change-root-password
On this page
Description
Change the root password for a node on a host.
Note: The change-root-password
command can only be run on nodes in a running
process state.
The --password
flag is required and specifies the new SingleStore root password to be configured.MEMSQL_
environment variable is a safer alternative option for setting the password.
Be sure to wrap the password with single quotes (') to avoid having the shell interpret special characters in the password.
The root password is stored in the following places:
-
In a cluster metadata, which is used by a cluster to verify incoming connections.
-
In the
nodeMetadataFile
on each host (runmemsqlctl env
to display the path to the file) , which is used by Toolbox to connect to a node.
The change-root-password
command can be used in the following cases:
-
If the
nodeMetadataFile
is in sync with the cluster metadata, the command will update the password in both the cluster metadata and thenodeMetadataFile
by calling:SET PASSWORD FOR 'root'@<host> = PASSWORD(<new password>)
-
If the
nodeMetadataFile
is no longer in sync with the cluster and the nodes have become inaccessible (such as when the password is changed without using Toolbox), the command will update the password only in thenodeMetadataFile
and only if the provided password matches the password in the cluster metadata.
Toolbox encrypts passwords when sending data to a remote host.
sdb-admin change-root-password --fix-secure-key --ctl-host <host>
After running this command, the user must also set the root password for each node on that host as the nodeMetadataFile
will be out of sync with the cluster metadata.
Usage
Usage:
sdb-admin change-root-password [flags]
For flags that can accept multiple values (indicated by VALUES after the name of the flag),
separate each value with a comma.
Flags:
-a, --all Change the database root password of all nodes in the cluster
--fix-secure-key Reset the secure key
-h, --help Help for change-root-password
--memsql-id MemsqlID The node ID of the node on which to change the root password
--password STRING The new database root password for the node. If a password is specified on the command line, it must not contain an unescaped '$' character as it will be replaced by the shell
Global Flags:
--backup-cache FILE_PATH File path for the backup cache
--cache-file FILE_PATH File path for the Toolbox node cache
-c, --config FILE_PATH File path for the Toolbox configuration
--disable-colors Disable color output in console, which some terminal sessions/environments may have difficulty with
--disable-spinner Disable the progress spinner, which some terminal sessions/environments may have issues with
-j, --json Enable JSON output
--parallelism POSITIVE_INTEGER Maximum number of operations to run in parallel
--runtime-dir DIRECTORY_PATH Where to store Toolbox runtime data
--ssh-control-persist SECONDS Enable SSH ControlPersist and set it to the specified duration in seconds
--ssh-max-sessions POSITIVE_INTEGER Maximum number of SSH sessions to open per host, must be at least 3
--ssh-strict-host-key-checking Enable strict host key checking for SSH connections
--ssh-user-known-hosts-file FILE_PATH Path to the user known_hosts file for SSH connections. If not set, /dev/null will be used
--state-file FILE_PATH Toolbox state file path
-v, --verbosity count Increase logging verbosity: valid values are 1, 2, 3. Usage -v=count or --verbosity=count
-y, --yes Enable non-interactive mode and assume the user would like to move forward with the proposed actions by default
Remarks
This command is interactive unless you use either --yes
or --json
flag to override interactive behavior.
Last modified: October 6, 2023