Skip to main content

Change node console passwords

Contributors netapp-lhalbert
PDFs

Each node in your grid has a node console password, which you use to log in to the node. By default, each node has a unique password. You can change each password to a new unique password, or you can change the password for every node to use a global password. The passwords are stored in the recovery package.

Before you begin
About this task

You use a node console password to log in to a node as "admin" using SSH, or to the root user on a VM/physical console connection. You can change node console passwords using one of these options:

  • Automatically apply random passwords to each node

  • Specify and apply one global password to all nodes

  • Specify and apply a unique password to one or more nodes

The passwords are stored in an updated Passwords.txt file in the recovery package. The passwords are listed in the Password column in the file.

Note The SSH access passwords for the SSH keys used for communication between nodes are separate from the node console passwords. This procedure doesn't change the SSH access passwords.

Access the wizard

Steps

  1. Select Configuration > Access control > Grid passwords.

  2. Under Change node console passwords, select Make a change.

Download the current recovery package

Before changing node console passwords, download the current recovery package. You can use the passwords in this file if the password change process fails for any node.

Steps

  1. Enter the provisioning passphrase for your grid.

  2. Select Download recovery package.

  3. Copy the recovery package file (.zip) to two safe, secure, and separate locations.

    Caution The recovery package file must be secured because it contains encryption keys and passwords that can be used to obtain data from the StorageGRID system.

  4. Select Continue.

Provide new passwords

  1. Select the password change method you want to use.

    • Automatic: StorageGRID automatically assigns a new random console password to all nodes.

    • Custom: You provide console passwords.

Automatic

  1. Select Continue.

Custom

  1. Select one of the following:

    • Global console password: Apply the same console password to all nodes.

    • Unique console passwords: Apply a different password on one or more nodes.

  2. If you selected Global console password, enter the password you want to use for all nodes.

  3. If you selected Unique console passwords, enter a unique password for one or more nodes.

  4. Select Continue.

Complete the password change

  1. When the confirmation dialog appears, select Yes if you are ready for StorageGRID to start changing the node console passwords.

    Note You can't cancel this process after it starts.

    StorageGRID generates a new recovery package containing the new password.

  2. When the new recovery package is ready, select Download new recovery package and save the recovery package.

  3. Open the .zip file.

  4. Confirm that you can access the contents, including the Passwords.txt file, which contains the new node console passwords.

  5. Copy the new recovery package file (.zip) to two safe, secure, and separate locations.

    Caution Don't overwrite the old recovery package.

    You must secure the recovery file, because it contains encryption keys and passwords that can be used to obtain data from the StorageGRID system.

  6. Select the checkbox to indicate you've downloaded the new recovery package and verified the content.

  7. Select Continue.

    StorageGRID updates the password for each node.

    If there is an error during the update process, the progress bar lists the number of nodes that failed to have their passwords changed. The system will automatically retry the process on any node that failed to have its password changed. If the process ends with some nodes still not having a changed password, the Retry button appears.

  8. If the password update failed for one or more nodes:

    1. Review the error messages listed in the table.

    2. Resolve the issues.

    3. Select Retry.

      Note Retrying only changes the node console passwords on the nodes that failed during previous password change attempts.

  9. When the progress bar indicates that no updates are remaining, select Finish.

  10. After node console passwords have been changed for all nodes, delete the first recovery package you downloaded.