Xpack setting password for build-in user


(Ridwan) #1

Is setting the password for all built-in users compulsory during the installation of xpack ?

i am not able to understand the advantages and disadvantages of setting up this password since we already have a default bootstrap password ,i believe.
(referring : https://www.elastic.co/guide/en/x-pack/6.2/setting-up-authentication.html#bootstrap-elastic-passwords)


(Ioannis Kakavas) #2

The bootstrap.password is a transient password derived from the keystore.seed which is auto-generated, and is meant to be used only to set the passwords of the built in users. You should not use this instead and you can not use this instead as:

  1. There is no API to read keystore.seed from the Elasticsearch keystore so that you can use it in authenticated API requests
  2. Even if you set the bootstrap.password yourself in the Elasticsearch keystore, this password can subsequently only be used for the elastic user and not the rest of the built in users.

There are no advantages and disadvantages to think about in this specific case as there are no alternatives. The strongly suggested and only supported way is to follow the documentation and set the built-in users passwords.


(Ridwan) #3

Thanks a lot!


(system) #4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.