安装完elasticsearch之后会有一个默认的用户admin密码也为admin,该用户无法删除无法编辑修改密码,用于生产时安全性较差,需要修改默认密码或者删除该admin用户
使用工具生产加密密码
/usr/share/elasticsearch/plugins/search-guard-6/tools chmod +x hash.sh ./hash.sh -p qweasd123 $2y$12$y1ZrQrtL5fXbsNOfkLNpauQ/f82wiFgQmUk6fJBU7OazZlvt8Hs.6
明文密码为qweasd123生成加密密码
修改配置文件
/usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_internal_users.yml
设置生效
./sgadmin.sh -cacert root-ca.pem -cert CN=sgadmin.crtfull.pem -key CN=sgadmin.key.pem -keypass 3c67d14791c6ac933e9b -nhnv -icl -cd ../sgconfig/
改命令可以在证书路径下的README.txt找到
/etc/elasticsearch/key/README.txt
命令运行以下红色为本次生效部分
[root@dev-es-kinaba tools]# ./sgadmin.sh -cacert root-ca.pem -cert CN=sgadmin.crtfull.pem -key CN=sgadmin.key.pem -keypass 3c67d14791c6ac933e9b -nhnv -icl -cd ../sgconfig/
Search Guard Admin v6
Will connect to localhost:9300 ... done
Elasticsearch Version: 6.6.2
Search Guard Version: 6.6.2-24.2
Connected as CN=sgadmin
Contacting elasticsearch cluster 'elasticsearch' and wait for YELLOW clusterstate ...
Clustername: my-elk
Clusterstate: YELLOW
Number of nodes: 1
Number of data nodes: 1
searchguard index already exists, so we do not need to create one.
Populate config from /usr/share/elasticsearch/plugins/search-guard-6/sgconfig
Will update 'sg/config' with ../sgconfig/sg_config.yml
SUCC: Configuration for 'config' created or updated
Will update 'sg/roles' with ../sgconfig/sg_roles.yml
SUCC: Configuration for 'roles' created or updated
Will update 'sg/rolesmapping' with ../sgconfig/sg_roles_mapping.yml
SUCC: Configuration for 'rolesmapping' created or updated
Will update 'sg/internalusers' with ../sgconfig/sg_internal_users.yml
SUCC: Configuration for 'internalusers' created or updated
Will update 'sg/actiongroups' with ../sgconfig/sg_action_groups.yml
SUCC: Configuration for 'actiongroups' created or updated
Done with success
PS:执行该操作会导致之前在kiban里面创建的用户删除掉
重启elasticsearch即可使用新密码登录kibana
