How to define Kibana/Logstash password encrypted

security

(Emmanuel Demey) #1

Hi everyone,

I am working with Shield, and I have a question about the configuration of the Kibana or Logstash user in their corresponding configuration file.

Is it possible to encrypt password for thes users ? in order to avoid to put them in the plain text in logstash or kibana.yml configuration file ?

For example, in your documentation, you have this kibana configuration :

elasticsearch.username: kibana4-server
elasticsearch.password: password

But "password" is in plain text...

Thanks

Manu


(Mark Walkom) #2

Currently this is not possible, it's something we are working on though (I can't give an ETA).


(Paul Kelly) #3

Hi Mark - this is also an important one for us too;


(Jay Modi) #4

Is it really encryption that you are seeking or obfuscation? If you would like encryption, then where would the key be stored or how would it be retrieved?


(piyush) #5

Hi Team,
Is there a way we can use environment variables for username/password? please let me know how.

I tried profile values but it's not working:

1:
elasticsearch.username: $kibanauser
elasticsearch.password: $kibanapwd

2:
elasticsearch.username: "$kibanauser"
elasticsearch.password: "$kibanapwd"

For plain text it's working fine.

Thanks & Regards,


Kibana password encapsulation
(Mark Walkom) #6

Please start your own thread.


(piyush) #7

Hey Mark, what's going on. When i posted my question here you only said "please start your own thread"

Now when i opened a new thread you are redirecting me to this thread again and you closed my thread"kibana password encapsulation" ??? wow...

why can't you just answer, below is in place or not in kibana-4.5.0?


(Mark Walkom) #8

That was my mistake.


(system) #9