How to encrypt clear text password in ELK Config files - Shield

pvignesh92 · July 5, 2016, 9:04am

Hi team, I have installed Shield and enabled SSL by following the documentation. We could see that the passwords are in clear text as below in the configuration files which can be a concern.

Elasticsearch.yml

shield.ssl.keystore.password: password
shield.ssl.keystore.key_password: password

Output filter of logstash
output{
elasticsearch {
hosts => "https://elasticserach.com:9200"
index => "index-%{+YYYY.MM.dd}"
ssl => true
cacert => '/home/cacert.pem'
user => "logstash-admin"
password => "password"
}
}

Kibana also has the elasticsearch user and password in clear text. Is there any way to encrypt them? Pls suggest

warkolm · July 5, 2016, 10:52am

There currently is not, the best option is to restrict read access to the files on the filesystem.

pvignesh92 · July 5, 2016, 11:25am

Thank you for the clarification.

Topic		Replies	Views
Clear text password in Elasticsearch, logstash, kibana and Beats Elasticsearch	5	2913	February 9, 2019
How to define Kibana/Logstash password encrypted Logstash elastic-stack-security	8	2870	July 6, 2017
Encrypt / secure Elasticsearch's password in logstash.conf file Logstash	6	3835	January 25, 2018
Clear text password exposed in environment Elasticsearch	3	687	January 7, 2020
Secure the ELK password in config files Elasticsearch	2	386	April 25, 2018

How to encrypt clear text password in ELK Config files - Shield

Related Topics