mirrors/scylladb
1
0
Fork 0
mirror of https://github.com/scylladb/scylladb.git synced 2026-05-13 03:12:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
debug_formatting
scylladb/docs/troubleshooting/password-reset.rst
Dario Mirovic 6e83fb5029 docs: auth: do not specify password with -p option 
Specifying password with -p option is considered unsafe.
The password will be saved in bash history.
The preferred approach is to enter the password when prompted.
Any approach that passes the password via command line arguments
makes that password visible in process options (ps command), no matter
if the password is passed directly or as an environment variable.

Refs SCYLLADB-409
2026-03-04 00:01:07 +01:00

60 lines
1.7 KiB
ReStructuredText
Raw Permalink Blame History

Reset Authenticator Password
============================
This procedure describes what to do when a user loses their password and can not reset it with a superuser role.
If a node has maintenance socket available, there is no node or cluster downtime required.
If a node does not have maintenance socket available, node has to be restarted with maintenance socket enabled, but no cluster downtime is required.
Prerequisites
.............
Enable maintenance socket on the node. If already done, skip to the ``Procedure`` section.
To check if the maintenance socket is enabled, see :doc:`Admin Tools: Maintenance Socket </operating-scylla/admin-tools/maintenance-socket/>` for details.
1. Stop the ScyllaDB node.
.. code-block:: shell
sudo systemctl stop scylla-server
2. Edit ``/etc/scylla/scylla.yaml`` file and configure the maintenance socket.
See :doc:`Admin Tools: Maintenance Socket </operating-scylla/admin-tools/maintenance-socket/>` for details.
3. Start the ScyllaDB node.
.. code-block:: shell
sudo systemctl start scylla-server
Procedure
.........
1. Connect to the node using ``cqlsh`` over the maintenance socket.
.. code-block:: shell
cqlsh <maintenance_socket_path>
Replace ``<maintenance_socket_path>`` with the socket path configured in ``scylla.yaml``.
2. Reset the password for the user using ``ALTER ROLE`` command.
.. code-block:: cql
ALTER ROLE username WITH PASSWORD '<new_password>';
3. Verify that you can log in to your node using ``cqlsh`` command with the new password.
.. code-block:: shell
cqlsh -u username
Password:
.. note::
Enter the value of `<new_password>` password when prompted. The input is not displayed.
.. include:: /troubleshooting/_common/ts-return.rst
Reference in New Issue View Git Blame Copy Permalink