Updated on 2024-10-11 GMT+08:00

Changing a User Password

Scenario

For security purposes, the password of a human-machine user must be changed periodically.

If users have the permission to use FusionInsight Manager, they can change their passwords on FusionInsight Manager.

If users do not have the permission to use FusionInsight Manager, they can change their passwords on the client.

Prerequisites

  • You have obtained the current password policy.
  • The user has installed the client on any node in the cluster and obtained the IP address of the node. The password of the client installation user can be obtained from the administrator.

Changing the Password on FusionInsight Manager

  1. Log in to FusionInsight Manager.
  2. Move the cursor to the username in the upper right corner of the page.

    On the user account drop-down menu, choose Change Password.

  3. On the displayed page, set Current Password, New Password, and Confirm Password, and click OK.

    The password must meet the following complexity requirements:

    • Contains at least 8 characters.
    • Contains at least four types of the following: uppercase letters, lowercase letters, numbers, spaces, and special characters (`~!@#$%^&*()-_=+|[{}];',<.>/\?).
    • Cannot be the same as the username or the username spelled backwards.
    • Cannot be a common easily-cracked password.
    • Cannot be the same as the password used in the latest N times. N indicates the value of Repetition Rule configured in Configuring Password Policies.

Changing the Password on the Client

  1. Log in to the node where the client is installed as the client installation user.
  2. Run the following command to switch to the client directory, for example, /opt/client:

    cd /opt/client

  3. Run the following command to configure environment variables:

    source bigdata_env

  4. Change the user password. This operation takes effect for all servers.

    kpasswd System username

    For example, if you want to change the password of system user test1, run the kpasswd test1 command.

    The password must meet the following complexity requirements:

    • Contains at least 8 characters.
    • Contains at least four types of the following: uppercase letters, lowercase letters, numbers, spaces, and special characters (`~!@#$%^&*()-_=+|[{}];',<.>/\?).
    • Cannot be the same as the username or the username spelled backwards.
    • Cannot be a common easily-cracked password.
    • Cannot be the same as the password used in the latest N times. N indicates the value of Repetition Rule configured in Configuring Password Policies.

    If an error occurs during the running of the kpasswd command, try the following operations:

    • Stop the SSH session and start it again.
    • Run the kdestroy command and then run the kpasswd command again.