lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git


			
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980
							[roles="xpack"]
[[reset-password]]
== elasticsearch-reset-password

The `elasticsearch-reset-password` command resets the passwords of users in
the native realm and built-in users.


[discrete]
=== Synopsis

[source,shell]
----
bin/elasticsearch-reset-password
[-a, --auto] [-b, --batch] [-E <KeyValuePair]
[-f, --force] [-h, --help] [-i, --interactive]
[-s, --silent] [-u, --username] [-v, --verbose]
----

[discrete]
=== Description

Use this command to reset the password of any user in the native realm
or any built-in user. By default, a strong password is generated for you.
To explicitly set a password, run the tool in interactive mode with `-i`.
The command generates (and subsequently removes) a temporary user in the
<<file-realm,file realm>> to run the request that changes the user password.

IMPORTANT: You cannot use this tool if the file realm is disabled in your `elasticsearch.yml` file.

This command uses an HTTP connection to connect to the cluster and run the user
management requests. The command automatically attempts to establish the connection
over HTTPS by using the `xpack.security.http.ssl` settings in
the `elasticsearch.yml` file. If you do not use the default configuration directory
location, ensure that the `ES_PATH_CONF` environment variable returns the
correct path before you run the `elasticsearch-reset-password` command. You can
override settings in your `elasticsearch.yml` file by using the `-E` command
option. For more information about debugging connection failures, see
<<trb-security-setup>>.

[discrete]
[[reset-password-parameters]]
=== Parameters


`-a, --auto`:: Resets the password of the specified user to an auto-generated strong password. (Default)

`-b, --batch`:: Runs the reset password process without prompting the user for verification.

`-E <KeyValuePair>`:: Configures a standard {es} or {xpack} setting.

`-f, --force`:: Forces the command to run against an unhealthy cluster.

`-h, --help`:: Returns all of the command parameters.

`-i, --interactive`:: Prompts for the password of the specified user. Use this option to explicitly set a password.

`-s --silent`:: Shows minimal output in the console.

`-u, --username`:: The username of the native realm user or built-in user.

`-v --verbose`:: Shows verbose output in the console.
[discrete]
=== Examples

The following example resets the password of the `elastic` user to an auto-generated value and
prints the new password in the console.

[source,shell]
----
bin/elasticsearch-reset-password -u elastic
----

The following example resets the password of a native user with username `user1` after prompting
in the terminal for the desired password:

[source,shell]
----
bin/elasticsearch-reset-password --username user1 -i
----