Modify keypair in instances already running

asked 2014-07-24 14:08:44 -0600

Pablolibo gravatar image

updated 2014-07-24 14:10:05 -0600

Hi all!

I have a question about the keypaid, I need modify the keypair for security reason, but the documentation I don't found how i can doing it.

I followed the following steps, but I can't found the way de change keypair:

#delete the old kaypair

nova keypair-delete admin

#add the new keypair

nova keypair-add --pub-key .ssh/ admin

#Enter to instance is already running with the old key, and see the metada for information about the new key


#when run curl commando I can see key old and not the new key

The question is: How can I change the keypair of the instance that is already runnnig with the old key? o What is the best way for this to work?

Any help about this issue is welcome


edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2014-07-24 17:49:15 -0600

jproulx gravatar image

Unfortunately I don't think you can do this.

When you launch an instance the key data is copied into the instances table of the nova database, not stored by reference. So as you see changing the stored value of the key doesn't change it's value on any previously launched instances.

This wouldn't be useful without additional custom work inside the VM since the authorized_keys file that is what actually controls login is only written out from the instance metadata on launch.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2014-07-24 14:08:44 -0600

Seen: 8,959 times

Last updated: Jul 24 '14