ScyllaDB Docs ScyllaDB Manual ScyllaDB for Administrators Security Reset Authenticator Password

Caution

You're viewing documentation for an unstable version of ScyllaDB Manual. Switch to the latest stable version.

Reset Authenticator Password¶

This procedure describes what to do when a user loses their password and can not reset it with a superuser role. If a node has maintenance socket available, there is no node or cluster downtime required. If a node does not have maintenance socket available, node has to be restarted with maintenance socket enabled, but no cluster downtime is required.

Prerequisites¶

Enable maintenance socket on the node. If already done, skip to the Procedure section. To check if the maintenance socket is enabled, see Admin Tools: Maintenance Socket for details.

Stop the ScyllaDB node.

sudo systemctl stop scylla-server

Edit /etc/scylla/scylla.yaml file and configure the maintenance socket. See Admin Tools: Maintenance Socket for details.
Start the ScyllaDB node.

sudo systemctl start scylla-server

Procedure¶

Connect to the node using cqlsh over the maintenance socket.

cqlsh <maintenance_socket_path>

Replace <maintenance_socket_path> with the socket path configured in scylla.yaml.

Reset the password for the user using ALTER ROLE command.

ALTER ROLE username WITH PASSWORD '<new_password>';

Verify that you can log in to your node using cqlsh command with the new password.

cqlsh -u username
Password:

Note

Enter the value of <new_password> password when prompted. The input is not displayed.

Troubleshoot

Was this page helpful?