How to encrypt clear text password in ELK Config files - Shield

security

(Pvignesh92) #1

Hi team, I have installed Shield and enabled SSL by following the documentation. We could see that the passwords are in clear text as below in the configuration files which can be a concern.

Elasticsearch.yml

shield.ssl.keystore.password: password
shield.ssl.keystore.key_password: password

Output filter of logstash
output{
elasticsearch {
hosts => "https://elasticserach.com:9200"
index => "index-%{+YYYY.MM.dd}"
ssl => true
cacert => '/home/cacert.pem'
user => "logstash-admin"
password => "password"
}
}

Kibana also has the elasticsearch user and password in clear text. Is there any way to encrypt them? Pls suggest


(Mark Walkom) #2

There currently is not, the best option is to restrict read access to the files on the filesystem.


(Pvignesh92) #3

Thank you for the clarification.


(system) #4