elasticsearch/docs/reference/security/securing-communications/change-passwords-native-use...

48 lines
1.2 KiB
Plaintext

[[change-passwords-native-users]]
=== Setting passwords for native and built-in users
After you implement security, you might need or want to change passwords for
different users. You can use the <<reset-password,`elasticsearch-reset-password`>>
tool or the <<security-api-change-password,change passwords API>> to change
passwords for native users and <<built-in-users,built-in users>>, such as the
`elastic` or `kibana_system` users.
For example, the following command changes the password for a user with the
username `user1` to an auto-generated value, and prints the new password
to the terminal:
[source,shell]
----
bin/elasticsearch-reset-password -u user1
----
To explicitly set a password for a user, include the `-i` parameter with the
intended password.
[source,shell]
----
bin/elasticsearch-reset-password -u user1 -i <password>
----
If you're working in {kib} or don't have command-line access, you can use the
change passwords API to change a user's password:
////
[source,console]
----
POST _security/user/user1?refresh=true
{
"password" : "l0ng-r4nd0m-p@ssw0rd",
"roles": ["admin"]
}
----
////
[source,console]
----
POST /_security/user/user1/_password
{
"password" : "new-test-password"
}
----
//TEST[continued]