Setting up User Authentication

Elastic Stack Elasticsearch
1

Hi -

I am setting up user authentication on a docker based cluster (single node elasticsearch and a single kibana container at the moment)....per the documentation listed here:
https://www.elastic.co/guide/en/x-pack/current/setting-up-authentication.html

xpack.security.enabled is set to true in elasticsearch.yml file.

On cluster startup:

  1. I was expecting that I should be able to setup the password(s) for built-in users via Kibana. However, I do not see any options within Kibana-> Management to set password(s) for built-in users.
  2. I was expecting that, I should be able to set up users using the native realm (which I understood is the default). However, I do not see any options to setup users using the native realm.

I bet i am missing some security setup steps/config. I tried following elastic documentation ..but it ain't helping me much.

Any pointers/thoughts on what I may be missing?

2

Hi there

  1. The document you shared above includes instructions on how to set the passwords of the built in users : https://www.elastic.co/guide/en/x-pack/current/setting-up-authentication.html#set-built-in-user-passwords
    It's nowhere mentioned that this can be done within Kibana ,and this is true.

  2. When you navigate to Management -> Users in kibana as you mention in 1. , you can setup ( create / edit / delete ) users in the native realm .

Hope this helps !

Unless you are using version 6.2 specifically, ( and given this is a new cluster you should better use the latest version - 6.6 at this time and) use the latest version of the documentation: https://www.elastic.co/guide/en/elastic-stack-overview/current/elasticsearch-security.html

3

Thanks Ioannis.

Here is what worked for me.

  1. enabled xpack security within elasticsearch.yml file
  2. enabled 30-day trial license
  3. setup bootstrap password using - bin/elasticsearch-keystore add "bootstrap.password"
  4. configure kibana.yml to connect to elastic using elastic as the user name and the password set using step #3 listed above

With the above stated steps, I can now see the "Users" and "Roles" option under Kibana -> Management -> "Security".

4

Is there a way to refer to the keystore password key from kibana.yml (instead of specifying the elastic search password in plain text within kibana.yml file)?

5

Yes, this is also described in our documentation

In general, more often than not, starting from https://www.elastic.co/search will get you most of the information/feedback you need - in our documentation. For whatever is missing or unclear, we'll be happy to answer here too

6

Thanks, Ioannis.

I was able to obscure the password and pass it via ${elasticsearch.password} within kibana.yml as follows:

  1. For elasticsearch, setup passwords for built-in users using:
    bin/elasticsearch-setup-passwords interactive

For Kibana
2. Create the kibana keystore
bin/kibana-keystore create

  1. Add the key "elasticsearch.password" to kibana keystore
    bin/kibana-keystore add "elasticsearch.password"

  2. bin/kibana-keystore list
    elasticsearch.password

  3. config/kibana.yml
    elasticsearch.password: ${elasticsearch.password}

Thanks!
-Manoj

7

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.