Dec 22nd, 2017: [EN][X-Pack] I lost/forgot the "elastic" user password! Am I locked out forever?


(Thiago Souza) #1

Situation: You are using X-Pack Security and you lost/forgot the "elastic" superuser password.

Don't panic!

You can workaround this problem by adding a temporary superuser user:

  1. Provision a new coordinating-only node with File Realm enabled.
  2. Add a new temporary superuser user:
$ bin/x-pack/users useradd tempuser -r superuser
  1. Start the temporary node and wait until it successfully joins the cluster.
  2. Reset the "elastic" user password (using the new tempuser):
$ curl -XPUT -u tempuser:<password> https://localhost:9200/_xpack/security/user/elastic/_password -H "Content-Type: application/json" -d '
{
  "password": "MyN3wC00lP4ssw0rd"
}'
  1. Check that is working with:
$ curl -u elastic:MyN3wC00lP4ssw0rd https://localhost:9200/
  1. Stop and scrap away the temporary node. This is very important because this node contains the temporary user in it's local file realm.

(Mark Walkom) closed #2