Search Guard Forum

Is searchguard supports reading from elasticsearch-keystore?

ymohdriz April 29, 2019, 10:49am 1

Hi team,

I stored the keystore/truststore passwords in elasticsearch-keystore tool. But searchguard is not able to read it from the elasticsearch-keystore tool.

Is searchguard supports reading from elasticsearch-keystore?

I don’t want to store the plain text passwords in elasticsearch.yml file and environment variable.

Thanks,
Mohammed

cstaley April 29, 2019, 11:59am 3

No, it is not supported by Search Guard because it’s not really secure. And here is why:

“The elasticsearch keystore currently only provides obfuscation. In the future, password protection will be added.” (Secure settings | Elasticsearch Guide [6.7] | Elastic)

So what real additional security do you gain from using elasticsearch-keystore?

system Closed May 20, 2019, 11:59am 4

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views	Activity
Usage of Elasticsearch Keystore for Search Guard Supported? Search Guard	5	429	August 20, 2021
Use Elastic Keystore for Searchguard configs Search Guard	6	966	June 18, 2020
Passwords in elasticsearch.yml Search Guard	3	762	May 19, 2018
Searchguard SSL 2.2.1 - Hashing Keystore & Trustore passwords in elasticsearch.yml Search Guard	2	415	May 19, 2016
Hiding the keystore password Search Guard	3	778	October 9, 2017