Well that won't work. The bcrypt format that python generates is not the same at we use internally.
Officially, we only support using the elasticsearch-users tool to manage these files. You're free to manage them some othr way, but you will need to make sure that they're in a compatible format with the files we generate.
Python's bcyrpt is equivalent to the hash/salt algorithm that elasticsearch uses. I found out that replacing 2b with 2a is actually allowed and will not screw things up.
Am I still missing anything? Here's the new users file
Likewise, realms that store passwords hash them using cryptographically strong and password-specific salt values. You can configure the algorithm for password hashing by setting the xpack.security.authc.password_hashing.algorithm setting to one of the following:
Table 2. Password hashing algorithms
Algorithm Description
bcrypt
Uses bcrypt algorithm with salt generated in 1024 rounds. (default)
bcrypt4
Uses bcrypt algorithm with salt generated in 16 rounds.
bcrypt5
Uses bcrypt algorithm with salt generated in 32 rounds.
bcrypt6
Uses bcrypt algorithm with salt generated in 64 rounds.
bcrypt7
Uses bcrypt algorithm with salt generated in 128 rounds.
bcrypt8
Uses bcrypt algorithm with salt generated in 256 rounds.
bcrypt9
Uses bcrypt algorithm with salt generated in 512 rounds.
bcrypt10
Uses bcrypt algorithm with salt generated in 1024 rounds.
Is there any bcrypt library on any programming language able to replicate elaticsearch-users results?
I'm sorry, I can't really help you. The only option we support for generating those files it to use the elasticsearch-users tool directly.
I you really want to reproduce that code yourself, then I can't stop you, but you're on your own. My only advice is to call the elasticsearch-users tool directly.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.