Setting up User Authentication

manoj_faria · February 25, 2019, 8:34pm

Hi -

I am setting up user authentication on a docker based cluster (single node elasticsearch and a single kibana container at the moment)....per the documentation listed here:
https://www.elastic.co/guide/en/x-pack/current/setting-up-authentication.html

xpack.security.enabled is set to true in elasticsearch.yml file.

On cluster startup:

I was expecting that I should be able to setup the password(s) for built-in users via Kibana. However, I do not see any options within Kibana-> Management to set password(s) for built-in users.
I was expecting that, I should be able to set up users using the native realm (which I understood is the default). However, I do not see any options to setup users using the native realm.

I bet i am missing some security setup steps/config. I tried following elastic documentation ..but it ain't helping me much.

Any pointers/thoughts on what I may be missing?

ikakavas · February 25, 2019, 8:54pm

Hi there

The document you shared above includes instructions on how to set the passwords of the built in users : https://www.elastic.co/guide/en/x-pack/current/setting-up-authentication.html#set-built-in-user-passwords
It's nowhere mentioned that this can be done within Kibana ,and this is true.
When you navigate to Management -> Users in kibana as you mention in 1. , you can setup ( create / edit / delete ) users in the native realm .

Hope this helps !

Unless you are using version 6.2 specifically, ( and given this is a new cluster you should better use the latest version - 6.6 at this time and) use the latest version of the documentation: https://www.elastic.co/guide/en/elastic-stack-overview/current/elasticsearch-security.html

manoj_faria · February 25, 2019, 9:16pm

Thanks Ioannis.

Here is what worked for me.

enabled xpack security within elasticsearch.yml file
enabled 30-day trial license
setup bootstrap password using - bin/elasticsearch-keystore add "bootstrap.password"
configure kibana.yml to connect to elastic using elastic as the user name and the password set using step #3 listed above

With the above stated steps, I can now see the "Users" and "Roles" option under Kibana -> Management -> "Security".

manoj_faria · February 25, 2019, 9:20pm

Is there a way to refer to the keystore password key from kibana.yml (instead of specifying the elastic search password in plain text within kibana.yml file)?

ikakavas · February 26, 2019, 7:00am

Yes, this is also described in our documentation

In general, more often than not, starting from https://www.elastic.co/search will get you most of the information/feedback you need - in our documentation. For whatever is missing or unclear, we'll be happy to answer here too

manoj_faria · February 27, 2019, 1:56am

Thanks, Ioannis.

I was able to obscure the password and pass it via ${elasticsearch.password} within kibana.yml as follows:

For elasticsearch, setup passwords for built-in users using:
bin/elasticsearch-setup-passwords interactive

For Kibana
2. Create the kibana keystore
bin/kibana-keystore create

Add the key "elasticsearch.password" to kibana keystore
bin/kibana-keystore add "elasticsearch.password"
bin/kibana-keystore list
elasticsearch.password
config/kibana.yml
elasticsearch.password: ${elasticsearch.password}

Thanks!
-Manoj

system · March 27, 2019, 2:01am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.