Some 20 years ago I started a new job with a company in Pittsburgh as an Oracle DBA.
The first task given to me was to reset the sys user password for the company’s main warehouse database because the previous DBA quit and didn’t bother to let anyone know the password!
Luckily, in a previous position, I learned of a backdoor way of logging in as the sys user without having to provide a password. Once in, it was easy to reset the password.
Now that I am working with YugabyteDB, I wondered if it was possible to do the same in the event that a customer forgets their admin user (i.e. yugabyte) password.
Turns out, it’s almost as easy to do in YugabyteDB as it was in Oracle. You just have to have local access to a cluster data node.
The trick is to use the ysqlsh client to connect to the YugabyteDB Linux socket instead of connecting to the hostname or IP.
Example:
[yugabyte@ip-10-38-1-50 ~]$ pwd
/home/yugabyte/yb-software/yugabyte-2.20.2.1-b3-centos-x86_64/bin
[yugabyte@ip-10-38-1-50 ~]$ ./ysqlsh -h $(ps -ef | grep socket | awk '{for(i=1;i<=NF;i++)if($i~/-k/)print $(i+1)}') -c "ALTER USER yugabyte WITH PASSWORD 'MyNewPassword123\!';"
ALTER ROLE