elasticsearch 的默认用户名和密码是什么？

Question

elasticsearch 的默认用户名和密码是什么？

dockerauthenticationelasticsearchcredentials

79

我使用 Docker 安装了 Elastic：

docker run -p 9200:9200 \
           -p 9300:9300 \
           -e "discovery.type=single-node" \ 
           docker.elastic.co/elasticsearch/elasticsearch:5.6.2

但是curl localhost:9200失败并显示身份验证错误:

Translated text:

但是curl localhost:9200失败并显示身份验证错误：

{
  "error": {
    "root_cause": [
      {
        "type": "security_exception",
        "reason": "missing authentication token for REST request [/]",
        "header": {
          "WWW-Authenticate": "Basic realm=\"security\" charset=\"UTF-8\""
        }
      }
    ],
    "type": "security_exception",
    "reason": "missing authentication token for REST request [/]",
    "header": {
      "WWW-Authenticate": "Basic realm=\"security\" charset=\"UTF-8\""
    }
  },
  "status": 401
}

Elasticsearch的默认用户名/密码组合是什么？

- Adam Matan

13个回答

24

为Elastic Search设置用户名和密码：（ES版本：7.5.2）（Ubuntu 18.04）

步骤1：首先在elasticsearch.yml文件中启用xpackmonitoring

root@flax:/etc/elasticsearch# vim elasticsearch.yml

Add the following line to the end of file:
    xpack.security.enabled: true

File Contents:
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
#cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
#node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
#network.host: 192.168.0.1
network.host: 127.0.0.1
http.host: 0.0.0.0
#
# Set a custom port for HTTP:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#discovery.seed_hosts: ["host1", "host2"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
#cluster.initial_master_nodes: ["node-1", "node-2"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
#gateway.recover_after_nodes: 3
#
# For more information, consult the gateway module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
xpack.security.enabled: true

第二步：进入 /usr/share/elasticsearch 文件夹：

root@flax:/usr/share/elasticsearch# systemctl start elasticsearch

root@flax:/usr/share/elasticsearch# ./bin/elasticsearch-setup-passwords interactive

Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y


Enter password for [elastic]: 
Reenter password for [elastic]: 
Enter password for [apm_system]: 
Reenter password for [apm_system]: 
Enter password for [kibana]: 
Reenter password for [kibana]: 
Enter password for [logstash_system]: 
Reenter password for [logstash_system]: 
Enter password for [beats_system]: 
Reenter password for [beats_system]: 
Passwords do not match.
Try again.
Enter password for [beats_system]: 
Reenter password for [beats_system]: 
Enter password for [remote_monitoring_user]: 
Reenter password for [remote_monitoring_user]: 
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]

root@flax:/usr/share/elasticsearch# systemctl restart elasticsearch

root@flax:/usr/share/elasticsearch# systemctl restart elasticsearch.service

- Stack Kiddy

4

./bin/elasticsearch-setup-passwords: No such file or directory - Oliver Dixon

1

@OliverDixon 你需要在软件包管理器中安装“默认”版本的ES，而不是OSS版本。 - ospider

1

请确保您位于/usr/share/elasticsearch目录下。 - exud

15

请注意 ElasticSearch 的版本。在 7.2 中，参数 ELASTIC_PASSWORD 起作用。

docker run -p 9200:9200 \
           -p 9300:9300 \
           -e "discovery.type=single-node" \ 
           -e "ELASTIC_PASSWORD=my_own_password" \

但是还需要在elasticsearch.yml中添加这一行:

xpack.security.enabled: true

默认情况下，它不存在。

安全设置列表

- Ihor

唯一能让这个答案更完整的是提供其他类似选项列表的链接。 - Dave Ankin

12

如果您在elasticsearch版本7.7（撰写本答案时）中使用xpack.security.enabled：true启用了基本的x-pack安全功能，则它将不再像旧版本的x-pack一样具有默认密码changeme。

如安全入门官方文档中所述：

X-Pack安全功能提供了一个内置的弹性超级用户，您可以使用该用户来开始设置。该elastic用户拥有对群集的完全访问权限，包括所有索引和数据，因此默认情况下elastic用户没有设置密码。

因此，如果要更改elastic的密码，则需要执行以下步骤。如果想在安装后进行操作，请按照交互模式指南中的设置内置用户密码进行:

从elasticsearch bin文件夹中运行以下命令。

bin/elasticsearch-setup-passwords interactive

- Amit

7

设置用户名和密码

通过ssh连接系统，在停止 Elasticsearch 和 Kibana 服务后，运行以下命令：

sudo nano /etc/elasticsearch/elasticsearch.yml

更新该文件，通过添加以下行启用安全性：

xpack.security.enabled: true

更改密码

按照以下步骤执行更改密码操作：

步骤1：

 cd /usr/share/elasticsearch/

第二步：

sudo bin/elasticsearch-setup-passwords auto

自动生成 - 使用随机生成的密码交互式 - 使用用户输入的密码

或者

sudo bin/elasticsearch-setup-passwords interactive

您可以以“交互”模式运行命令，提示您为elastic、kibana_system、logstash_system、beats_system、apm_system和remote_monitoring_user用户输入新密码:

以上命令可帮助您设置密码。

启动Elasticsearch

通过运行systemctl命令启动Elasticsearch服务：

sudo systemctl start elasticsearch.service

如果启动成功，则可能需要一些时间才能启动系统。如果成功，则不会输出任何内容。

启用Elasticsearch在启动时自动启动：

sudo systemctl enable elasticsearch.service

启动并启用Kibana

启动Kibana服务：

sudo systemctl start kibana

如果服务成功启动，则没有输出内容。

接下来，配置Kibana在启动时启动：

sudo systemctl enable kibana

- Maksud Alam

2

如何添加或更改用户名的流程在哪里？ - Kshitij Agarwal

5

在\elasticsearch-8.2.2\config\elasticsearch.yml文件中添加以下两行：

# Enable security features
xpack.security.enabled: true
xpack.security.enrollment.enabled: true

我重启了服务器，这对我有用，它使用用户名 -u 在控制台上打印密码。

- Dnyaneshwar Jadhav

当服务器位于支持的Docker容器内时，您如何重新启动它？例如，它似乎不是通过systemctl运行的。 - dixon1e

1

所以，@dixon1e 这是我在 CMD 中运行 .bat 文件的情况，这里没有 Docker 容器，但如果有这样的选项那就太棒了，我需要更深入地了解一下 Docker 的情况。但在这里，它只是在 Windows 操作系统上执行简单应用程序。 - Dnyaneshwar Jadhav

2

对于ES 8.4.3，我们可以按以下方式重置Elasticsearch密码

sudo docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic

- Pandurang Babar

2

在Elasticsearch 6.x版本中，您可以使用ELASTIC_PASSWORD环境变量为elastic用户指定初始密码。"最初的回答"

docker run -p 9200:9200 \
           -p 9300:9300 \
           -e "discovery.type=single-node" \ 
           -e "ELASTIC_PASSWORD=my_own_password" \
           docker.elastic.co/elasticsearch/elasticsearch:6.5.4

最初的回答：

来源：https://www.elastic.co/guide/en/elasticsearch/reference/6.x/configuring-tls-docker.html

本文介绍了如何在Docker容器中配置Elasticsearch TLS。TLS（传输层安全）是一种用于保护网络通信的协议，可以确保数据在传输过程中不被篡改或窃取。要配置TLS，需要生成证书和密钥，并将其配置到Elasticsearch中。本文提供了详细的步骤和示例代码，帮助您轻松地完成配置过程。

- Alex

1

只有购买付费许可证并安装商业的“x-pack security”插件才能使用此功能。 - Sliq

5

自从ELK Stack 6.8和7.X版本，xpack成为基本许可证的默认功能。 - user1435184

2

我运行的是8.8.0版本，第一次运行时会在日志中显示密码和用户名。当你运行它时，在命令提示符下搜索以下数据，它几乎是最新的一行（我在Windows上运行）：

 Password for the elastic user (reset with `bin/elasticsearch-reset-password -u elastic`):

如果第一次没有看到，只需删除弹性文件夹并重新提取，我就是这样做的。这是最简单的方法。

- norullah karimi

1

在命令提示符中进入elastic文件夹：

C:\Users\username>cd C:\your_elastic_folder\bin

执行

elasticsearch-setup-passwords interactive

设置并创建您的密码。之后，您可以登录您的 http://localhost:9200/。

- Matveev Aleksandr

网页内容由stack overflow 提供, 点击上面的

可以查看英文原文，
原文链接

- Adam Matan · Accepted Answer

默认设置为:

user: elastic
password: changeme

所以：

$ curl -u elastic:changeme localhost:9200
{
  "name" : "5aEHJ-Y",
  "cluster_name" : "docker-cluster",
  "cluster_uuid" : "3FmaYN7rS56oBTqWOyxmKA",
  "version" : {
    "number" : "5.6.2",
    "build_hash" : "57e20f3",
    "build_date" : "2017-09-23T13:16:45.703Z",
    "build_snapshot" : false,
    "lucene_version" : "6.6.1"
  },
  "tagline" : "You Know, for Search"
}

了解更多关于更改默认设置的信息。