Сбросим первоначальный пароль пользователя elastic.
Попробуем получить доступ к сервису elasticsearch при включенных функциях безопасности.
curl -k https://10.30.0.73:9200/?pretty
{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "missing authentication credentials for REST request [/?pretty]",
"header" : {
"WWW-Authenticate" : [
"Basic realm=\"security\" charset=\"UTF-8\"",
"Bearer realm=\"security\"",
"ApiKey"
]
}
}
],
"type" : "security_exception",
"reason" : "missing authentication credentials for REST request [/?pretty]",
"header" : {
"WWW-Authenticate" : [
"Basic realm=\"security\" charset=\"UTF-8\"",
"Bearer realm=\"security\"",
"ApiKey"
]
}
},
"status" : 401
}
Проверьте параметры команды, которая может использоваться для управления встроенными пользователями.
/usr/share/elasticsearch/bin/elasticsearch-reset-password --help
Resets the password of users in the native realm and built-in users.
Option (* = required) Description
--------------------- -----------
-E <KeyValuePair> Configure a setting
-a, --auto
-b, --batch
-f, --force Use this option to force execution of the command
against a cluster that is currently unhealthy.
-h, --help Show help
-i, --interactive
-s, --silent Show minimal output
* -u, --username The username of the user whose password will be reset
--url the URL where the elasticsearch node listens for
connections.
-v, --verbose Show verbose output
Сброс пароля для пользователя elastic:
sudo /usr/share/elasticsearch/bin/elasticsearch-reset-password --batch -u elastic
Password for the [elastic] user successfully reset.
New value: ++tRaHCtZC12ScCHXGGk
Выполните простой запрос, используя только что созданный пароль.
curl -k -u "elastic:++tRaHCtZC12ScCHXGGk" https://10.30.0.73:9200/?pretty
{
"name" : "daemon-0",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "41GLD2rWR-6MJ5K1PDNOAw",
"version" : {
"number" : "8.12.2",
"build_flavor" : "default",
"build_type" : "deb",
"build_hash" : "48a287ab9497e852de30327444b0809e55d46466",
"build_date" : "2024-02-19T10:04:32.774273190Z",
"build_snapshot" : false,
"lucene_version" : "9.9.2",
"minimum_wire_compatibility_version" : "7.17.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "You Know, for Search"
}
Кроме того, вы можете использовать интерактивный режим для определения желаемого пароля.
sudo /usr/share/elasticsearch/bin/elasticsearch-reset-password --interactive -u elastic
This tool will reset the password of the [elastic] user.
You will be prompted to enter the password.
Please confirm that you would like to continue [y/N] y
Enter password for [elastic]: ***********
Re-enter password for [elastic]: ***********
Password for the [elastic] user successfully reset.
см. также: