Setting up User Authentication

Hi -

I am setting up user authentication on a docker based cluster (single node elasticsearch and a single kibana container at the moment)....per the documentation listed here:
https://www.elastic.co/guide/en/x-pack/current/setting-up-authentication.html

xpack.security.enabled is set to true in elasticsearch.yml file.

On cluster startup:

  1. I was expecting that I should be able to setup the password(s) for built-in users via Kibana. However, I do not see any options within Kibana-> Management to set password(s) for built-in users.
  2. I was expecting that, I should be able to set up users using the native realm (which I understood is the default). However, I do not see any options to setup users using the native realm.

I bet i am missing some security setup steps/config. I tried following elastic documentation ..but it ain't helping me much.

Any pointers/thoughts on what I may be missing?

Hi there

  1. The document you shared above includes instructions on how to set the passwords of the built in users : https://www.elastic.co/guide/en/x-pack/current/setting-up-authentication.html#set-built-in-user-passwords
    It's nowhere mentioned that this can be done within Kibana ,and this is true.

  2. When you navigate to Management -> Users in kibana as you mention in 1. , you can setup ( create / edit / delete ) users in the native realm .

Hope this helps !

Unless you are using version 6.2 specifically, ( and given this is a new cluster you should better use the latest version - 6.6 at this time and) use the latest version of the documentation: https://www.elastic.co/guide/en/elastic-stack-overview/current/elasticsearch-security.html

Thanks Ioannis.

Here is what worked for me.

  1. enabled xpack security within elasticsearch.yml file
  2. enabled 30-day trial license
  3. setup bootstrap password using - bin/elasticsearch-keystore add "bootstrap.password"
  4. configure kibana.yml to connect to elastic using elastic as the user name and the password set using step #3 listed above

With the above stated steps, I can now see the "Users" and "Roles" option under Kibana -> Management -> "Security".

Is there a way to refer to the keystore password key from kibana.yml (instead of specifying the elastic search password in plain text within kibana.yml file)?

Yes, this is also described in our documentation

In general, more often than not, starting from https://www.elastic.co/search will get you most of the information/feedback you need - in our documentation. For whatever is missing or unclear, we'll be happy to answer here too

Thanks, Ioannis.

I was able to obscure the password and pass it via ${elasticsearch.password} within kibana.yml as follows:

  1. For elasticsearch, setup passwords for built-in users using:
    bin/elasticsearch-setup-passwords interactive

For Kibana
2. Create the kibana keystore
bin/kibana-keystore create

  1. Add the key "elasticsearch.password" to kibana keystore
    bin/kibana-keystore add "elasticsearch.password"

  2. bin/kibana-keystore list
    elasticsearch.password

  3. config/kibana.yml
    elasticsearch.password: ${elasticsearch.password}

Thanks!
-Manoj

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.