Default security parameters are not coming in elasticsearch--- default super user password is not set

Hi , I have installed Elasticsearch 8.3 from RPM repository and it installed properly. started Elasticsearch on linxe machine. but i could see some issue in elasticsearch logs.

[2022-07-02T10:48:00,891][INFO ][o.e.x.s.InitialNodeSecurityAutoConfiguration] [lnitibels1u] Auto-configuration will not generate a password for the elastic built-in superuser, as we cannot  determine if there is a terminal attached to the elasticsearch process. You can use the `bin/elasticsearch-reset-password` tool to set the password for the elastic user.

it didnt generate auto password for elastic super user.

I tried to set the password for super users through

./elasticsearch-setup-passwords interactive

but it gives me error.

Failed to authenticate user 'elastic' against http://X.X.X.X:9200/_security/_authenticate?pretty
Possible causes include:
 * The password for the 'elastic' user has already been changed on this cluster
 * Your elasticsearch node is running against a different keystore
   This tool used the keystore at /etc/elasticsearch/elasticsearch.keystore

You can use the `elasticsearch-reset-password` CLI tool to reset the password of the 'elastic' user

yml file security parameters

# Enable security features
xpack.security.enabled: true

xpack.security.enrollment.enabled: true

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
  enabled: false
  keystore.path: certs/http.p12

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
  enabled: false
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later

Any idea why it is not setting default password for elastic super user and why it is not allowing to set the password.

Hi @harijld

It kind of looks to me that there was already a previous install of Elasticsearch. Were you doing it fresh install or upgrading??

Or perhaps was elasticsearch installed at some point and not completely cleaned up? That's what it looks like to me?

The other thing you can try is try to run the setup from the home directory. I notice you're all the way down in the bin

./bin/elasticsearch-setup-passwords

The message you are getting on startup is informational and not an error. The password was set and shown to you during installation.

If you didn’t notice or write it down, you can reset it with elasticsearch-reset-password as the error message from running elasticsearch-setup-passwords above already mentions.

Simply run

bin/elastisearch-reset-password

and you’ll get a new password for the elastic user

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.