Elasticsearch authentication failed error

security

(Aj) #1

I am using elasticsearch 2.3.3 , kibana 4.5 and shield for both. I set up everything in kibana.yml
My kibana.yml file is pasted below. I am getting an error while running kibana.bat

log [22:22:16.344] [error][status][plugin:elasticsearch] Status changed from yellow to red - Authentication Exception
I followed the steps as mentioned inthis post. Can anyone please help?

Kibana is served by a back end server. This controls which port to use.

server.port: 5601

The host to bind the server to.

server.host: "0.0.0.0"

If you are running kibana behind a proxy, and want to mount it at a path,

specify that path here. The basePath can't end in a slash.

server.basePath: ""

The maximum payload size in bytes on incoming server requests.

server.maxPayloadBytes: 1048576

The Elasticsearch instance to use for all your queries.

elasticsearch.url: "http://es_admin:Test1234@localhost:9200"

preserve_elasticsearch_host true will send the hostname specified in elasticsearch. If you set it to false,

then the host you use to connect to this Kibana instance will be sent.

elasticsearch.preserveHost: true

Kibana uses an index in Elasticsearch to store saved searches, visualizations

and dashboards. It will create a new index if it doesn't already exist.

kibana.index: ".kibana"

The default application to load.

kibana.defaultAppId: "discover"

If your Elasticsearch is protected with basic auth, these are the user credentials

used by the Kibana server to perform maintenance on the kibana_index at startup. Your Kibana

users will still need to authenticate with Elasticsearch (which is proxied through

the Kibana server)

elasticsearch.username: "kibana4-server"
elasticsearch.password: "123456"

SSL for outgoing requests from the Kibana Server to the browser (PEM formatted)

server.ssl.cert: "C:/Ajoe/OpenSSL/localhost.crt"
server.ssl.key: "C:/Ajoe/OpenSSL/localhost.key"
shield.encryptionKey: "123456"
shield.sessionTimeout: 600000

Optional setting to validate that your Elasticsearch backend uses the same key files (PEM formatted)

elasticsearch.ssl.cert: /path/to/your/client.crt

elasticsearch.ssl.key: /path/to/your/client.key

If you need to provide a CA certificate for your Elasticsearch instance, put

the path of the pem file here.

elasticsearch.ssl.ca: /path/to/your/CA.pem

Set to false to have a complete disregard for the validity of the SSL

certificate.

elasticsearch.ssl.verify: true

Time in milliseconds to wait for elasticsearch to respond to pings, defaults to

request_timeout setting

elasticsearch.pingTimeout: 1500

Time in milliseconds to wait for responses from the back end or elasticsearch.

This must be > 0

elasticsearch.requestTimeout: 30000

Time in milliseconds for Elasticsearch to wait for responses from shards.

Set to 0 to disable.

elasticsearch.shardTimeout: 0

Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying

elasticsearch.startupTimeout: 5000

Set the path to where you would like the process id file to be created.

pid.file: /var/run/kibana.pid

If you would like to send the log output to a file you can set the path below.

logging.dest: stdout

Set this to true to suppress all logging output.

logging.silent: false

Set this to true to suppress all logging output except for error messages.

logging.quiet: false

Set this to true to log all events, including system usage information and all requests.

logging.verbose: false


Kibana Server :Authentication Exception
(Jay Modi) #2

What happens if you remove the authentication credentials from the value of elasticsearch.url?


(Aj) #3

Thank you for pointing out the credentials, I made a mistake with my password. Now its working fine


(Sukesh) #4

hi Aj, iam sorry i didnot get what you have changed in credentials ! could you please explain me that?


(Aj) #5

@sukesh I gave wrong username.


(Sukesh) #6

what procedure you followed there , i did every thing but kibana throwing the authentication exception
?


(Aj) #7

I followed the steps mentioned in Kibana Shield Configuration.
Have u created the ssl certificates? Also check roles.yml file.Even the space alignment will create problem.

The required permissions for the kibana 4 server

kibana4_server:
cluster:
- all
indices:
- names: '*'
privileges:
- all

The required permissions for the kibana4_monitoring server

kibana4_monitoring:
cluster:
- all
indices:
- names: '*'
privileges:
- all


(Sukesh) #8

i didnt created the ssl certificates because i did not understand how to do that!
will you helo me in that


(Aj) #9

Download openssl for your system and

openssl genrsa -des3 -out localhost.key 1024
openssl req -new -key localhost.key -out localhost.csr
openssl x509 -req -days 365 -in localhost.csr -signkey localhost.key -out localhost.crt
openssl rsa -in localhost.key -out localhost.key

(Sukesh) #10

this is the first time i am installing this ,how to download the open ssl, is it possible to download in internet ?
it will be very help full that if you suggest me this! and i used shield.skipSslCheck: true this command in kibana.yml to skip this ssl certificate thing!

is ssl certificate settings only the reason to authentication failed exception in kibana??


(Aj) #11

I am not an expert in elasticsearch. But I think certificate is required. You need to download OpenSSL and do what I mentioned earlier in command prompt.


(Sukesh) #12

Ok , i will try to do that


(system) #13