How to encrypt clear text password in ELK Config files - Shield


(Pvignesh92) #1

Hi team, I have installed Shield and enabled SSL by following the documentation. We could see that the passwords are in clear text as below in the configuration files which can be a concern.


shield.ssl.keystore.password: password
shield.ssl.keystore.key_password: password

Output filter of logstash
elasticsearch {
hosts => ""
index => "index-%{+YYYY.MM.dd}"
ssl => true
cacert => '/home/cacert.pem'
user => "logstash-admin"
password => "password"

Kibana also has the elasticsearch user and password in clear text. Is there any way to encrypt them? Pls suggest

(Mark Walkom) #2

There currently is not, the best option is to restrict read access to the files on the filesystem.

(Pvignesh92) #3

Thank you for the clarification.

(system) #4