From aff5cc840f9cfff1625e4be56c781851ece94871 Mon Sep 17 00:00:00 2001 From: Ioannis Kakavas Date: Fri, 8 Dec 2017 18:03:13 +0200 Subject: [PATCH] Make generated passwords shell safe (elastic/x-pack-elasticsearch#3253) Generate passwords from [A-Za-z0-9] so that they are safe to be used in shell scripts. Entropy deterioration is not significant (124.9 -> 119), generated passwords still meet guidelines and best practices regarding length and complexity. Resolves elastic/x-pack-elasticsearch#3087 Original commit: elastic/x-pack-elasticsearch@078639e7c2cd37c38c6951cd6014986675573a07 --- .../xpack/security/authc/esnative/tool/SetupPasswordTool.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/authc/esnative/tool/SetupPasswordTool.java b/plugin/src/main/java/org/elasticsearch/xpack/security/authc/esnative/tool/SetupPasswordTool.java index 69f18e9e865..8cfcf07b225 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/security/authc/esnative/tool/SetupPasswordTool.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/security/authc/esnative/tool/SetupPasswordTool.java @@ -54,7 +54,7 @@ import org.elasticsearch.xpack.security.user.LogstashSystemUser; */ public class SetupPasswordTool extends LoggingAwareMultiCommand { - private static final char[] CHARS = ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789~!@#$%^&*-_=+?").toCharArray(); + private static final char[] CHARS = ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789").toCharArray(); public static final List USERS = Arrays.asList(ElasticUser.NAME, KibanaUser.NAME, LogstashSystemUser.NAME); private final CheckedFunction clientFunction;