Failed to retrieve password hash for reserved user [elastic]

rachelyang · October 8, 2021, 2:45pm

I have verified the password of user elastic.

 curl -k -u elastic 'https://localhost:9200/_xpack/security/_authenticate?pretty'
Enter host password for user 'elastic':
{
  "username" : "elastic",
  "roles" : [
    "superuser"
  ],
  "full_name" : null,
  "email" : null,
  "metadata" : {
    "_reserved" : true
  },
  "enabled" : true,
  "authentication_realm" : {
    "name" : "reserved",
    "type" : "reserved"
  },
  "lookup_realm" : {
    "name" : "reserved",
    "type" : "reserved"
  },
  "authentication_type" : "realm"
}

But after I restart Elasticsearch service, the log file has error:

failed to retrieve password hash for reserved user [elastic]
org.elasticsearch.action.UnavailableShardsException: at least one primary shard for the index [.security-7] is unavailable
Authentication of [elastic] was terminated by realm [reserved] - failed to authenticate user [elastic]

How do I need to check the configuration? Thanks

warkolm · October 10, 2021, 10:43pm

Please don't post questions about the Security functionality of Elasticsearch in this category. There's a pretty clear set of directions that mention this when you go to post in this category;

Please delete this message before posting your topic

For questions on securing the Elastic Stack via TLS/SSL or access control, please use the relevant product category - Elasticsearch, Kibana, Beats and Logstash.

This category is for questions related to the Elastic Stack Security functionality - Security solution unifying SIEM, endpoint & cloud | Elastic - encompassing our free and open SIEM, and Endpoint Security.

Please delete this message before posting your topic