sábado, 4 de fevereiro de 2012

Lost Key Pair on AWS

Some time ago I created an server (EC2) on Amazon Web Services (AWS). It's very nice, I'm having lot of fun with my server.

BUT a a few days ago, I "accidentally" remove my key. Since Amazon doens't store the private key and (maybe, like you) I didn't have a backup of my key, I was in a funny trouble. Something like lock the car with the keys inside.

Google here, google there and the conclusion: terminate your instance and create another one.

WAIT:
  1. I'm a Geek, I'll never give up upon a problem like this
  2. I'm scared with the fact that a lost key can compromise a server (Amazon... think about it)
  3. I read about people, with important info on the server, who lost everything (do backups, on the next time, right?)
  4. I like some challenges
So think, think, think and conclusion: I can use cloud to work for me. So follow the steps:

  1. Look at volumes zone (us-east-1b for me)
  2. Create a new key pair
  3. Save it on your PC
  4. Save it on your pen drive (NOW)
  5. Save t on DropBox (NOW)
  6. Save it on your gmail (NOW)
  7. Print it (I'm joking)
  8. Create a micro instance (AMI) at the same zone
  9. Associate with your previous created key
  10. Look at the mount point of your old volume, you'll need later (Ex: /dev/sda1)
  11. Detach the volume of your old server (WAIT a little bit)
  12. Attach the volume, of your old server, to the new one
  13. Choose a mount point like /dev/sdd1
  14. WAIT, depends on the size of the volume
  15. Connect to the new server
  16. Mount the volume
  17. Copy the file ~ec2-user/.ssh/authorized_keys to the same location of your old authorized_keys
  18. Umount
  19. Detach the volume of your old server (WAIT a little bit)
  20. Attach it to the old server (put the old mount point)
  21. Start the server
  22. Go sleep
If you don't like keys try this:

  1. Look at volumes zone (us-east-1b for me)
  2. Create a micro instance (AMI) at the same zone
  3. Associate with your previous created key
  4. Look at the mount point of your old volume, you'll need later (Ex: /dev/sda1)
  5. Detach the volume of your old server (WAIT a little bit)
  6. Attach the volume, of your old server, to the new one
  7. Choose a mount point like /dev/sdd1
  8. WAIT, depends on the size of the volume
  9. Connect to the new server
  10. Mount the volume
  11. Chroot into the volume
  12. Create a user
  13. Passwd for the user
  14. Passwd for root
  15. Edit your /etc/ssh/sshd_config and make sure that you have the both options enabled
  16. PasswordAuthentication yes
  17. PermitRootLogin no
  18. Save it
  19. Exit Chroot
  20. Umount
  21. Detach the volume of your old server (WAIT a little bit)
  22. Attach it to the old server (put the old mount point)
  23. Start the server
  24. Go sleep

Other tests:

The image used to create my server doesn't exists anymore.
So, create a snapshot of my volume and create a new volume based on snapshot, and put this volume to boot at another server doesn't work for me.


Conclusions:
  • NEVER USE SHIFT+DEL, OK?
  • MAKE BACKUPS PERIODICALLY
  • Take Care of your Information
  • I don't know how much it'll cost you. But If you came here, it'll cost less than your job or your information or something like this
I hope this info help you.

PS1: Sorry about my english
PS2: Some expressions are Portuguese (Brazil) translated to English.

Syslog-ng Spec files for CentOS

Follow bellow Spec files for rpmbuilding Syslog-ng versions 3.3.3 and 3.3.4. Both versions have mongodb support.


Tested at centos 5.5 and 6.2.


Syslog ng 3.3.3

Syslog ng 3.3.4