How to connect to Apache Cassandra with cqlsh

Connecting with cqlsh is the fastest way to prove that a workstation or administration host can reach the Apache Cassandra native transport endpoint. A successful connection confirms the target node, port, authentication boundary, and basic CQL access before an application driver or migration job depends on the cluster.

cqlsh connects to one Cassandra node at a time and sends CQL over the native protocol. The default native transport port is 9042, and remote connections depend on the node's rpc_address, firewall rules, and any client authentication or TLS settings applied to the cluster.

Use a read-only statement first so the check proves access without changing schema or data. If authentication or client TLS is enabled, use the same target host and port with a protected cqlshrc or credentials file instead of placing real passwords into shared terminal history.

Related: How to create a single-node Apache Cassandra cluster
Related: How to check Apache Cassandra cluster status with nodetool
Related: How to insert and query data in Apache Cassandra

Steps to connect to Apache Cassandra with cqlsh:

  1. Confirm the Cassandra node is up before testing client access. 
    $ nodetool status
Datacenter: datacenter1
=======================
Status=Up/Down
|/ State=Normal/Leaving/Joining/Moving
--  Address    Load        Tokens  Owns (effective)  Host ID                               Rack
UN  10.0.0.10  144.32 KiB  16      100.0%            d0b8b726-c680-4b42-bb57-3fa50db70e6a  rack1

    UN means the node is up and serving as a normal member of the ring.
    Related: How to check Apache Cassandra cluster status with nodetool

  2. Connect to the native transport port and print the connected host. 
    $ cqlsh 10.0.0.10 9042 -e "SHOW HOST"
Connected to SG Cluster at 10.0.0.10:9042

    Replace 10.0.0.10 with the Cassandra node address that clients can reach. Use 9042 unless the cluster changed native_transport_port.

  3. Add the required client options when the cluster uses authentication or TLS.

    Use --cqlshrc, --credentials, or --ssl with the same host and port when the cluster requires them. Avoid putting real passwords directly in reusable transcripts or shared shell history.
    Related: How to enable authentication in Apache Cassandra
    Related: How to enable client TLS in Apache Cassandra

  4. Confirm the cluster identity through cqlsh. 
    $ cqlsh 10.0.0.10 9042 -e "DESCRIBE CLUSTER;"

Cluster: SG Cluster
Partitioner: Murmur3Partitioner
Snitch: DynamicEndpointSnitch

    The cluster name should match the Cassandra environment expected by the operator or application handoff.

  5. Run a read-only query against the local system table. 
    $ cqlsh 10.0.0.10 9042 -e "SELECT cluster_name, listen_address FROM system.local;"

 cluster_name | listen_address
--------------+----------------
 SG Cluster   |      10.0.0.10

(1 rows)

    This proves the session can execute CQL and return data from the connected Cassandra node.