If a user has lost the ssh key he was using to connect to a virtual machine (data injected using metadata-server/cloudinit), is there some way to:

• Update the ssh keys of a nova server for cloud-init to reinject it (or equivalently by making cloudinit inject it to the rescue instance) or
• Inject the adminpass returned by nova rescue using cloudinit (assuming local hypervisor data injection is disabled)?

Otherwise this forces to rescue an instance with an image whose creds are known (or snapshot +download the snap and reinject)

Thank you