Kibana Keystore No Such Directory Error

kiyapedia · January 18, 2020, 8:02am

Hello —

I've got Elasticsearch and Kibana running with docker-compose with no issues. In my kibana.yml file, my password is exposed as such:

server.name: kibana
server.host: "0"
elasticsearch.hosts: [ "http://elasticsearch:9200" ]
elasticsearch.username: kibana
elasticsearch.password: password

When trying to create a kibana-keystore to protect the password value, i get the following error:

bash: bin/kibana-keystore: No such file or directory

I am following this documentation to create the kibana-keystore:

https://www.elastic.co/guide/en/kibana/6.8/secure-settings.html

I've also tried storing the password in elasticsearch-keystore but could not reference it and it caused my elasticsearch cluster to fail. I assume this is the reason why:

Only some settings are designed to be read from the keystore. However, there is no validation to block unsupported settings from the keystore and they can cause Elasticsearch to fail to start.

Any insights on how i can protect the password in kibana.yml would be much appreciated. Thanks!

grumo35 · January 18, 2020, 11:12am

Hey have you tried to look under /usr/share/bin ?

kiyapedia · January 18, 2020, 2:04pm

Yes I have. There is no usr/share/bin. Here is the output when i ls in my docker container:

LICENSE.txt NOTICE.txt README.textile bin config data jdk lib logs modules plugins

Here is the output when i ls in bin:

elasticsearch           elasticsearch-cli       elasticsearch-enve      elasticsearch-node           elasticsearch-setup-passwords  elasticsearch-sql-cli-7.5.1.jar  x-pack-env
elasticsearch-certgen   elasticsearch-croneval  elasticsearch-keystore  elasticsearch-plugin         elasticsearch-shard            elasticsearch-syskeygen          x-pack-security-env
elasticsearch-certutil  elasticsearch-env       elasticsearch-migrate   elasticsearch-saml-metadata  elasticsearch-sql-cli          elasticsearch-users              x-pack-watcher-env

This is where i want to create the kibana-kestore. When typing in kibana-keystore create, i get no such file or directory. When i try doing it from the root of the elasticsearch directory with: bin/kibana-keystore create, i get no such file or directory.

So i went ahead and tried to create the the password credentials in the elasticsearch.keystore that exists but I could not reference it in kibana.yml and it caused my elsaticsearch cluster to fail with the following message so i got rid of addition:

Only some settings are designed to be read from the keystore. However, there is no validation to block unsupported settings from the keystore and they can cause Elasticsearch to fail to start.

I just need a way to securly reference the elasticsearch.password in the kibana.yml file. Any help is appreciated!

system · February 15, 2020, 2:04pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.