Change Opensearch Admin password
It cannot be modified in the dashboard, and must be modified only with a script.
Terminal connection to master node
Create a password (using the provided tool script).
cd /usr/share/opensearch/plugins/opensearch-security/tools
./hash.sh -p <new_password>
# example - output
sh-5.2$ ./hash.sh -p dhvmstjcl!
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
$2y$12$8CL1a9FLy1JwNe5q6yudZuTtzs/9.hkxvk1WnInwOV16JV3P3RoC6
Load current settings
// Some code./securityadmin.sh -backup my-backup-directory \
-icl \
-nhnv \
-cacert ../../../config/admin/ca.crt \
-cert ../../../config/admin/tls.crt \
-key ../../../config/admin/tls.key
Change settings and run reflection script
# Search for line target to replace
# Find the hash value line of the admin item
cat -n my-backup-directory/internal_users.yml
23 config_version: 2
24 admin:
25 hash: "$2a$12$W5jcOBWSN6/q9bOKhFbTE.m/pK.POlHkLFCcR7W79M479kq3FiOIO"
26 reserved: true
27 hidden: false
28 backend_roles:
# Add content (add content after removing line)
sed -i 'Line number d' file name
sed -i 'Line number i\Content' file name
# sed -i '25d' my-backup-directory/internal_users.yml
# sed -i '25 i\ hash: "$2y$12$8CL1a9FLy1JwNe5q6yudZuTtzs/9.hkxvk1WnInwOV16JV3P3RoC6"' my-backup-directory/internal_users.yml
# reflection
./securityadmin.sh -f my-backup-directory/internal_users.yml \
-t internalusers \
-icl \
-nhnv \
-cacert ../../../config/admin/ca.crt \
-cert ../../../config/admin/tls.crt \
-key ../../../config/admin/tls.key
Last updated
Was this helpful?