What is the default user and password for elasticsearch?

Question

I have installed Elastic with Docker:

docker run -p 9200:9200 \            -p 9300:9300 \            -e "discovery.type=single-node" \             docker.elastic.co/elasticsearch/elasticsearch:5.6.2 

But curl localhost:9200 fails with authentication error:

{   "error": {     "root_cause": [       {         "type": "security_exception",         "reason": "missing authentication token for REST request [/]",         "header": {           "WWW-Authenticate": "Basic realm=\"security\" charset=\"UTF-8\""         }       }     ],     "type": "security_exception",     "reason": "missing authentication token for REST request [/]",     "header": {       "WWW-Authenticate": "Basic realm=\"security\" charset=\"UTF-8\""     }   },   "status": 401 } 

What is the default username/password combo for Elasticsearch?

Answer 1

Defaults are:

user: elastic password: changeme 

So:

$ curl -u elastic:changeme localhost:9200 {   "name" : "5aEHJ-Y",   "cluster_name" : "docker-cluster",   "cluster_uuid" : "3FmaYN7rS56oBTqWOyxmKA",   "version" : {     "number" : "5.6.2",     "build_hash" : "57e20f3",     "build_date" : "2017-09-23T13:16:45.703Z",     "build_snapshot" : false,     "lucene_version" : "6.6.1"   },   "tagline" : "You Know, for Search" } 

Read more about changing the defaults.

Answer 2

Setting up username and password for Elastic Search: (ES version:7.5.2) (Ubuntu 18.04)

Step 1: First enable xpackmonitoring in elasticsearch.yml file

root@flax:/etc/elasticsearch# vim elasticsearch.yml  Add the following line to the end of file:     xpack.security.enabled: true  File Contents: # ======================== Elasticsearch Configuration ========================= # # NOTE: Elasticsearch comes with reasonable defaults for most settings. #       Before you set out to tweak and tune the configuration, make sure you #       understand what are you trying to accomplish and the consequences. # # The primary way of configuring a node is via this file. This template lists # the most important settings you may want to configure for a production cluster. # # Please consult the documentation for further information on configuration options: # https://www.elastic.co/guide/en/elasticsearch/reference/index.html # # ---------------------------------- Cluster ----------------------------------- # # Use a descriptive name for your cluster: # #cluster.name: my-application # # ------------------------------------ Node ------------------------------------ # # Use a descriptive name for the node: # #node.name: node-1 # # Add custom attributes to the node: # #node.attr.rack: r1 # # ----------------------------------- Paths ------------------------------------ # # Path to directory where to store the data (separate multiple locations by comma): # path.data: /var/lib/elasticsearch # # Path to log files: # path.logs: /var/log/elasticsearch # # ----------------------------------- Memory ----------------------------------- # # Lock the memory on startup: # #bootstrap.memory_lock: true # # Make sure that the heap size is set to about half the memory available # on the system and that the owner of the process is allowed to use this # limit. # # Elasticsearch performs poorly when the system is swapping the memory. # # ---------------------------------- Network ----------------------------------- # # Set the bind address to a specific IP (IPv4 or IPv6): # #network.host: 192.168.0.1 network.host: 127.0.0.1 http.host: 0.0.0.0 # # Set a custom port for HTTP: # http.port: 9200 # # For more information, consult the network module documentation. # # --------------------------------- Discovery ---------------------------------- # # Pass an initial list of hosts to perform discovery when this node is started: # The default list of hosts is ["127.0.0.1", "[::1]"] # #discovery.seed_hosts: ["host1", "host2"] # # Bootstrap the cluster using an initial set of master-eligible nodes: # #cluster.initial_master_nodes: ["node-1", "node-2"] # # For more information, consult the discovery and cluster formation module documentation. # # ---------------------------------- Gateway ----------------------------------- # # Block initial recovery after a full cluster restart until N nodes are started: # #gateway.recover_after_nodes: 3 # # For more information, consult the gateway module documentation. # # ---------------------------------- Various ----------------------------------- # # Require explicit names when deleting indices: # #action.destructive_requires_name: true xpack.security.enabled: true 

Step 2: Go to /usr/share/elasticsearch folder:

root@flax:/usr/share/elasticsearch# systemctl start elasticsearch  root@flax:/usr/share/elasticsearch# ./bin/elasticsearch-setup-passwords interactive  Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user. You will be prompted to enter passwords as the process progresses. Please confirm that you would like to continue [y/N]y   Enter password for [elastic]:  Reenter password for [elastic]:  Enter password for [apm_system]:  Reenter password for [apm_system]:  Enter password for [kibana]:  Reenter password for [kibana]:  Enter password for [logstash_system]:  Reenter password for [logstash_system]:  Enter password for [beats_system]:  Reenter password for [beats_system]:  Passwords do not match. Try again. Enter password for [beats_system]:  Reenter password for [beats_system]:  Enter password for [remote_monitoring_user]:  Reenter password for [remote_monitoring_user]:  Changed password for user [apm_system] Changed password for user [kibana] Changed password for user [logstash_system] Changed password for user [beats_system] Changed password for user [remote_monitoring_user] Changed password for user [elastic]  root@flax:/usr/share/elasticsearch# systemctl restart elasticsearch  root@flax:/usr/share/elasticsearch# systemctl restart elasticsearch.service