I forgot the admin password for SonarQube. Googled and found that the value for crypted_password should be updated to 8b1254c1c684c5dc904f3f174cea1cacbde4ad84 which will reset the password to admin. But still I am not able to login. Any advice?
Asked
Active
Viewed 7.7k times
10 Answers
37
Just an update to this the new link is here:
https://docs.sonarqube.org/latest/instance-administration/security/#header-3
As it says on the link you can do this:
In case you lost the admin password of your SonarQube instance, you can reset it by executing the following query:
PostgreSQL and Microsoft SQL Server
update users set crypted_password='100000$t2h8AtNs1AlCHuLobDjHQTn9XppwTIx88UjqUm4s8RsfTuXQHSd/fpFexAnewwPsO6jGFQUv/24DnO55hY6Xew==', salt='k9x9eN127/3e/hf38iNiKwVfaVk=', hash_method='PBKDF2', reset_password='true', user_local='true' where login='admin';
Oracle
update users set crypted_password='100000$t2h8AtNs1AlCHuLobDjHQTn9XppwTIx88UjqUm4s8RsfTuXQHSd/fpFexAnewwPsO6jGFQUv/24DnO55hY6Xew==', salt='k9x9eN127/3e/hf38iNiKwVfaVk=', hash_method='PBKDF2', reset_password=1, user_local=1 where login='admin';
This will reset the password for admin user to admin.
zpontikas
- 5,445
- 2
- 37
- 41
-
3I setup a local instance following this two minutes instruction: http://docs.sonarqube.org/display/SONAR/Get+Started+in+Two+Minutes. After enabled LDAP, I can't login with admin/admin anymore, and I don't have any admin users. I think it's using "H2 embedded database server". How can I connect to this database to run the query? – Jirong Hu Jan 13 '16 at 20:56
-
1You got how to connect the database? Same issue here – Nithyanandan Sathiyanathan Jul 16 '18 at 15:40
-
3Do not work with recent versions. See answer from @david-racodon-qa-consultant – Julien H. - SonarSource Team Jan 08 '19 at 14:16
-
What if they have an earlier version installed? where will they find the info for that? – zpontikas Jan 11 '19 at 10:38
-
Where can i run that query? @zpontikas – Nguyễn Văn Phong Aug 12 '22 at 07:52
-
@NguyễnVănPhong Hello, you run this command on the database that you installed sonarqube. To find more info on the database connection you have to first find out if the installation is from a zip or a docker image, then you can follow these instructions to find the db URL and the access credentials: https://docs.sonarqube.org/latest/setup/install-server/#header-2 – zpontikas Aug 23 '22 at 11:41
16
I'm not sure where you got the info. Here's the official documentation to reset the password and to recreate an admin user
t7e
- 322
- 1
- 3
- 9
David RACODON - QA Consultant
- 4,003
- 1
- 13
- 14
-
6yes, as per the official doc, this is the command needs to be run: `update users set crypted_password = '$2a$12$uCkkXmhW5ThVK8mpBvnXOOJRLd64LJeHTeCkSuB3lfaR2N0AYBaSi', salt=null, hash_method='BCRYPT' where login = 'admin'` – Asrar Aug 31 '19 at 18:17
-
That information would be useful if they didn't think part of it and write the other part. If I could access the system I wouldn't need to reset admin password, would I? and I can't find full detail on how, where to run the query they give me? can I run it on my AWS redis node or digital ocean MySQL database? – AaA Aug 27 '21 at 06:23
-
2The comments in the main answer point to this answer since the original answer is out of date. This answer now too has out of date/broken links, here is an updated link: https://docs.sonarqube.org/latest/instance-administration/security/ and look for "Reinstating Admin Access" – Chris Robak Oct 01 '21 at 14:46
-
15
You need to connect to sonar DB and change the admin password from there. For postgresql:
psql -h mysonar.dc9wocad9da.us-west-1.rds.amazonaws.com -p 5432 -U sonaruser sonardb
Then run the query:
update users set crypted_password = '88c991e39bb88b94178123a849606905ebf440f5', salt='6522f3c5007ae910ad690bb1bdbf264a34884c6d' where login = 'admin';
Your new admin pass is:
user: admin
pass admin
Don't forget to change the admin pass after you log in.
Source: https://docs.sonarqube.org/display/SONAR/Authentication
Andrzej Rehmann
- 12,360
- 7
- 39
- 38
-
1Do not work with recent versions. See answer from @david-racodon-qa-consultant – Julien H. - SonarSource Team Jan 08 '19 at 14:16
-
4
I would like to share the way how I recovered admin user password for Bitnami SonarQube hosted on AWS EC2 but I think it will be as well valid for any other cases.
In my case I do not have admin password and no database password. Here's list of steps that I took to reset admin password.
- SSH to EC2 Instance
- Find
sonar.propertiesfile. In my case it was located at/opt/bitnami/apps/sonarqube/sonarqube/conf/ - In
DATABASEsection I found propertiessonar.jdbc.usernameandsonar.jdbc.passwordwhich were in my case mysql credentials as plain text. - Connect to mysql using credentials
mysql -uSONARQUBE_USER -p -D bitnami_sonarqube
- On documentation page in section
Reinstating Admin Accessyou'll find query which allows you from database level reset admin user password to default password which is simplyadmin.
update users set crypted_password = '$2a$12$uCkkXmhW5ThVK8mpBvnXOOJRLd64LJeHTeCkSuB3lfaR2N0AYBaSi', salt=null, hash_method='BCRYPT' where login = 'admin'
- Go to SonarQube in your browser and try to login using credentials
admin/admin - Do not forget to change password after successful login.
Tomasz
- 4,847
- 2
- 32
- 41
-
If you are using Sonarqube 7.9.x then these steps works like charm. I tried them and I was able to reset password. – Prakash Boda Jul 16 '20 at 09:02
-
-
2
The password reset is working fine with postgres DB users table update when you lost the admin user password. You can reset password with the following encrypted value and salt for any user in sonar DB.
Login to Sonar DB:
psql -U sonar_user -W
sonar_db=# select * from users;
Check the table login column and select the user you want to reset the password. If you don't have sonar admin console access.
update users set crypted_password = '88c991e39bb88b94178123a849606905ebf440f5', salt='6522f3c5007ae910ad690bb1bdbf264a34884c6d' where login = 'sonara_user_name';
Then the password will be admin. After you log in to the system please make sure to reset the password to your own password.
Sanka Sathyaji
- 488
- 5
- 10
2
Official documentation : https://docs.sonarqube.org/latest/instance-administration/security/#header-3
update users set crypted_password='100000$t2h8AtNs1AlCHuLobDjHQTn9XppwTIx88UjqUm4s8RsfTuXQHSd/fpFexAnewwPsO6jGFQUv/24DnO55hY6Xew==', salt='k9x9eN127/3e/hf38iNiKwVfaVk=', hash_method='PBKDF2', reset_password='true', user_local='true' where login='admin';
Antoine ROBERT
- 372
- 3
- 10
0
How to generate sonarqube password hash ?
private static final class Sha1Function implements HashFunction {
@Override
public AuthenticationResult checkCredentials(UserDto user, String password) {
if (user.getCryptedPassword() == null) {
return new AuthenticationResult(false, "null password in DB");
}
if (user.getSalt() == null) {
return new AuthenticationResult(false, "null salt");
}
if (!user.getCryptedPassword().equals(hash(user.getSalt(), password))) {
return new AuthenticationResult(false, "wrong password");
}
return new AuthenticationResult(true, "");
}
private static String hash(String salt, String password) {
return DigestUtils.sha1Hex("--" + salt + "--" + password + "--");
}
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import hashlib
def hash(salt, password):
"""calc sonar crypted_password
"""
return hashlib.new(
'sha1',
bytes(f"--{salt}--{password}--", 'utf-8')
).hexdigest()
if __name__ == '__main__':
# admin: admin
password = 'admin'
salt = '6522f3c5007ae910ad690bb1bdbf264a34884c6d'
crypted_password = '88c991e39bb88b94178123a849606905ebf440f5'
if crypted_password == hash(salt, password):
print(f"{password} -> sonarqube hash algorithm-> {crypted_password}")
debug
- 991
- 10
- 14
0
If you have Sonarqube running in Docker, and you have mounted a volume for data persistence, then you can delete the e7 folder, and the sonar.mv.db database file before spinning up the container.
This will reset your Sonarqube instance back to a fresh install.
An example of a docker container that is running Community Edition v8.9
docker container run -e SONARQUBE_HOME=/opt/sonarqube/data -e SQ_DATA_DIR=/opt/sonarqube/data -e PWD=/opt/sonarqube/data -v c:/src/data/sonarqube/:/opt/sonarqube/data -dp 9000:9000 --name sonarqube sonarqube:8.9-community
Where c:/src/data/sonarqube/ is the local folder (bound to container /opt/sonarqube/data) that will have the e7 folder and the sonar.mv.db file that can be deleted.
Beware: you will lose all your projects and tokens by following these instructions, but you will gain admin access to a fresh installation of Sonarqube.
James K
- 909
- 10
- 26
0
The official documentation when writing this answer currently states:
Reinstating Admin Access
If you changed and then lost the admin password, you can reset it using the following query:
update users set crypted_password='100000$t2h8AtNs1AlCHuLobDjHQTn9XppwTIx88UjqUm4s8RsfTuXQHSd/fpFexAnewwPsO6jGFQUv/24DnO55hY6Xew==', salt='k9x9eN127/3e/hf38iNiKwVfaVk=', hash_method='PBKDF2', reset_password='true', user_local='true' where login='admin';
If you've deleted admin and subsequently locked out the other users with global administrative permissions, you'll need to re-grant admin to a user with the following query:
INSERT INTO user_roles(uuid, user_uuid, role)
VALUES ('random-uuid',
(select uuid from users where login='mylogin'),
'admin');
It worked like a charm on my sonarqube instance version 8.9.7
Also, if you're using kubernetes you can start a psql container easily with the following commands:
kubectl run --restart=Never --image=governmentpaas/psql --command=true psql -- sleep infinity
kubectl exec -it psql -- sh
Then connect to the database with the following command
psql -h yourhostname --user sonarqubeuser -d sonarqubedb
jjaniec
- 1
- 2
0
As official docs of sonarqube said that
If you changed and then lost the admin password, you can reset it using the following query:
update users
set crypted_password = '$2a$12$uCkkXmhW5ThVK8mpBvnXOOJRLd64LJeHTeCkSuB3lfaR2N0AYBaSi',
salt=null,
hash_method='BCRYPT'
where login = 'admin'
Nguyễn Văn Phong
- 13,506
- 17
- 39
- 56