Provide credentials on the command line
Hyper-Converged Database (HCD) tools interact directly with the database or use the Java Management Extension MBeans
to get metrics and perform operations.
Use the command line switch that is relative to the type of operation performed by the command.
Each of the tools listed support prompting for the password when none is provided. Using the option to enter the password on the command line prompt is a security risk because the password appears in plain text in the terminal history. |
Credentials for database interactions
When HCD Unified Authentication is enabled, you must provide a username and password to run commands that interact with the database.
HCD utilities
HCD utilities typically have the following command line options for credentials:
hcd -u <user_name> [ -p <password>] <command>
Where the command line options for each supported tool are:
-
hcd cassandra
- Start HCD serverhcd -u <username> [-p <password>] cassandra
-
hcd cqlsh
- Run CQL shellhcd -u <username> [-p <password>] cqlsh
-
hcd nodetool
- Run nodetool commandshcd -u <username> [-p <password>] nodetool <subcommand>
Native utilities
The native database utilities typically have the following command line options for credentials:
command -u <username> [-pw <password>] <subcommand>
Where the command line options for each supported tool are:
-
nodetool -u <username> [-pw <password>] <subcommand>
-
sstable_command -u <username> [-pw <password>] [<options>]
Credentials for Java Management Extensions (JMX) interactions
When JMX authentication is also enabled, commands that use JMX MBeans to verify status or execute commands require additional credentials.
Use the -a <username> and -b <password>
before the command.
hcd -a <jmx_username> [ -b <jmx_password>] <command>
When authentication is enabled, set up permission to access MBeans see Controlling access to JMX MBeans. |
-
hcd nodetool
-
nodetool
(when run directly)
The JMX authentication switch for HCD commands uses:
hcd -a <jmx_username> [ -b <jmx_password>] nodetool <command>
Entering the password in plain text from the command line is not secure; the password may be stored in the terminal history. DataStax recommends entering the password at the prompt instead of using the password option from the CLI. |