Of Stack

Redis USES an authenticated password to log in

  • 2020-05-24 06:26:40
  • OfStack

The default configuration of Redis does not require password authentication, which means that as long as the host and port of the connected Redis server are correct, they can be connected and used. This is a security issue, so you need to enable the Redis authentication password to increase the security of the Redis server.

1. Modify the configuration file

The Redis configuration file defaults to /etc/ redis.conf, which finds the following line: 


#requirepass foobared

Remove the previous comment and change it to the required password:

requirepass myPassword (where myPassword is the password to set)

2. Restart Redis

If Redis is already configured as service service, you can restart it by: 


service redis restart

If Redis is not configured as service service, you can restart it by: 


/usr/local/bin/redis-cli shutdown
/usr/local/bin/redis-server /etc/redis.conf

3. Login verification

After setting the Redis authentication password, the client side needs to use the -a parameter to enter the authentication password when logging in. You can log in successfully without adding this parameter, but you don't have any operation permission. As follows: 


$ ./redis-cli -h 127.0.0.1 -p 6379
127.0.0.1:6379> keys *
(error) NOAUTH Authentication required.

Use password to authenticate login and verify operation permissions: 


$ ./redis-cli -h 127.0.0.1 -p 6379 -a myPassword
127.0.0.1:6379> config get requirepass
1) "requirepass"
2) "myPassword"

You see output similar to the one above, indicating that the Reids password authentication configuration was successful.

In addition to using the -a parameter to enter the login password when logging in as above. You can also verify after the connection without specifying: 


$ ./redis-cli -h 127.0.0.1 -p 6379
127.0.0.1:6379> auth myPassword
OK
127.0.0.1:6379> config get requirepass
1) "requirepass"
2) "myPassword"
127.0.0.1:6379>

4. Configure password at the command line client (valid until redis is restarted)

前面介绍了通过redis.conf配置密码,这种配置方式需要重新启动Redis。 You can also configure the password via the command line client without restarting Redis. The configuration method is as follows: 


127.0.0.1:6379> config set requirepass newPassword
OK
127.0.0.1:6379> config get requirepass
1) "requirepass"
2) "newPassword"

注意:使用命令行客户端配置密码,重启Redis后仍然会使用redis.conf配置文件中的密码。

5. Use the authentication password in the Redis cluster

If the Redis server is used, cluster is used. In addition to configuring the password in master, you also need to configure it in slave. Find the following line in slave's configuration file, remove the comments, and change the same password as master: 


# masterauth master-password
Related articles: