github-mirrors/elasticsearch
1
0
Fork 0
mirror of https://github.com/elastic/elasticsearch.git synced 2025-04-25 07:37:19 -04:00
Code Issues Projects Releases Packages Wiki Activity
elasticsearch/docs/reference/commands/setup-passwords.asciidoc
edh-oss 3c23a9e9cd
[DOCS] Remove [testenv="gold+"] attributes (#79309) 
Changes:

* Removes several `[testenv="gold+"]` attributes from the docs. `gold+` is not a valid [subscription level](https://www.elastic.co/subscriptions) or testenv value.
* Moves two `[testenv="basic"]` attributes to the file header. This makes the `testenv` placement consistent and fixes the yml file generated from `docs/reference/snapshot-restore/register-repository.asciidoc`.

Co-authored-by: James Rodewig <40268737+jrodewig@users.noreply.github.com>
2021-10-27 16:32:30 -04:00

76 lines
3.1 KiB
Text
Raw Blame History

[[setup-passwords]]
== elasticsearch-setup-passwords
deprecated[8.0, "The `elasticsearch-setup-passwords` tool is deprecated and will be removed in a future release. To manually reset the password for the built-in users (including the `elastic` user), use the <<reset-password,`elasticsearch-reset-password`>> tool, the {es} change password API, or the User Management features in {kib}."]
The `elasticsearch-setup-passwords` command sets the passwords for the
<<built-in-users,built-in users>>.
[discrete]
=== Synopsis
[source,shell]
--------------------------------------------------
bin/elasticsearch-setup-passwords auto|interactive
[-b, --batch] [-h, --help] [-E <KeyValuePair>]
[-s, --silent] [-u, --url "<URL>"] [-v, --verbose]
--------------------------------------------------
[discrete]
=== Description
This command is intended for use only during the initial configuration of the
{es} {security-features}. It uses the
<<bootstrap-elastic-passwords,`elastic` bootstrap password>>
to run user management API requests. If your {es} keystore is password protected,
before you can set the passwords for the built-in users, you must enter the keystore password.
After you set a password for the `elastic`
user, the bootstrap password is no longer active and you cannot use this command.
Instead, you can change passwords by using the *Management > Users* UI in {kib}
or the <<security-api-change-password,Change Password API>>.
This command uses an HTTP connection to connect to the cluster and run the user
management requests. If your cluster uses TLS/SSL on the HTTP layer, the command
automatically attempts to establish the connection by using the HTTPS protocol.
It configures the connection by using the `xpack.security.http.ssl` settings in
the `elasticsearch.yml` file. If you do not use the default config directory
location, ensure that the *ES_PATH_CONF* environment variable returns the
correct path before you run the `elasticsearch-setup-passwords` command. You can
override settings in your `elasticsearch.yml` file by using the `-E` command
option. For more information about debugging connection failures, see
<<trb-security-setup>>.
[discrete]
[[setup-passwords-parameters]]
=== Parameters
`auto`:: Outputs randomly-generated passwords to the console.
`-b, --batch`:: If enabled, runs the change password process without prompting the
user.
`-E <KeyValuePair>`:: Configures a standard {es} or {xpack} setting.
`-h, --help`:: Shows help information.
`interactive`:: Prompts you to manually enter passwords.
`-s, --silent`:: Shows minimal output.
`-u, --url "<URL>"`:: Specifies the URL that the tool uses to submit the user management API
requests. The default value is determined from the settings in your
`elasticsearch.yml` file. If `xpack.security.http.ssl.enabled` is set to `true`,
you must specify an HTTPS URL.
`-v, --verbose`:: Shows verbose output.
[discrete]
=== Examples
The following example uses the `-u` parameter to tell the tool where to submit
its user management API requests:
[source,shell]
--------------------------------------------------
bin/elasticsearch-setup-passwords auto -u "http://localhost:9201"
--------------------------------------------------
Reference in a new issue View git blame Copy permalink