How to setup password for elasticsearch users?

Asked 8/1, 2020 at 10:58 Answered 13/12, 2023 at 8:49

I am trying to enable security for my ES cloud. I am following these instructions:

https://www.elastic.co/guide/en/elasticsearch/reference/7.5/configuring-security.html

and I am stuck at point 6. When I try to run bin/elasticsearch-setup-passwords interactive I got error:

Failed to determine the health of the cluster running at http://XXX:9200
Unexpected response code [503] from calling GET http://XXX:9200/_cluster/health?pretty
Cause: master_not_discovered_exception

It is recommended that you resolve the issues with your cluster before running elasticsearch-setup-passwords.
It is very likely that the password changes will fail when run against an unhealthy cluster.

Do you want to continue with the password setup process [y/N]

I try to check my ES instance state:

curl http://XXX:9200/_cluster/health?pretty

and get

{
  "error" : {
    "root_cause" : [
      {
        "type" : "security_exception",
        "reason" : "missing authentication credentials for REST request [/_cluster/health?pretty]",
        "header" : {
          "WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""
        }
      }
    ],
    "type" : "security_exception",
    "reason" : "missing authentication credentials for REST request [/_cluster/health?pretty]",
    "header" : {
      "WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""
    }
  },
  "status" : 401
}

So, looks like I cant setup a password because I can`t authenticate :) ?

Reddin answered 8/1, 2020 at 10:58 Comment(3)

have you tried to add -u username in curl? – Cycloparaffin 8/1, 2020 at 11:4

I dont know which user I can use. I tried to use elastic` user, but I don`t know a password. And cant setup new password :) – Reddin 8/1, 2020 at 11:17

I see the same issue, no matter what I do I can not set the password. Setting up ElasticSearch is extremely buggy. – Improbity 6/8, 2020 at 15:6

Here is the official doc for setting up security for Elasticsearch

step 1: cd /usr/share/elasticsearch/

step 2:

sudo bin/elasticsearch-setup-passwords auto

sudo bin/elasticsearch-setup-passwords interactive

auto - Uses randomly generated passwords interactive - Uses passwords entered by a user

The above commands can help you to setup password

Busiek answered 8/1, 2020 at 12:14 Comment(5)

As I described above - it can`t setup password – Reddin 8/1, 2020 at 12:16

@Reddin Your cluster isn't in a healthy state, so it is not possible for the tool to set the user passwords. – Busiek 8/1, 2020 at 12:20

@Reddin I think you need to set host network.host: 127.0.0.1 in config/elasticsearch.yaml – Busiek 8/1, 2020 at 12:22

HI @HariharanAR I need to direct update the password at the initial phase and not want to go through generating random password to provide access to user through rest API. please help. – Umbilication 3/3, 2020 at 7:2

For anyone else /usr/share/elasticsearch/bin/elasticsearch-setup-passwords auto but it doesn't work. Cause: Cluster state has not been recovered yet, cannot write to the [null] index – Improbity 6/8, 2020 at 15:8

The following worked for me in Windows.

Ensure elastic node is up and running. In a separate prompt, from elasticsearch/bin, run the below command

elasticsearch-setup-passwords auto -u "http://localhost:9200"

Elastic will ask you for proceeding with the setup of auto generated password. Once you proceed with yes, you will be provide with the password for elastic/kibana/beats etc.

Kristofor answered 22/1, 2021 at 17:27 Comment(0)

for the windows run the elk in cmd
open other cmd and past the command where the elk in folder

bin/elasticsearch-setup-passwords auto

Calvados answered 11/3, 2022 at 6:34 Comment(0)

After some research I found that the Magento stores the credential in an XML file and it can be found in base directory:

+\magento\vendor\magento\module-elasticsearch-7\etc\config.xml. Please update your elastic password instead of XXXXXX and also in case you have chosen a different version of elastic, the location would be different.
    -->
    <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Store:etc/config.xsd">
        <default>
            <catalog>
                <search>
                    <engine>elasticsearch7</engine>
                    <elasticsearch7_server_hostname>localhost</elasticsearch7_server_hostname>
                    <elasticsearch7_server_port>9200</elasticsearch7_server_port>
                    <elasticsearch7_index_prefix>magento2</elasticsearch7_index_prefix>
                    <elasticsearch7_enable_auth>1</elasticsearch7_enable_auth>
                    <elasticsearch7_username>elastic</elasticsearch7_username>
                    <elasticsearch7_password>XXXXXXXXXXX</elasticsearch7_password>nfog              
                    <elasticsearch7_server_timeout>15</elasticsearch7_server_timeout>
                    <elasticsearch7_minimum_should_match/>
                </search>
            </catalog>
        </default>
    </config>

Emmery answered 27/6, 2022 at 10:7 Comment(0)

open cmd in your bin folder D:\software\elasticsearch-8.8.0\bin and hit >elasticsearch.bat

open another cmd in your bin folder D:\software\elasticsearch-8.8.0\bin and hit >elasticsearch-reset-password -u elastic

Thunderclap answered 13/12, 2023 at 8:49 Comment(0)

Recommended topics

Hot tags