Today we learned how to create a new rsa key directly from your instance, and then swap out the old key pair on the instance and replace it with the new one. We then successfully tested the key pair by using putty gen to create a .ppk file from the .pem file so that we could successfully log into the instance with the newly created key.
Generating and replacing an instance’s SSH keypair:
1. First, SSH into the instance
2. Generate a new RSA key ssh-keygen -t rsa
3. Copy the contents of the public key and append these to your authorized keys file:
$ cat NewSSHkey.pem.pub >> .ssh/authorized_keys
4. Using a remote copy protocol (WinSCP, `scp`, `rsync`, etc.), copy the private key to your local computer.
5. Test that specifying this SSH key locally allows you to log into the instance successfully.
Also note that if you wish to upload your newly created key so that you can launch new instances of a different type with this same key, you can use the ec2-import-keypair command from the EC2 Command Line API Tools. Some more information on this command is provided at the link below: