Have you ever misplaced your private keys?

TL;DR;

A quick and easy way to recover your data even though you have lost your private keys.

How did we get here?

Let’s face it, sometimes you mess up… But sometimes you just inherit some part of the infrastructure that has been running for god knows how long and no-one knows the login/password combinations. This was true back in the physical day when everything was running on solid dedicated hardware. Although, at that time, special consideration was sometimes taken for critical machines to which login / passwords were lost. It was not unheard of placing peculiar restrictions / graphic signs in data centers to keep people on their toes as not to make a bad situation worse by acidentally triggering a reboot by mistake or something worse. This problem is very much around still today, maybe so even more working with the cloud. Especially if you are not using some form of system for keeping your private keys secure and getting all your team members to use the same system.

💡Use a password manager with team capabilities!

---

So I inherited an EC2 Instance that had been running without a hiccup for roughly 4 years, no one knew where the private keys were. We looked where they _should _be, and where we thought they _could _be with no success. No one in the tech team had logged in to the system and the person responsible for the setup left years ago.

Sounds familiar?

…If the software running inside the hardened layers of infrastructure decides to give up, you’re out of luck.

#devops #hacking #aws #linux #security