本文介绍了在Elasticsearch中误删除所有用户后,如何通过开启x-pack验证、修改配置文件、设置新密码以及使用curl命令重置特定用户密码的详细步骤,特别提醒不要随意删除security索引。
如果在 Elasticsearch 中误操作删除了所有用户,可以通过以下步骤重新创建用户和密码:
- 在配置文件中开启 x-pack 验证,修改
config(一般是在/usr/share/elasticsearch)目录下面的elasticsearch.yml文件,添加以下内容并重启:xpack.security.enabled: true xpack.license.self_generated.type: basic xpack.security.transport.ssl.enabled: true - 执行设置用户名和密码的命令,需要为4个用户分别设置密码,包括
elastic、kibana、logstash_system和beats_system:bin/elasticsearch-setup-passwords interactive initiating the setup of passwords for reserved users elastic,kibana,logstash_system,beats_system. You will be prompted to enter passwords as the process progresses. Please confirm that you would like to continue (y/N)y Enter password for (elastic): Reenter password for (elastic): Passwords do not match. Try again. Enter password for (elastic): Reenter password for (elastic): Enter password for (kibana): Reenter password for (kibana): Enter password for (logstash_system): Reenter password for (logstash_system): Enter password for (beats_system): Reenter password for (beats_system): Changed password for user (kibana) Changed password for user (logstash_system) Changed password for user (beats_system) Changed password for user (elastic) - 后续需要修改密码,命令如下:
curl -H "Content-Type:application/json" -XPOST -u elastic 'http://127.0.0.1:9200/_xpack/security/user/elastic/_password' -d '{ "password" : "123456" }'
备注:请谨慎删除security索引,这个是系统用户密码保存的索引。
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
