In MAAS, change-password is a command used to update the password of a MAAS user account. This functionality ensures that users can securely manage their authentication credentials within the MAAS environment.
Purpose in MAAS
The change-password command is used to modify user authentication credentials for accessing the MAAS web UI, API, and CLI. This is essential for:
- Maintaining security by enforcing credential updates.
- Managing user accounts in a multi-admin or multi-tenant MAAS deployment.
- Regaining access when a password is forgotten or compromised.
Scope & behavior in MAAS
The change-password command only affects MAAS local user accounts and does not apply to external authentication systems such as:
- SSO (Single Sign-On) if MAAS is integrated with an identity provider.
- LDAP or Active Directory authentication.
- SSH Key Authentication, which is managed separately.
Each MAAS user has their own credentials, and change-password modifies only the password of the user executing the command unless performed by an administrator.
MAAS CLI usage
Changing the Current User’s Password
maas change-password
Prompts the user to enter a new password.
Changing Another User’s Password (Admin Only)
maas admin change-password <username>
Allows an administrator to reset another user’s password.
Resetting a Password Non-Interactively
maas change-password <<< "newpassword"
Changes the password in a non-interactive mode.
Key Considerations
- Applies only to MAAS local users – External authentication users must reset passwords via their identity provider.
- Requires authentication – A user must be logged in to change their own password, while an admin can reset passwords for others.
- No password complexity enforcement – MAAS does not enforce password strength unless configured at the OS level.
- Admins can reset passwords – If a user forgets their password, an admin can set a new one via CLI or API.
Last updated 9 hours ago.