Clickhouse遇到密码错误如何修改密码

输入错误密码报错

bash 复制代码
root@DAILACHDBUD001:/var/log# clickhouse-client
ClickHouse client version 23.4.2.11 (official build).
Connecting to localhost:9000 as user default.
Password for user (default):
Connecting to localhost:9000 as user default.
Code: 516. DB::Exception: Received from localhost:9000. DB::Exception: default: Authentication failed: password is incorrect, or there is no user with such name.

If you have installed ClickHouse and forgot password you can reset it in the configuration file.
The password for default user is typically located at /etc/clickhouse-server/users.d/default-password.xml
and deleting this file will reset the password.
See also /etc/clickhouse-server/users.xml on the server where ClickHouse is installed.

. (AUTHENTICATION_FAILED)

解决方法

clickhouse 密码有三种设置方式:明文、SHA256 和 SHA1 三种方式。

我们打开记录默认的登录账号密码的配置文件/etc/clickhouse-server/users.d/default-password.xml,发现默认密码是SHA256加密算法生成,由password_sha256_hex标签定义,我们只需要在/etc/clickhouse-server/users.d/default-password.xml重新设置新密码对应的SHA256字符串并不需要管/etc/clickhouse-server/users.xml配置文件,或把/etc/clickhouse-server/users.d/default-password.xml文件删除掉并在/etc/clickhouse-server/user.xml文件中修改账户密码。

明文:明文密码放在标签,当 password 标签为空时,代表免密码登录。

SHA256:SHA256密码放在<password_sha256_hex></password_sha256_hex>,明文密码字符串Won123_De1可以通过echo 的命令加-sha256或sha256sum显示成SHA256的密码,有如下两种方法

bash 复制代码
echo -n Won123_De1 | openssl dgst -sha256
echo -n Won123_De1 | sha256sum | tr -d '-'

SHA1:SHA1密码放在<password_double_sha1_hex></password_double_sha1_hex>,明文密码字符串Won123_De1可以通过echo 的命令加sha1sum显示成SHA256的密码,方法如下

bash 复制代码
echo -n Won123_De1 | sha1sum | tr -d '-' | xxd -r -p | sha1sum | tr -d '-'

安装的时候设置密码,需要修改密码,则只需要修改/etc/clickhouse-server/users.d/default-password.xml中密码,不需要管/etc/clickhouse-server/users.xml配置文件,同时需要修改/etc/clickhouse-server/config.xml配置文件中关于replication配置的密码,则需要defaultXX<password_sha256_hex>YY</password_sha256_hex>三项包括明文密码项XX一起,否则报错DB::Exception: Received from DAILACHDBUD003:9000. DB::Exception: default: Authentication failed

/etc/clickhouse-server/users.d/default-password.xml如下两种形式都行

形式1

bash 复制代码
<yandex>
    <users>
        <default>
            <password>Won123_De1</password>
        </default>
    </users>
</yandex>

形式2

bash 复制代码
<yandex>
    <users>
        <default>
            <password remove='1' />
            <password_sha256_hex>9174c7d10af863c34f4fc684413740431cda606273ea1cea905d3f08cb84c820</password_sha256_hex>
        </default>
    </users>
</yandex>

/etc/clickhouse-server/config.xml配置文件中关于replication配置的密码修改信息如下

修改前密码Good123!

bash 复制代码
<host>DAILACHDBUD003</host>
<port>9000</port>
<user>default</user>
<password>Good123!</password>
<password_sha256_hex>6481ef8efdab023b7c54b4e1832191f7f15498dff380e316ab1b1d711561a14d</password_sha256_hex>

修改后密码Won123_De1

bash 复制代码
<host>DAILACHDBUD003</host>
<port>9000</port>
<user>default</user>
<password>Won123_De1</password>
<password_sha256_hex>9174c7d10af863c34f4fc684413740431cda606273ea1cea905d3f08cb84c820</password_sha256_hex>

新建用户Lukes使用明文密码如下,则会在/var/lib/clickhouse/access/users.list文件中新增Lukes8f40b0e7-0c32-0e06-d01a-94af37ef43bf和新建一个文件/var/lib/clickhouse/access/8f40b0e7-0c32-0e06-d01a-94af37ef43bf.sql,这个.sql文件内容为ATTACH USER

bash 复制代码
Lukes IDENTIFIED WITH plaintext_password BY 'Se0ertl_o1' SETTINGS PROFILE ID('4bfbe653-9137-0ea6-b97d-dc391ec9a919');
create user Lukes on cluster cluster_2shared2replicas IDENTIFIED WITH plaintext_password by 'Se0ertl_o1' host any SETTINGS PROFILE default;
相关推荐
bantinghy2 小时前
Linux系统TCP/IP网络参数优化
linux·网络·tcp/ip
星期天要睡觉2 小时前
Linux 综合练习
linux·运维·服务器
saynaihe2 小时前
proxmox8升级到proxmox9
linux·运维·服务器
Orchestrator_me3 小时前
CentOS交换区处理
linux·运维·centos
zru_96023 小时前
centos 系统如何安装open jdk 8
java·linux·centos
FLS1683 小时前
VMwaer虚拟机安装完Centos后无法联网问题
linux·运维·centos
OctopusMonster3 小时前
centos下gdb调试python的core文件
linux·运维·centos
snowfoootball4 小时前
(自用)Linux 常用命令自查文档
linux·运维·服务器
Web极客码4 小时前
在Ubuntu 20.04的服务器上查找的服务器的IP地址
服务器·tcp/ip·ubuntu