ClickHouse: unable to login with command line client using 'default' user
unexpected behaviour unable to login with command line client using ‘default’ user
How to reproduce
-
Which ClickHouse server version to use ClickHouse client version 21.7.7.47 (official build).
-
Which interface to use, if matters
server git:(feature/131954-rate-units)$ clickhouse-client --user="default" --port=9000 --host="127.0.0.1" --database="my_database"
ClickHouse client version 21.7.7.47 (official build).
Connecting to database iot_flow at 127.0.0.1:9000 as user default.
Code: 516. DB::Exception: Received from 127.0.0.1:9000. DB::Exception: default: Authentication failed: password is incorrect or there is no user with such name.
- Non-default settings, if any THIS IS PURE DEFAULT SETTINGS!!!
<?xml version="1.0"?>
<yandex>
<!-- Profiles of settings. -->
<profiles>
<!-- Default settings. -->
<default>
<!-- Maximum memory usage for processing single query, in bytes. -->
<max_memory_usage>10000000000</max_memory_usage>
<!-- How to choose between replicas during distributed query processing.
random - choose random replica from set of replicas with minimum number of errors
nearest_hostname - from set of replicas with minimum number of errors, choose replica
with minimum number of different symbols between replica's hostname and local hostname
(Hamming distance).
in_order - first live replica is chosen in specified order.
first_or_random - if first replica one has higher number of errors, pick a random one from replicas with minimum number of errors.
-->
<load_balancing>random</load_balancing>
</default>
<!-- Profile that allows only read queries. -->
<readonly>
<readonly>1</readonly>
</readonly>
</profiles>
<!-- Users and ACL. -->
<users>
<!-- If user name was not specified, 'default' user is used. -->
<default>
<password></password>
<!-- List of networks with open access.
To open access from everywhere, specify:
<ip>::/0</ip>
To open access only from localhost, specify:
<ip>::1</ip>
<ip>127.0.0.1</ip>
Each element of list has one of the following forms:
<ip> IP-address or network mask. Examples: 213.180.204.3 or 10.0.0.1/8 or 10.0.0.1/255.255.255.0
2a02:6b8::3 or 2a02:6b8::3/64 or 2a02:6b8::3/ffff:ffff:ffff:ffff::.
<host> Hostname. Example: server01.yandex.ru.
To check access, DNS query is performed, and all received addresses compared to peer address.
<host_regexp> Regular expression for host names. Example, ^server\d\d-\d\d-\d\.yandex\.ru$
To check access, DNS PTR query is performed for peer address and then regexp is applied.
Then, for result of PTR query, another DNS query is performed and all received addresses compared to peer address.
Strongly recommended that regexp is ends with $
All results of DNS requests are cached till server restart.
-->
<networks>
<ip>::/0</ip>
</networks>
<!-- Settings profile for user. -->
<profile>default</profile>
<!-- Quota for user. -->
<quota>default</quota>
<!-- User can create other users and grant rights to them. -->
<!-- <access_management>1</access_management> -->
</default>
</users>
<!-- Quotas. -->
<quotas>
<!-- Name of quota. -->
<default>
<!-- Limits for time interval. You could specify many intervals with different limits. -->
<interval>
<!-- Length of interval. -->
<duration>3600</duration>
<!-- Quotas. -->
<quotas>
<!-- Name of quota. -->
<default>
<!-- Limits for time interval. You could specify many intervals with different limits. -->
<interval>
<!-- Length of interval. -->
<duration>3600</duration>
<!-- No limits. Just calculate resource usage for time interval. -->
<queries>0</queries>
<errors>0</errors>
<result_rows>0</result_rows>
<read_rows>0</read_rows>
<execution_time>0</execution_time>
</interval>
</default>
</quotas>
</yandex>
- Queries to run that lead to unexpected result
Expected behavior I HAVE TO LOGIN AT LEAST
Error message and/or stacktrace
2021.08.16 15:46:40.574070 [ 1432 ] {} <Debug> TCPHandler: Connected ClickHouse client version 21.7.0, revision: 54449, database: iot_flow, user: default.
2021.08.16 15:46:40.574183 [ 1432 ] {} <Error> Access(user directories): default: Authentication failed: Code: 193, e.displayText() = DB::Exception: Invalid credentials, Stack trace (when copying this mess
age, always include the lines below):
0. DB::Exception::Exception(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int, bool) @ 0x8d3439a in /usr/bin/clickhouse
1. DB::IAccessStorage::throwInvalidCredentials() @ 0xf2cef07 in /usr/bin/clickhouse
2. DB::IAccessStorage::loginImpl(DB::Credentials const&, Poco::Net::IPAddress const&, DB::ExternalAuthenticators const&) const @ 0xf2cecdb in /usr/bin/clickhouse
3. DB::MultipleAccessStorage::loginImpl(DB::Credentials const&, Poco::Net::IPAddress const&, DB::ExternalAuthenticators const&) const @ 0xf2f2c18 in /usr/bin/clickhouse
4. DB::IAccessStorage::login(DB::Credentials const&, Poco::Net::IPAddress const&, DB::ExternalAuthenticators const&, bool) const @ 0xf2ce81c in /usr/bin/clickhouse
5. DB::Context::setUser(DB::Credentials const&, Poco::Net::SocketAddress const&) @ 0xf726f59 in /usr/bin/clickhouse
6. DB::TCPHandler::receiveHello() @ 0x106a27cc in /usr/bin/clickhouse
7. DB::TCPHandler::runImpl() @ 0x1069bb58 in /usr/bin/clickhouse
8. DB::TCPHandler::run() @ 0x106af559 in /usr/bin/clickhouse
9. Poco::Net::TCPServerConnection::start() @ 0x1338810f in /usr/bin/clickhouse
10. Poco::Net::TCPServerDispatcher::run() @ 0x13389b9a in /usr/bin/clickhouse
11. Poco::PooledThread::run() @ 0x134bca19 in /usr/bin/clickhouse
12. Poco::ThreadImpl::runnableEntry(void*) @ 0x134b8caa in /usr/bin/clickhouse
13. start_thread @ 0x9609 in /usr/lib/x86_64-linux-gnu/libpthread-2.31.so
14. __clone @ 0x122293 in /usr/lib/x86_64-linux-gnu/libc-2.31.so
(version 21.7.7.47 (official build))
2021.08.16 15:46:40.574343 [ 1432 ] {} <Error> ServerErrorHandler: Code: 516, e.displayText() = DB::Exception: default: Authentication failed: password is incorrect or there is no user with such name, Stac
k trace (when copying this message, always include the lines below):
0. DB::Exception::Exception(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int, bool) @ 0x8d3439a in /usr/bin/clickhouse
1. DB::IAccessStorage::throwCannotAuthenticate(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) @ 0xf2cea5f in /usr/bin/clickhouse
2. DB::IAccessStorage::login(DB::Credentials const&, Poco::Net::IPAddress const&, DB::ExternalAuthenticators const&, bool) const @ 0xf2ce8a2 in /usr/bin/clickhouse
3. DB::Context::setUser(DB::Credentials const&, Poco::Net::SocketAddress const&) @ 0xf726f59 in /usr/bin/clickhouse
4. DB::TCPHandler::receiveHello() @ 0x106a27cc in /usr/bin/clickhouse
5. DB::TCPHandler::runImpl() @ 0x1069bb58 in /usr/bin/clickhouse
6. DB::TCPHandler::run() @ 0x106af559 in /usr/bin/clickhouse
7. Poco::Net::TCPServerConnection::start() @ 0x1338810f in /usr/bin/clickhouse
8. Poco::Net::TCPServerDispatcher::run() @ 0x13389b9a in /usr/bin/clickhouse
9. Poco::PooledThread::run() @ 0x134bca19 in /usr/bin/clickhouse
10. Poco::ThreadImpl::runnableEntry(void*) @ 0x134b8caa in /usr/bin/clickhouse
11. start_thread @ 0x9609 in /usr/lib/x86_64-linux-gnu/libpthread-2.31.so
12. __clone @ 0x122293 in /usr/lib/x86_64-linux-gnu/libc-2.31.so
(version 21.7.7.47 (official build))
2021.08.16 15:46:40.853513 [ 1435 ] {} <Trace> SystemLog (system.metric_log): Flushing system log, 7 entries to flush up to offset 274559
2021.08.16 15:46:40.877984 [ 1435 ] {} <Debug> DiskLocal: Reserving 1.00 MiB on disk `default`, having unreserved 73.66 GiB.
2021.08.16 15:46:40.881561 [ 1435 ] {} <Trace> system.metric_log: Renaming temporary part tmp_insert_202108_36556_36556_0 to 202108_485873_485873_0.
- conclusion do not use yandex products
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Comments: 15 (6 by maintainers)
Commits related to this issue
- Add more comments to users.xml #27750 — committed to ClickHouse/ClickHouse by alexey-milovidov 3 years ago
- Improve usability when user forgot password #27750 — committed to ClickHouse/ClickHouse by alexey-milovidov 3 years ago
during installation CH package asks for a password and saves this password into
/etc/clickhouse-server/users.d/default-password.xmlJust remove this file you don’t need password
rm /etc/clickhouse-server/users.d/default-password.xml@ip75 I suggest you to try to install postgresql and then create a user without reading the documentation and googling. Good luck.
All you wrote is true. But I described you a real case of usual user and how to avoid wasting time for users. Instead of listen to what I said and improve your product. You just blamed me for everything and decided that everything is fine. congratulations. you have satisfied your false ego. ))))
@ip75 Your feedback is very valuable. I will try to improve usability and make this user scenario more easy to understand.
“Birds of a feather flock together.”
why have you closed this issue??? I opened it as “unexpected behaviour” It is namely UNEXPECTED BEHAVIOUR
I guess release masters should delete wrong comments from
/etc/clickhouse-server/users.xmland update reference, concerned default password location and value.you absolutely right. It works. But how was I supposed to find it out? telepathically from the minds of developers and database designers?
Funny enough, I ran into this issue today as well. The Linux install doesn’t prompt for a password and looks like it generates some random one…so by default, when installed, I can’t authenticate to my local ClickHouse installation.