Updated on 2023-04-10 GMT+08:00

Changing the Password of a Component Running User

Scenario

This section describes how to periodically change the password of the component running user of the MRS cluster to improve the system O&M security.

If the initial password is randomly generated by the system, reset the password.

If the password is changed, the downloaded user credential will be unavailable. Download the authentication credential again, and replace the old one.

Prerequisites

A client has been prepared on the Master1 node.

Procedure

  1. Log in to the Master1 node.
  2. (Optional) To change the password as user omm, run the following command to switch the user:

    sudo su - omm

  3. Run the following command to switch to the client directory, for example, /opt/client:

    cd /opt/client

  4. Run the following command to configure environment variables:

    source bigdata_env

  5. Run the following command to log in to the console as user kadmin/admin:

    kadmin -p kadmin/admin

    The default password of user kadmin/admin is KAdmin@123, which will expire upon your first login. Change the password as prompted. Keep the password secure because it cannot be retrieved once lost.

  6. Run the following command to reset the password of a component running user. This operation takes effect for all servers.

    cpw Component running user name

    For example, to reset the password of user admin, run the cpw admin command.

    For the cluster, the default password complexity requirements are as follows:
    • The password must contain 8 to 32 characters.
    • The password must contain at least three types of the following: uppercase letters, lowercase letters, digits, spaces, and special characters ('~!@#$%^&*()-_=+\|[{}];:'",<.>/?).
    • The password cannot be the username or the reverse username.