Elasticsearch keystore - question on password protection

Hi Elastic experts!

A small question on the Elastic keystore:

Is it possible to use —stdin to provide the password?

Something like:

echo “mySecret” | bin/elasticsearch-keystore passwd —stdin 

Also, another question on:

For running Elasticsearch with systemd. It’s explained to put the password in a file, which could be deleted after Elasticsearch is up and running. This is a one time activity, right? And doesn’t need to be repeated after restart of Elasticsearch or the machine?

Yes, it mentions it in the documentation you link to that it's an option :slight_smile:

1 Like

The file needs to exist every time Elasticsearch starts.
From the docs:

When the keystore is password-protected, you must supply the password each time Elasticsearch starts.

You can keep the file the permanently or you can write it out each time you restart the service, but Elasticsearch will not start without it.

1 Like