5.12. Changing the Root password

Starting with Rocks v5.4.3, we have attempted to improve the security of the Rocks system by making changes to the way some of the important passwords are generated and stored.

To change the root password on the frontend, you can now run the passwd command.

To change the root password on the client nodes, you can use the rocks secure attribute infrastructure.

Example 5-1. Change the root password of a single compute host

# rocks set host sec_attr compute-0-0 attr=root_pw
  Enter root_pw: 
Confirm root_pw: 
# rocks list host sec_attr compute
HOST         ATTR    VALUE                              ENC  
compute-0-0: root_pw $1$G55uZRrO$5MI7Nv14U5yWfKAlauqPE0 crypt
# rocks sync host sec_attr compute-0-0

For more information about changes to the rocks security infrastructure, refer to the Rocks Password Infrastructure section of this usersguide

Warning

The default rocks password policy is to set the root password of the frontend to be the password supplied during the installation. For client nodes, the root password will be generated at random during installation. Unless there is compelling reason to do so, (such as giving a user root access to a compute node) the Rocks group advices against changing the root password on the client nodes.