been tested on EMR-5.30.1:
- On any Linux machine, generate a pair of keys with ssh-keygen. You should have id_rsa (private key) and id_rsa.pub (public key) under the ~/.ssh directory.
ssh-keygen
-
Upload the public key to your S3 bucket. Let's assume that it is s3://bucket-name/id_rsa.pub.
-
Create the following bash script and upload it to your S3 bucket. Let's assume that it is s3://bucket-name/recover_key.sh.
#!/bin/bash
aws s3 cp s3://bucket-name/id_rsa.pub .
cat id_rsa.pub >> ~/.ssh/authorized_keys
rm id_rsa.pub
- In the EMR console, select the EMR cluster and navigate to the Steps tab. Add a step, with the following parameters:
-
Step Type: Custom JAR
-
JAR Location: s3://.elasticmapreduce/libs/script-runner/script-runner.jar
-
Arguments: s3://bucket-name/recover_key.sh
Wait for the step to finish running (around 10 seconds). After that you should be able to SSH into the master node using the new private key.
For more information on running a script on EMR cluster, please refer to the following AWS documentation
https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-hadoop-script.html