安裝完elasticsearch之后會有一個默認的用戶admin密碼也為admin,該用戶無法刪除無法編輯修改密碼,用於生產時安全性較差,需要修改默認密碼或者刪除該admin用戶
使用工具生產加密密碼
/usr/share/elasticsearch/plugins/search-guard-6/tools chmod +x hash.sh ./hash.sh -p qweasd123 $2y$12$y1ZrQrtL5fXbsNOfkLNpauQ/f82wiFgQmUk6fJBU7OazZlvt8Hs.6
明文密碼為qweasd123生成加密密碼
修改配置文件
/usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_internal_users.yml
設置生效
./sgadmin.sh -cacert root-ca.pem -cert CN=sgadmin.crtfull.pem -key CN=sgadmin.key.pem -keypass 3c67d14791c6ac933e9b -nhnv -icl -cd ../sgconfig/
改命令可以在證書路徑下的README.txt找到
/etc/elasticsearch/key/README.txt
命令運行以下紅色為本次生效部分
[root@dev-es-kinaba tools]# ./sgadmin.sh -cacert root-ca.pem -cert CN=sgadmin.crtfull.pem -key CN=sgadmin.key.pem -keypass 3c67d14791c6ac933e9b -nhnv -icl -cd ../sgconfig/
Search Guard Admin v6
Will connect to localhost:9300 ... done
Elasticsearch Version: 6.6.2
Search Guard Version: 6.6.2-24.2
Connected as CN=sgadmin
Contacting elasticsearch cluster 'elasticsearch' and wait for YELLOW clusterstate ...
Clustername: my-elk
Clusterstate: YELLOW
Number of nodes: 1
Number of data nodes: 1
searchguard index already exists, so we do not need to create one.
Populate config from /usr/share/elasticsearch/plugins/search-guard-6/sgconfig
Will update 'sg/config' with ../sgconfig/sg_config.yml
SUCC: Configuration for 'config' created or updated
Will update 'sg/roles' with ../sgconfig/sg_roles.yml
SUCC: Configuration for 'roles' created or updated
Will update 'sg/rolesmapping' with ../sgconfig/sg_roles_mapping.yml
SUCC: Configuration for 'rolesmapping' created or updated
Will update 'sg/internalusers' with ../sgconfig/sg_internal_users.yml
SUCC: Configuration for 'internalusers' created or updated
Will update 'sg/actiongroups' with ../sgconfig/sg_action_groups.yml
SUCC: Configuration for 'actiongroups' created or updated
Done with success
PS:執行該操作會導致之前在kiban里面創建的用戶刪除掉
重啟elasticsearch即可使用新密碼登錄kibana
