Unable to log in after installation

Hi,
I'm installing Elastic following this: https://www.elastic.co/guide/en/elasticsearch/reference/8.0/deb.html

Step 1. wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.0.0-amd64.deb

Step 2. sudo dpkg -i Elasticsearch-8.0.0-amd64.deb
Output:

Selecting previously unselected package elasticsearch.
(Reading database ... 457979 files and directories currently installed.)
Preparing to unpack elasticsearch-8.0.0-amd64.deb ...
Creating elasticsearch group... OK
Creating elasticsearch user...pam_tally2: /var/log/tallylog is either world writable or not a normal file
pam_tally2: Authentication error
useradd: failed to reset the tallylog entry of user "elasticsearch"
 OK
Unpacking elasticsearch (8.0.0) ...
Setting up elasticsearch (8.0.0) ...
--------------------------- Security autoconfiguration information ------------------------------

Authentication and authorization are enabled.
TLS for the transport and HTTP layers is enabled and configured.

The generated password for the elastic built-in superuser is : Sua4s9VgbzX*cF1*Q_lz

If this node should join an existing cluster, you can reconfigure this with
'/usr/share/elasticsearch/bin/elasticsearch-reconfigure-node --enrollment-token <token-here>'
after creating an enrollment token on your existing cluster.

You can complete the following actions at any time:

Reset the password of the elastic built-in superuser with 
'/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic'.

Generate an enrollment token for Kibana instances with 
 '/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana'.

Generate an enrollment token for Elasticsearch nodes with 
'/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node'.

-------------------------------------------------------------------------------------------------
### NOT starting on installation, please execute the following statements to configure elasticsearch service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable elasticsearch.service
### You can start elasticsearch service by executing
 sudo systemctl start elasticsearch.service

Step 3. bin/Elasticsearch

Step 4. In a browser, https://localhost:9200

Username: elastic
Password: Sua4s9VgbzX*cF1*Q_lz

Error HTTP 401, in the console i see:

[2022-02-22T13:47:57,785][ERROR][o.e.x.s.a.e.ReservedRealm] [] failed to retrieve password hash for reserved user [elastic]
org.elasticsearch.action.UnavailableShardsException: at least one primary shard for the index [.security-7] is unavailable

Does anybody know what happened?

Thanks, Nestor.

Hi @Nestoter

It looks like Elasticsearch didn’t start successfully after installation. What happens when you do

what do you see in the output there ?

FWIW I suggest you run elastisearch via systemd as described in Install Elasticsearch with Debian Package | Elasticsearch Guide [8.0] | Elastic

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.