zoukankan      html  css  js  c++  java
  • ELK之安装searchguard后默认管理员用户admin修改

      安装完elasticsearch之后会有一个默认的用户admin密码也为admin,该用户无法删除无法编辑修改密码,用于生产时安全性较差,需要修改默认密码或者删除该admin用户

      使用工具生产加密密码

    /usr/share/elasticsearch/plugins/search-guard-6/tools
    chmod +x hash.sh
    ./hash.sh -p qweasd123
    
    $2y$12$y1ZrQrtL5fXbsNOfkLNpauQ/f82wiFgQmUk6fJBU7OazZlvt8Hs.6
    

      明文密码为qweasd123生成加密密码

      修改配置文件

    /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_internal_users.yml 
    

      设置生效

    ./sgadmin.sh -cacert root-ca.pem -cert CN=sgadmin.crtfull.pem -key CN=sgadmin.key.pem -keypass 3c67d14791c6ac933e9b -nhnv -icl -cd ../sgconfig/
    

      改命令可以在证书路径下的README.txt找到

    /etc/elasticsearch/key/README.txt
    

      命令运行以下红色为本次生效部分

    [root@dev-es-kinaba tools]# ./sgadmin.sh -cacert root-ca.pem -cert CN=sgadmin.crtfull.pem -key CN=sgadmin.key.pem -keypass 3c67d14791c6ac933e9b -nhnv -icl -cd ../sgconfig/
    Search Guard Admin v6
    Will connect to localhost:9300 ... done
    Elasticsearch Version: 6.6.2
    Search Guard Version: 6.6.2-24.2
    Connected as CN=sgadmin
    Contacting elasticsearch cluster 'elasticsearch' and wait for YELLOW clusterstate ...
    Clustername: my-elk
    Clusterstate: YELLOW
    Number of nodes: 1
    Number of data nodes: 1
    searchguard index already exists, so we do not need to create one.
    Populate config from /usr/share/elasticsearch/plugins/search-guard-6/sgconfig
    Will update 'sg/config' with ../sgconfig/sg_config.yml 
       SUCC: Configuration for 'config' created or updated
    Will update 'sg/roles' with ../sgconfig/sg_roles.yml 
       SUCC: Configuration for 'roles' created or updated
    Will update 'sg/rolesmapping' with ../sgconfig/sg_roles_mapping.yml 
       SUCC: Configuration for 'rolesmapping' created or updated
    Will update 'sg/internalusers' with ../sgconfig/sg_internal_users.yml 
       SUCC: Configuration for 'internalusers' created or updated
    Will update 'sg/actiongroups' with ../sgconfig/sg_action_groups.yml 
       SUCC: Configuration for 'actiongroups' created or updated
    Done with success
    

      PS:执行该操作会导致之前在kiban里面创建的用户删除掉

      重启elasticsearch即可使用新密码登录kibana

  • 相关阅读:
    SQLite基本(实例FileOrganizer2013.5.12)
    MongoDB常见问题
    Node.js
    Linux安装indicator-china-weather
    Hadoop常见问题
    Hadoop HDFS文件操作
    Ubuntu下载、zsync、安装、常见问题
    Mongo-Hadoop
    Mongo JavaTest
    MongoDB 快速入门
  • 原文地址:https://www.cnblogs.com/minseo/p/10674874.html
Copyright © 2011-2022 走看看