Server root access
Last updated
Last updated
⚠️ DO NOT USE THIS GUIDE UNLESS YOU WERE TOLD TO USE IT BY LAUNCHPAL SUPPORT. To get normal SSH access to your project, .
This guide will help Launchpal support resolve an issue with one of your projects that can not be resolved using the details for your project.
The steps depend on the host you are using. We add more hosts as and when required.
Resetting root access for a Digital Ocean droplet is as easy as selecting Reset root password in the DO Console for your droplet. This will email you a new password. You can then use that password with SSH to login.
Once logged in you will need to choose your own permanent password and confirm it.
⚠️ WARNING: Following the steps in this guide will change the IP of your instance and will cause an interruption to your traffic. So only follow these steps on old projects as instructed by support.
The projects created on AWS right now dont have a SSH access key set, and there is no way to reset the root password like you can with Digital Ocean.
The process to get SSH access to the main server therefore requires a few more steps then usual.
Make sure you are logged into your AWS Management Console, and you are viewing the EC2 service.
Here is a summary of the process you will following:
Detach volume from the project instance
Attach it to a temporary instance
Use SSH to update the authorized_keys file on the attached Volume
Re-attach as Root volume to the project instance
If your not seeing the instance for your project, double check your in the right region in AWS. You can see the region of your AWS project in the Launchpal interface below the project title (yellow underlined). The the example below the region is EU (Ireland).
If your not in the correct region, in the AWS Console, select the location dropdown in the top right, and select the right location from it.
You need to select the instance related to your project. The easiest way to do this is to search for the IP address shown in Launchpal (green underlined in the example above)
To make it easier to find in future, you may want to assign a name to it. Just hover over the name column, click the pencil icon and type a useful name, eg launchpal server to fix
Select the instance shown (it should only list one if you searched for the correct IP shown in Launchpal), and then in the panel at the bottom select "Description" tab and scroll down till you see the Root device in the right hand column like shown below and make a note of the Root device listed, e.g.: /dev/xvda as you will ned this later
With the correct instance still selected, click the Actions button at the top and select Instance State > Stop
This will stop your instance. Wait for it shows Instance stopped
⚠️Stopping an instance on AWS will change it IP address and break the connection with Launchpal. If you want to continue using this instance after support have fixed it, please request this so they can assign the started instance to the correct project later on.
In the above shown details pain for the instance (select the instance if its not shown), click the link next to Root device which will pop up a small black modal window with further information like this, and make a note of the EBS ID
Next click the link for the EBS-ID. This will show you the details of the Volume attached to the instance.
Make sure the Volume is selected, and using the actions button at the top - click Detach Volume
Wait for this to complete. Whilst its doing this it may be useful to name the volume for easy reference.
In the AWS console in the same region, create a new instance quickly by selecting the Instances section in the AWS sidebar, and clicking the Launch Instance button.
Use the following choices/sections in the Create instance wizard:
Step 1 - choose "Amazon Linux AMI" - most likely the top one listed - by clicking Select next to it
Step 2 - choose t2.nano or micro, and click Review and Launch
Step 7 - Under Review, find the Security Groups section it should show a SSH rule. If not click Edit security groups
Step 6 - Make sure it now shows the SSH rule and click Review and Launch again
Step 7 - Click Launch
If you already have a preferred AWS key pair setup, select choose existing and pick that key pair. If you dont have one, or want to setup a temporary one - select Create new keypair, give it a name, and click "Download Key Pair"
Click Launch Instances
And wait for it to complete creation of the instance - there is an easy link on the page your viewing to go to the instance status. Just click it.
Hover over the instance Name column, click the pencil, and type a useful name like temp instance so its easy to recognise
Select the Volumes screen in the sidebar and select the volume you detached in Step 5. If you have lots of Volumes showing then search for the first few characters of the EBS-ID after vol-
For example, 04f
Select the volume, and click Actions > Attach Volume. Then select the Instance field which should show a drop down of instances. Choose the new instance you created in the previous step 6 - temp instance
The Device field will be preset on this occasion and you dont need to change it. Then click Attach
This is the most complicated step that requires some commands on the terminal using SSH.
First, you need to connect with SSH to the new instance using the key you assigned in step 6, or created and downloaded. Ill assume here it was downloaded.
Get the IP for the temp instance:
If you are using the key file downloaded from AWS when creating the instance you need to make sure the key file is not read/write by group and others with the following command:
Then in your terminal connect to the instance, for example like this:
As this is the first time your connecting via SSH - you will get a message asking for confirmation something like this. Just type yes:
If your connected it should show something like this:
Now that your logged in, you need to mount the volume you attached from the other instance and add the public keys to the authorised keys file.
Here is the sequence of commands - please amend as required. No need to enter commands with # as they are comments to help you
Your almost done.
Now that the correct public key is saved on the volume, you can stop the instance and detach the volume.
On the instances page, select your temp instance from step 6 and select Instance State > Stop from the Actions button.
Once its stopped - go to the Volume section in the AWS Management Console, and select the volume from the broken Launchpal project that you attached under step 7.
Under Actions - Click Detach volume and wait for it to finish detaching.
Now click Actions again, and select Attach Volume
Choose the original Launchpal project instance from Step 2 and this time - change the Device value to the value you captured under Step 3, in my case this was /dev/xvda
Now start the Launchpal project instance from Step 2
Click Instances in the sidebar
Select the Launchpal instance from step 2
Click Actions > Instance State > Start
Wait for it to finish starting
Once the instance has started you can check the login fix worked. Just use SSH to the IP of the instance with the key you set. If the public key used in the earlier step was given to you by support, ask them to test it has all worked.
If SSH login with the key is not working then one of the things to check is to make sure that the group & user ID for the ec2-user user is the same on both instances.
If its not working - please contact support to explain any errors your seeing.
Finally you just need to do some tidying up:
Destroy the temp instance you created in step 6 (Actions > Instace State > Terminate)
Remove any temporary key pairs you created when creating the temp instance
Contact support and provide them with the new IP for your Launchpal project instance so that they can do their diagnosis
When Support has finished - terminate the project instance in AWS and support will then remove it from your account
You may also want to take this opportunity to download and files from your server that you need in future when you recreate the project. User files are normally stored in /var/www/user/.
