Outdated Version

You are viewing an older version of this section. View current production version.



SingleStore Managed Service does not support this command.

Change the root password for a node on a host.


Change the root password for a node on a host.
The root password is stored in the following places:
- In a cluster metadata, which is used by a cluster to verify incoming connections
- In the "nodeMetadataFile" on each host (run "memsqlctl env" to display the path to the file) , which is used by Toolbox to connect to a node

The "change-root-password" command can be used in the following cases:
- If the "nodeMetadataFile" is in sync with the cluster metadata, the command will update the password in both the cluster metadata and the "nodeMetadataFile" by calling 'SET PASSWORD FOR 'root'@<host> = PASSWORD(<new password>)'
- If the "nodeMetadataFile" is no longer in sync with the cluster and the nodes have become inaccessible (such as when the password is changed without using Toolbox), the command will update the password only in "nodeMetadataFile" file and only if the provided password matches the password in the cluster metadata

Toolbox encrypts passwords when sending data to a remote host. If the encryption key is broken on a remote host, it must be fixed with the following command:

sdb-admin change-root-password --fix-secure-key --ctl-host <host>

After running this command, the user must also set the root password for each node on that host as the "nodeMetadataFile" will be out of sync with the cluster metadata.

  sdb-admin change-root-password [flags]

  -a, --all                  Change the database root password of all nodes in the cluster
      --fix-secure-key       Reset the secure key
  -h, --help                 Help for change-root-password
      --memsql-id MemsqlID   The node ID of the node on which to change the root password
      --password STRING      The new database root password for the node. If a password is specified on the command line, it must not contain an unescaped '$' character as it will be replaced by the shell

Global Flags:
      --backup-cache FILE_PATH                File path for the backup cache
      --cache-file FILE_PATH                  File path for the Toolbox node cache
  -c, --config FILE_PATH                      File path for the Toolbox configuration
      --disable-colors                        Disable color output in console, which some terminal sessions/environments may have difficulty with
      --disable-spinner                       Disable the progress spinner, which some terminal sessions/environments may have issues with
  -j, --json                                  Enable JSON output
      --parallelism POSITIVE_INTEGER          Maximum number of operations to run in parallel
      --runtime-dir DIRECTORY_PATH            Where to store Toolbox runtime data
      --ssh-control-persist SECONDS           Enable SSH ControlPersist and set it to the specified duration in seconds
      --ssh-max-sessions POSITIVE_INTEGER     Maximum number of SSH sessions to open per host, must be at least 3
      --ssh-strict-host-key-checking          Enable strict host key checking for SSH connections
      --ssh-user-known-hosts-file FILE_PATH   Path to the user known_hosts file for SSH connections. If not set, /dev/null will be used
      --state-file FILE_PATH                  Toolbox state file path
  -v, --verbosity count                       Increase logging verbosity: valid values are 1, 2, 3. Usage -v=count or --verbosity=count
  -y, --yes                                   Enable non-interactive mode and assume the user would like to move forward with the proposed actions by default


This command is interactive unless you use either the --yes or --json flags to override interactive behavior.


The change-root-password command can only be run on nodes in a running process state.