etcd
etcd copied to clipboard
etcd-io
I forgot the admin password in production environment, what should I do???
We encrypt auth passwords with bcrypt, and do not support password recovery. I would restore from recent snapshot to create a new cluster. /cc @mitake
@gyuho probably adding a salvation tool like etcd-dump-db to etcdctl would be helpful?
@gyuho probably draining all the data from existing files of snapshot and wal and put them to a new cluster as an ordinary etcd cluster would be straightforward. Modifying the data (in this case, bcrypted password) in the files is a little bit risky because the tool can bypass the consensus process of Raft.
@joelegasse Hi Joe, just a friendly reminder, just wondering is there any progress on this one, or is there a plan? Thanks!
I'm not sure why I got assigned this. I can take a look and see what it would take as far as a recovery plan, though.
It seems like there should be a way for a local administrator to overwrite the relevant password(s) on each of the member nodes (writing into the nodes' local db) without needing to know the original password. That is, of course, assuming that the password is not being used to encrypt at-rest data.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed after 21 days if no further activity occurs. Thank you for your contributions.
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}
I got the same problem. Fortunately, It's test environment. If there is a safe_mode=on to start only listen on 127.0.0.1 without auth will be kindly.
