Changing the admin password in docker deployment (ver. 4.3)
1,389 views
Skip to first unread message
Sandeep Renjith
May 11, 2022, 4:56:38 PM5/11/22
to Wazuh mailing list
WIth Wazuh 4.3 it is quite difficult to change the admin password of Opensearch.
admin:
hash: "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
reserved: false (this was true)
backend_roles:
- "admin"
description: "Demo admin user"
I understand that this is more of an Opensearch issue than a Wazuh issue.
However, I am commenting on the usage of the wazuh-opendistro-passwords-tool.sh and the documentation on Wazuh docs (4.3) linked below.
The issue is that the tool doesn't currently seem to work with Opensearch.
Outside of the tool, the method I was using for password reset on Opendistro (pre 4.3 Wazuh) was the one linked below.
This method seems to come with its own set of issues on Opensearch (on docker).
Requested resolution
Update wazuh-opendistro-passwords-tool.sh to include opensearch
Update documentation on this specific to opensearch
Only sane solution which worked for me
Requested resolution
Update wazuh-opendistro-passwords-tool.sh to include opensearch
Update documentation on this specific to opensearch
Only sane solution which worked for me
- Change value of reserved to false for the user 'admin' in internal_users.yml in /wazuh-docker/single-node/config/wazuh_indexer before bringing up the cluster.
admin:
reserved: false (this was true)
backend_roles:
- "admin"
description: "Demo admin user"
I am not sure if this is the best solution to change the admin user from read-only mode. Please let me know if there is a better way of doing this.
Pablo Ariel Gonzalez
May 13, 2022, 12:32:10 AM5/13/22
to Wazuh mailing list
Hi Sandeep, it's a pleasure to discuss this topic with you.
Thank you very much for the time you have taken to explain the problem and the solution you have applied to solve it. We are going to analyze it in detail and then we will share an answer with you.
For this I ask if you could tell us, have you deployed the new version 4.3 of Wazuh in docker following the installation guide? Since this version has the new Wazuh-indexer and Wazuh-dashboard components, this information would be very useful for the analysis.
Thank you very much for the time you have taken to explain the problem and the solution you have applied to solve it. We are going to analyze it in detail and then we will share an answer with you.
For this I ask if you could tell us, have you deployed the new version 4.3 of Wazuh in docker following the installation guide? Since this version has the new Wazuh-indexer and Wazuh-dashboard components, this information would be very useful for the analysis.
Thanks,
Kompromittiert
Jun 21, 2022, 6:26:54 AM6/21/22
to Wazuh mailing list
Same problem for me, fresh docker install, no documentation will fit.
hash.sh:
not executable inside wazuh.indexer, because it lacks of jre.
./wazuh-passwords-tool.sh:
not executable inside wazuh.indexer, because it lacks of jre.
./wazuh-passwords-tool.sh:
grep: /etc/wazuh-indexer/opensearch.yml: No such file or directory
./wazuh-passwords-tool.sh: line 468: [: ==: unary operator expected
21/06/2022 10:24:25 ERROR: Cannot find Wazuh indexer, Wazuh dashboard or Filebeat on the system.
./wazuh-passwords-tool.sh: line 468: [: ==: unary operator expected
21/06/2022 10:24:25 ERROR: Cannot find Wazuh indexer, Wazuh dashboard or Filebeat on the system.
So this script will only fit for non-docker instances.
Manually changing interal_user.yml by use a custom bcrypt hash tool and finally make the changes available with securityadmin.sh, also fails:
WARNING: JAVA_HOME not set, will use
Daniel D'Angeli
Jun 21, 2022, 7:59:54 AM6/21/22
to Wazuh mailing list
For the java problem, add the following environment variable to the docker compose:
environment:
- "JAVA_HOME=/usr/share/wazuh-indexer/jdk"
Daniel D'Angeli
Jun 23, 2022, 6:09:47 AM6/23/22
to Wazuh mailing list
For anyone looking for a fix, i have found the solution.
Check the issue on GitHub here: https://github.com/wazuh/wazuh-docker/issues/677
Pablo Ariel Gonzalez
Jun 29, 2022, 6:56:43 PM6/29/22
to Wazuh mailing list
Hi Everyone,
Daniel, thanks for the information and detail. We are looking into what you comment earlier about the environment variable not being generated properly.
As soon as we have news we will share it with you.
Thanks,
Reply all
Reply to author
Forward
0 new messages