16.08.2024 Problem:
The client ran Cassandra v4.0.6 in non-production environments and noticed that the “Cassandra” superuser’s password (which was changed two months ago) was observed to be reset to its old password (default password “Cassandra”). After patches were applied to the OS the server rebooted (a monthly activity). The client didn’t see any evidence of someone changing a password manually in the form of the audit logs.
Process:
Step 1 – initial investigation and troubleshooting
The client provided a sequence of events in order to help the expert team to troubleshoot the issue:
- The “Cassandra” superuser had a default password until step #2.
- The password was changed using the “ALTER” statement similar to what was mentioned.
- OS Patches were applied and since it had a kernel-related package, its VM was rebooted.
- After reboot, the password got reset on its own to reflect what was there in step #1.
The client also provided the spreadsheet (cs-att-snp01-oso-node1.testgrp2.attbsse.amdocs.com_output.csv) containing the packages that were upgraded.
Solution:
Our expert team suggested changing the master using this command ALTER USER Cassandra WITH PASSWORD ‘NEW_PASSWORD’; and restarting the server. It was advised to apply this procedure, then restart the server and confirm whether the password remained changed or reset to default.
Conclusion:
The client ran Cassandra v4.0.6 in non-production environments and noticed that the “Cassandra” superuser’s password, changed two months prior, was resetting to its default value “Cassandra” after monthly OS patching and server reboots. Despite no evidence of manual password changes in the audit logs, the password reverted unexpectedly. The client provided a detailed sequence of events and a spreadsheet of upgraded packages for troubleshooting. The expert team suggested using the ALTER USER Cassandra WITH PASSWORD ‘NEW_PASSWORD’; command to change the password and then restarting the server to check if the issue persisted.