Hi Jochen, I tried to make the same password in following files password_secret (in /etc/graylog/server/server.conf) & application.secret (in /etc/graylog/web/web.conf).
- *root_password_sha2* is generated using echo -n admin | shasum -a 256 please find two file configurations. - */etc/graylog/server/server.conf* # If you are running more than one instances of graylog2-server you have to select one of these # instances as master. The master will perform some periodical tasks that non-masters won't perform. is_master = true # The auto-generated node ID will be stored in this file and read after restarts. It is a good idea # to use an absolute file path here if you are starting graylog2-server from init scripts or similar. node_id_file = /etc/graylog/server/node-id # You MUST set a secret to secure/pepper the stored user passwords here. Use at least 64 characters. # Generate one by using for example: pwgen -N 1 -s 96 password_secret=X2oHR7K6a30wcNUEjeP3TgO1pPs8LKxfecZHe4k0fjUqv9vNI3TWsg659nSUdh6XKqvMuO9NSYU2yEIriFqjf4uXU0c4EwVR # The default root user is named 'admin' root_username = admin # You MUST specify a hash password for the root user (which you only need to initially set up the # system and in case you lose connectivity to your authentication backend) # This password cannot be changed using the API or via the web interface. If you need to change it, # modify it in this file. # Create one by using for example: echo -n yourpassword | shasum -a 256 # and put the resulting hash value into the following line root_password_sha2 =8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918 - # The email address of the root user. # Default is empty #root_email = "" - */etc/graylog/web/web.conf* # graylog2-server REST URIs (one or more, comma separated) For example: "http://127.0.0.1:12900/,http://127.0.0.1:12910/"; graylog2-server.uris="http://127.0.0.1:12900/"; # Learn how to configure custom logging in the documentation: # http://docs.graylog.org/en/latest/pages/installation.html#manual-setup-graylog-web-interface-on-linux # Secret key # ~~~~~ # The secret key is used to secure cryptographics functions. Set this to a long and randomly generated string. # If you deploy your application to several instances be sure to use the same key! # Generate for example with: pwgen -N 1 -s 96 application.secret="HR7K6a30wcNUEjeP3TgO1pPs8LKxfecZHe4k0fjUqv9vNI3TWsg659nSUdh6XKqvMuO9NSYU2yEIriFqjf4uXU0c4EwVR" # Web interface timezone # Graylog stores all timestamps in UTC. To properly display times, set the default timezone of the interface. # If you leave this out, Graylog will pick your system default as the timezone. Usually you will want to configure it explicitly. # timezone="Europe/Berlin" ------------------------------ *The problem still continues…* is there any setting I have to change, something in elasticsearch or mongodb ? Thanks in advance !!! On Thu, Mar 3, 2016 at 10:24 PM, Jochen Schalanda <[email protected]> wrote: > Hi Sagar, > > the password_secret (in the Graylog server configuration file) and > application.secret (in the Graylog web interface configuration file) must > be absolutely identical. > > You can set the user name and the password of the Graylog administrator in > the Graylog server configuration file (see > https://github.com/Graylog2/graylog2-server/blob/1.3.3/misc/graylog2.conf#L13-L22). > All other users must be created in the Graylog web interface, once it's > running. > > Cheers, > Jochen > > > On Thursday, 3 March 2016 17:32:53 UTC+1, Sagar Nikam wrote: >> >> Hi Kay, >> >> I also ran into same issue….I am on Ubuntu 14.04, running all latest >> versions of garylog components. >> I tried the things which you mention…but still get Sorry, those >> credentials are invalid problem >> Below are the config for /etc/graylog/server/server.conf >> >> # You MUST set a secret to secure/pepper the stored user passwords here. Use >> at least 64 characters. >> # Generate one by using for example: pwgen -N 1 -s 96 >> password_secret=X2oHR7K6a30wcNUEjeP3TgO1pPs8LKxfecZHe4k0fjUqv9vNI3TWsg659nSUdh6XKqvMuO9NSYU2yEIriFqjf4uXU0c4EwVR >> >> # The default root user is named 'admin' >> #root_username = admin >> >> # You MUST specify a hash password for the root user (which you only need to >> initially set up the >> # system and in case you lose connectivity to your authentication backend) >> # This password cannot be changed using the API or via the web interface. If >> you need to change it, >> # modify it in this file. >> # Create one by using for example: echo -n yourpassword | shasum -a 256 >> # and put the resulting hash value into the following line >> root_password_sha2 >> =7804a56a5c7636cc05814736f44139e32920810d3bd51aa099a5df932e754ce9 - >> >> ------------------------------ >> >> Config for /etc/graylog/web/web.conf >> >> # graylog2-server REST URIs (one or more, comma separated) For example: >> "http://127.0.0.1:12900/,http://127.0.0.1:12910/"; >> graylog2-server.uris="http://127.0.0.1:12900/"; >> >> # Learn how to configure custom logging in the documentation: >> # >> http://docs.graylog.org/en/latest/pages/installation.html#manual-setup-graylog-web-interface-on-linux >> >> # Secret key >> # ~~~~~ >> # The secret key is used to secure cryptographics functions. Set this to a >> long and randomly generated string. >> # If you deploy your application to several instances be sure to use the >> same key! >> # Generate for example with: pwgen -N 1 -s 96 >> application.secret="oMCpVsqHHLlR4Wumo4aeB7XIe1w3sQqGn7OZqvtNB3p6wo4XXDGMsS4D28NRvg5VAD5Zs6roMYUTE2FHgpQi0OWPFNPCqlX7" >> >> *Can you please tell me, how & where to configure user & password, in >> which file ?* >> >> Thanks in Advance !!! >> ------------------------------ >> >> On Wednesday, January 15, 2014 at 4:13:33 PM UTC+5:30, Kay Röpke wrote: >> >> Hi! >>> >>> The root password must be a SHA-256 string, the one you quoted below >>> looks like a sha1 to me. >>> Also, the graylog2-server does not support quotes in the values, that's >>> why it doesn't work for you. >>> >>> The hashing Lennart mentioned in that issue is for users stored in >>> mongodb, but those are different to the admin user (which is not stored in >>> mongodb at all). >>> >>> If you use SHA-256 and leave out the quotes in the config, everything >>> should work :) >>> >>> Best, >>> Kay >>> >>> On Wednesday, January 15, 2014 1:23:20 AM UTC+1, Brandon Nickell wrote: >>>> >>>> Greetings, >>>> >>>> First and foremost congratulations on the new release candidate 1. I'm >>>> currently having the following issue with 0.20.0 RC1: >>>> >>>> After installing Graylog server, web-interface and the current version >>>> of Elasticsearch 0.90.10, I'm unable to log in to the web interface with >>>> "Sorry, those credentials are invalid." >>>> >>>> I'm actually seeing the exact same stacktrace as reported by Lennart in >>>> https://github.com/Graylog2/graylog2-web-interface/issues/432 >>>> <https://www.google.com/url?q=https%3A%2F%2Fgithub.com%2FGraylog2%2Fgraylog2-web-interface%2Fissues%2F432&sa=D&sntz=1&usg=AFQjCNGoH1h7f3s5y1r63otwRzC-rZTFmw> >>>> which seems to note in the associated fix that passwords are now using >>>> SHA-1 encryption instead of SHA-256 (the installation guide in RC1 still >>>> seems to say to use shasum -a 256 despite this). I actually tried >>>> generating passwords under both formats and I'm still getting the same >>>> message. Here's the full stacktrace from the log: >>>> >>>> 2014-01-14 16:04:17,143 WARN : >>>> org.graylog2.rest.resources.system.SessionsResource - Unable to log in user >>>> admin >>>> org.apache.shiro.authc.AuthenticationException: No account information >>>> found for authentication token >>>> [org.apache.shiro.authc.UsernamePasswordToken - admin, rememberMe=false] by >>>> this Authenticator instance. Please check that it is configured correctly. >>>> at >>>> org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:202) >>>> at >>>> org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) >>>> at >>>> org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270) >>>> at >>>> org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) >>>> at >>>> org.graylog2.rest.resources.system.SessionsResource.newSession(SessionsResource.java:77) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> at >>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>>> at >>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>> at java.lang.reflect.Method.invoke(Method.java:606) >>>> at >>>> org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory$1.invoke(ResourceMethodInvocationHandlerFactory.java:81) >>>> at >>>> org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:151) >>>> at >>>> org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:171) >>>> at >>>> org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$TypeOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:195) >>>> at >>>> org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:104) >>>> at >>>> org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:402) >>>> at >>>> org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:349) >>>> at >>>> org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:106) >>>> at >>>> org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:259) >>>> at org.glassfish.jersey.internal.Errors$1.call(Errors.java:271) >>>> at org.glassfish.jersey.internal.Errors$1.call(Errors.java:267) >>>> at org.glassfish.jersey.internal.Errors.process(Errors.java:315) >>>> at org.glassfish.jersey.internal.Errors.process(Errors.java:297) >>>> at org.glassfish.jersey.internal.Errors.process(Errors.java:267) >>>> at >>>> org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:318) >>>> at >>>> org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:236) >>>> at >>>> org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:1010) >>>> at >>>> org.graylog2.jersey.container.netty.NettyContainer.messageReceived(NettyContainer.java:254) >>>> at >>>> org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:70) >>>> at >>>> org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564) >>>> at >>>> org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791) >>>> at >>>> org.jboss.netty.handler.stream.ChunkedWriteHandler.handleUpstream(ChunkedWriteHandler.java:142) >>>> at >>>> org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564) >>>> at >>>> org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791) >>>> at >>>> org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:296) >>>> at >>>> org.jboss.netty.handler.codec.frame.FrameDecoder.unfoldAndFireMessageReceived(FrameDecoder.java:459) >>>> at >>>> org.jboss.netty.handler.codec.replay.ReplayingDecoder.callDecode(ReplayingDecoder.java:536) >>>> at >>>> org.jboss.netty.handler.codec.replay.ReplayingDecoder.messageReceived(ReplayingDecoder.java:435) >>>> at >>>> org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:70) >>>> at >>>> org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564) >>>> at >>>> org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559) >>>> at >>>> org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:268) >>>> at >>>> org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:255) >>>> at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:88) >>>> at >>>> org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108) >>>> at >>>> org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:318) >>>> at >>>> org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89) >>>> at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178) >>>> at >>>> org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108) >>>> at >>>> org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42) >>>> at >>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >>>> at >>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >>>> at java.lang.Thread.run(Thread.java:744) >>>> >>>> I've also checked for any artifacts like newlines in the graylog.conf >>>> file and it seems fine to me: >>>> >>>> root_password_sha2 = '4acebef29d98e2b58085d7481c92130b33d5df6b' >>>> >>>> Any help or insight into this is appreciated, thanks in advance! >>>> >>>> -=b=- >>>> >>> >> > -- > You received this message because you are subscribed to a topic in the > Google Groups "Graylog Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/graylog2/IJ8-YckGH04/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/a89c51d0-c26f-4cb5-9fd2-e489642c2778%40googlegroups.com > <https://groups.google.com/d/msgid/graylog2/a89c51d0-c26f-4cb5-9fd2-e489642c2778%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAEbE3x7XXbcTcD5d7zx1m9V9Pzrxv7b6jtB6Uri7HiauCj_XQg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
