Deprecated in 8.0.
elasticsearch-setup-passwords tool is deprecated and will be removed in a future release. To manually reset the password for the built-in users (including the
elastic user), use the
elasticsearch-reset-password tool, the Elasticsearch change password API, or the User Management features in Kibana.
elasticsearch-setup-passwords command sets the passwords for the
bin/elasticsearch-setup-passwords auto|interactive [-b, --batch] [-h, --help] [-E <KeyValuePair>] [-s, --silent] [-u, --url "<URL>"] [-v, --verbose]
This command is intended for use only during the initial configuration of the
Elasticsearch security features. It uses the
elastic bootstrap password
to run user management API requests. If your Elasticsearch keystore is password protected,
before you can set the passwords for the built-in users, you must enter the keystore password.
After you set a password for the
user, the bootstrap password is no longer active and you cannot use this command.
Instead, you can change passwords by using the Management > Users UI in Kibana
or the Change Password API.
This command uses an HTTP connection to connect to the cluster and run the user
management requests. If your cluster uses TLS/SSL on the HTTP layer, the command
automatically attempts to establish the connection by using the HTTPS protocol.
It configures the connection by using the
xpack.security.http.ssl settings in
elasticsearch.yml file. If you do not use the default config directory
location, ensure that the ES_PATH_CONF environment variable returns the
correct path before you run the
elasticsearch-setup-passwords command. You can
override settings in your
elasticsearch.yml file by using the
option. For more information about debugging connection failures, see
Setup-passwords command fails due to connection failure.
- Outputs randomly-generated passwords to the console.
- If enabled, runs the change password process without prompting the user.
- Configures a standard Elasticsearch or X-Pack setting.
- Shows help information.
- Prompts you to manually enter passwords.
- Shows minimal output.
-u, --url "<URL>"
Specifies the URL that the tool uses to submit the user management API
requests. The default value is determined from the settings in your
xpack.security.http.ssl.enabledis set to
true, you must specify an HTTPS URL.
- Shows verbose output.
The following example uses the
-u parameter to tell the tool where to submit
its user management API requests:
bin/elasticsearch-setup-passwords auto -u "http://localhost:9201"