How to set username and password for Elastic Search elasticsearch-7.15 on Ubuntu

When you use the basic license, the Elasticsearch security features are disabled by default. Enabling the Elasticsearch security features enables basic authentication so that you can run a local cluster with username and password authentication.

Set username and password for Elastic Search


If you are not installed Elasticsearch on Ubuntu Click Here to install it.

On every node in your cluster, stop both Kibana and Elasticsearch if they are running. On every node in your cluster, add the xpack.security.enabled set to the $ES_PATH_CONF/elasticsearch.yml file and set the value to true: 



xpack.security.enabled: true

enable xpack monitoring in elasticsearch.yml file located in /etc/elasticsearch/elasticsearch.yml 



  sudo nano /etc/elasticsearch/elasticsearch.yml
 



 

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
#cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
#node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
  
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#  
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
#network.host: 192.168.0.1
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
#http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#discovery.seed_hosts: ["host1", "host2"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
#cluster.initial_master_nodes: ["node-1", "node-2"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
xpack.security.enabled: true

If your cluster has a single node, add the discovery.type  setting in the $ES_PATH_CONF/elasticsearch.yml file and set the value to single-node.

 This setting ensures that your node does not inadvertently connect to other clusters that might be running on your network.



discovery.type: single-node

Then go to elastic search conf location, /usr/share/elasticsearch set the passwords for the built-in users by running the elasticsearch-setup-passwords utility. 



./bin/elasticsearch-setup-passwords auto

the auto parameter outputs randomly-generated passwords to the console that you can change later if necessary:

If you want to use your own passwords, run the command with the interactive parameter instead of the auto parameter. Using this mode steps you through password configuration for all of the built-in users. 



./bin/elasticsearch-setup-passwords interactive





ubuntu@ubuntu:/usr/share/elasticsearch/bin$ sudo ./elasticsearch-setup-passwords auto -u  "http://localhost:9200"

Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
The passwords will be randomly generated and printed to the console.
Please confirm that you would like to continue [y/N]y


Changed password for user apm_system
PASSWORD apm_system = zr1W3yzHwOSjm4jNnOb4

Changed password for user kibana_system
PASSWORD kibana_system = 9WEESRjNXmRSNSTFeq7m

Changed password for user kibana
PASSWORD kibana = B6LSLN4NSLWsoFmNOY2x

Changed password for user logstash_system
PASSWORD logstash_system = Qqg1Xdhmf2KgoO7eOTCo

Changed password for user beats_system
PASSWORD beats_system = UvbTZZCSW6v9Z4zG9RJ0

Changed password for user remote_monitoring_user
PASSWORD remote_monitoring_user = RsnPl9KJt6Ek4qh0s8ts

Changed password for user elastic
PASSWORD elastic = 7eVU5dzXFUNVd0SW41xo

Save the generated passwords. You'll need them to add the built-in user to Kibana. After you set a password for the elastic user, you cannot run the elasticsearch-setup-passwords command a second time.

Configure Kibana to connect to Elasticsearch with a password

 When the Elasticsearch security features are enabled, users must log in to Kibana with a valid username and password.

You’ll configure Kibana to use the built-in kibana_system user and the password that you created earlier. Kibana performs some background tasks that require the use of the kibana_system user.

This account is not meant for individual users and does not have permission to log in to Kibana from a browser. Instead, you’ll log in to Kibana as the elastic superuser.

Add the elasticsearch.username setting to the KIB_PATH_CONF/kibana.yml file and set the value to the kibana_system user: 



elasticsearch.username: "elastic"
elasticsearch.username: "yourelasticpassword"

after that, we need to restart kibana 



sudo service kibana restart

If you enable xpack.security.enabled: true in /etc/elasticsearch/elasticsearch.yml file and forgot to add in KIB_PATH_CONF/kibana.yml file,then your kibana will not work,it shows loading page,

For more information you need to refer this.