github-mirrors/elasticsearch
1
0
Fork 0
mirror of https://github.com/elastic/elasticsearch.git synced 2025-06-28 09:28:55 -04:00
Code Issues Projects Releases Packages Wiki Activity
elasticsearch/docs/reference/settings
History
Nikolaj Volgushev 51b4fffb5e
Default to SSHA-256 as API key stored credential hasher (#120997) 
API keys are high-entropy secure random strings. This means that the
additional work factor of functions like PBKDF or bcrypt are not
necessary, and a faster hash function like salted SHA-256 provides
adequate security against offline attacks (hash collision, brute force,
etc.).

This PR adds `SSHA-256` to the list of supported stored hash algorithms
for API key secrets, and makes it the default algorithm. Additionally,
this PR changes the format of API key secrets, moving from an encoded
UUID to a random string which increase the entropy of API keys from 122
bits to 128 bits, without changing overall secret length. 

Relates: ES-9504
2025-01-30 05:14:15 +11:00
..
images
audit-settings.asciidoc Support audit ignore policy by actions (#67477) 2021-03-01 18:44:57 +01:00
ccr-settings.asciidoc [DOCS] Update CCR docs to focus on Kibana (#60555) 2020-08-17 15:36:54 -04:00
common-defs.asciidoc Fix doc for deprecated TLS settings (#98513) 2023-09-19 11:11:54 -05:00
data-stream-lifecycle-settings.asciidoc Introduce global retention in data stream lifecycle (cluster settings) (#111972) 2024-08-20 09:54:55 +03:00
health-diagnostic-settings.asciidoc HealthPeriodicLogger disabled by default (#97722) 2023-07-18 10:18:23 +03:00
ilm-settings.asciidoc ILM don't rollover empty indices (#89557) 2022-09-19 18:37:41 -04:00
inference-settings.asciidoc [ML] Increase response size limit for batched requests (#110112) 2024-06-26 10:31:06 +01:00
license-settings.asciidoc [DOCS] Document dynamic cluster settings (#61760) 2020-09-01 15:48:45 -04:00
ml-settings.asciidoc [DOCS] Concept cleanup 2 - ES settings (#119373) 2025-01-06 12:07:15 -05:00
monitoring-settings.asciidoc [DOCS] Refactor book-scoped variables in docs/reference/index.asciidoc (#107413) 2024-04-17 14:37:07 +02:00
notification-settings.asciidoc Introduce Email Address Allow Lists For Watcher (#116672) 2024-11-14 12:38:14 +01:00
security-hash-settings.asciidoc Default to SSHA-256 as API key stored credential hasher (#120997) 2025-01-30 05:14:15 +11:00
security-settings.asciidoc Default to SSHA-256 as API key stored credential hasher (#120997) 2025-01-30 05:14:15 +11:00
snapshot-settings.asciidoc Add health user action for unhealthy SLM policy failure counts (#88523) 2022-07-25 15:58:20 -04:00
ssl-settings.asciidoc [DOCS] Refactor book-scoped variables in docs/reference/index.asciidoc (#107413) 2024-04-17 14:37:07 +02:00
transform-settings.asciidoc [Transform] Implement per-transform num_failure_retries setting. (#87361) 2022-06-09 15:22:06 +02:00