How to set passwords for built-in users in batch mode?

@Vitaly_il

how I may submit bootstrapping password to _xpack/security/user/.../_password API

Step 0: Think of a password to use. I'll use "top-secret"

Step 1: Shutdown at least 1 node of your cluster.

Step 2: Add a "bootstrap.password" to the keystore on that node:

bin/elasticsearch-keystore add "bootstrap.password"
Enter value for bootstrap.password: top-secret

Step 3: Start that elasticsearch node.

Step 4: Call

curl -uelastic -XPUT -H 'Content-Type: application/json' 'http://localhost:9200/_xpack/security/user/kibana/_password' -d '{ "password":new-kibana-password" }'
Enter host password for user 'elastic': top-secret

Step 5: Repeat (4) for logstash_system

Step 6: Repeat (4) for elastic (to set a permanent password rather than just a "bootstrap.password" that's tied to a specific node)

7 Likes