Authentication Clarification for Elasticsearch 6+

I am attempting to upgrade to 6.2.2 from 5.2.1. Thankfully I can just install a clean version, no upgrade.
I am using just the Basic License.
I believe that the basic authentication from version 5 is no longer available.
If I understand the documentation correctly, I need to install X-Pack and use the security features therein if I want to secure my stack with a username and password.

I have tried to follow the following documentation without success:

It has ended with the following error message:

Possible causes include:
  The password for the 'elastic' user has already been changed on this cluster
  Your elasticsearch node is running against a different keystore
      This tool used the keystore at C:\Elasticsearch\config\elasticsearch.keystore

My Question:
Can I set up Basic Authentication using a Basic License of Elasticsearch?
I am just looking for Basic Authentication for a Single Node.
I do not have multiple users/roles.

Thank you!

Basic license never had authentication.

Sorry, I feel a bit confused.
In our current setup I use 'elastic'/'changeme' to "secure" our stack. Yes, I know, shame on me.

Everything I'm reading now for 6+ says there is no longer a default password and you need to install X-Pack and run through setup-passwords to create built-in user passwords for elasticsearch, kibana and logstash. (As mentioned, I've tried a couple times without success).

Is it possible for me, using a Basic License, to secure my Elasticsearch, Kibana & Logstash using a username and password?

No. A basic license does not include security.

Have a look at

So now I'm questioning my sanity. Obviously I'm still an ES rookie.
When I originally set up Elasticsearch, did it perhaps ask for a Username & Password since it was on a Trial license.
Once the trial license ran out and I got a Basic License, I must have continued submitting the username and password with my requests even though they aren't required and just never noticed.

Thankfully our stack lives behind the firewall with no external access.

So just to be clear, if I am going to install X-Pack for monitoring with a Basic License and thus not have security, do I need to disable security in the elasticsearch, kibana and logstash .yml files?
Using this setting: false
Or does it not matter?

I think that as soon you enter the basic license it disables security so you don't have to do it explicitly.

You don't have to, but it can be helpful.
If you don't explicitly disable security, then X-Pack will start with security enabled, form a cluster, and then detect that the cluster has a basic license, and turn the security features off.
We need to do this, as the license is a cluster setting and an individual node does not know what licence type is in use until it gets the cluster state from the active master.

But that means that security is active until your node joins a cluster, which can make it difficult to monitor a node that is still looking for a cluster.

Explicitly disabling security avoids that minor issue.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.