48 lines
1.2 KiB
Plaintext
48 lines
1.2 KiB
Plaintext
[[change-passwords-native-users]]
|
|
=== Setting passwords for native and built-in users
|
|
|
|
After you implement security, you might need or want to change passwords for
|
|
different users. You can use the <<reset-password,`elasticsearch-reset-password`>>
|
|
tool or the <<security-api-change-password,change passwords API>> to change
|
|
passwords for native users and <<built-in-users,built-in users>>, such as the
|
|
`elastic` or `kibana_system` users.
|
|
|
|
For example, the following command changes the password for a user with the
|
|
username `user1` to an auto-generated value, and prints the new password
|
|
to the terminal:
|
|
|
|
[source,shell]
|
|
----
|
|
bin/elasticsearch-reset-password -u user1
|
|
----
|
|
|
|
To explicitly set a password for a user, include the `-i` parameter with the
|
|
intended password.
|
|
|
|
[source,shell]
|
|
----
|
|
bin/elasticsearch-reset-password -u user1 -i <password>
|
|
----
|
|
|
|
If you're working in {kib} or don't have command-line access, you can use the
|
|
change passwords API to change a user's password:
|
|
|
|
////
|
|
[source,console]
|
|
----
|
|
POST _security/user/user1?refresh=true
|
|
{
|
|
"password" : "l0ng-r4nd0m-p@ssw0rd",
|
|
"roles": ["admin"]
|
|
}
|
|
----
|
|
////
|
|
|
|
[source,console]
|
|
----
|
|
POST /_security/user/user1/_password
|
|
{
|
|
"password" : "new-test-password"
|
|
}
|
|
----
|
|
//TEST[continued] |