Redis password verification command AUTH
Redis has not made much optimization in terms of security, but has made great efforts in terms of performance and ease of use. A very simple security method for Redis is password verification, which requires the use of the AUTH command. Let's take a look at how to use this command.
After Redis is installed, no password verification is required by default. After starting the Redis service, you can directly connect to Redis through the client and perform corresponding operations.
# redis-server //Open redis service
# redis-cli //Use the client to connect to
redis> get mykey
"onmpw" //The returned result
The above is the default operation without a password. Now we turn on password verification.
There are two ways to enable password authentication for Redis: one is to set the password directly through the command line, and the other is to add the password in the redis.conf configuration file.
Setting the password directly via the command line
The password set in this way is only valid in the current process. That is to say, if we restart the Redis service, the password we set previously will no longer exist. The usage is as follows:
# redis-cli
redis> get mykey
"onmpw" //Returned result We haven't set a password yet, so we can execute the corresponding command without verification here
redis> config set requirepass onmpw123
redis> get mykey
(error) NOAUTH Authentication required. //Error message
redis> auth onmpw123 // Verify the password through the auth command
redis> get mykey
"onmpw" //Here we see if we can get the result I want again
Through the above examples, we can learn how to set the password through the command line and how to verify the password through the command AUTH. The password will become invalid after the service is restarted. From the above example, we can see that there is a keyword requirepass (if you are not familiar with vim operations, you can refer to "Summary of Common Vim Commands" ), which is required to set the password. And the following configuration file to set the password also requires requirepass.
Add a password to the redis.conf configuration file
Next, we will introduce how to add a password in redis.conf. It is actually very simple. There is a redis.conf file in the Redis root directory. Enter the Redis root directory and use vim to edit the file. And search for requirepass, locate this line, and remove the # in front of it to change the password. Part of the content is as follows:
################################# SECURITY ###############################
# Require clients to issue AUTH <PASSWORD> before processing any other
# commands. This might be useful in environments in which you do not trust
# others with access to the host running redis-server.
#
# This should stay commented out for backward compatibility and because most
# people do not need auth (eg they run their own servers).
#
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
#
requirepass onmpw123
We can see that the password we want to set is after requirepass. Save and exit the file, then restart the Redis service. Note that to restart the Redis service, you need to add a parameter after redis-server. This parameter is the path to the redis.conf file.
# redis-server /redis.conf directory/redis.conf
Only in this way can the redis-server service detect the redis.conf file. If no parameters are added, the settings in redis.conf will be ignored and invalid.
#redis-cli
redis> get mykey
(error) NOAUTH Authentication required. //Error message
redis> auth onmpw123 // Verify the password through the auth command
redis> get mykey
"onmpw" //Here we can see if we can get the result we want again
AUTH command return value
In the article "Detailed Explanation of Redis Protocol", we introduced several data types of RESP. The return value of the AUTH command uses the Simple Strings type. When the password verification is correct, the response data is
"+OK\r\n"
If the verification fails, the returned value is of type Errors
"-Err invalid password"
Summarize
Through the above two methods, we have learned how to set a password for Redis and verify the password with the AUTH command. However, because the high performance of Redis can accept a lot of attempted passwords in a short time, please be sure to set a sufficiently complex password to prevent possible attacks. In addition, the AUTH command, like other Redis commands, sends data in an unencrypted manner, so it cannot prevent attackers with sufficient network access rights from eavesdropping. To implement data encryption protection, a new layer of protection is needed, such as using an SSL proxy.
That’s all for now. You will need to explore many details yourself. I hope this article will be helpful to you.
For reprinting, please send an email to 1244347461@qq.com for approval. After obtaining the author's consent, kindly include the source as a link.
Related Articles
Setting PHP_AUTH_USER and PHP_AUTH_PW in PHP
Publish Date:2025/04/13 Views:79 Category:PHP
-
curl This article will show you how to use Requests in PHP to set PHP_AUTH_USER and PHP_AUTH_PW and use Requests through the command line curl . It will also show you how to confirm that the values of PHP_AUTH_USER and PHP_AUTH_PW hav
Validating phone numbers in PHP
Publish Date:2025/04/12 Views:180 Category:PHP
-
PHP has two ways to validate phone numbers, one is regular expression regex and the other is filter the method. We can use to regex set a template and validate the phone number based on that template, but filter will only exclude the unwant
Validating Email in PHP
Publish Date:2025/04/12 Views:120 Category:PHP
-
We will introduce a method to validate email addresses in PHP using filter_var() the function and FILTER_VALIDATE_EMAIL filter name ID. filter_var() The function takes an email as the first parameter and a filter name FILTER_VALIDATE_EMAIL
Redis installation method and common problem solving under centos
Publish Date:2025/04/09 Views:158 Category:Redis
-
In this article, we will introduce how to install redis under CentOS. In fact, the installation steps are very simple, but there may be some problems in the middle, which is worthy of our attention. Let's take a look at how to install it. F
How to use clion to debug redis source code on mac system
Publish Date:2025/04/09 Views:172 Category:Redis
-
clion mainly uses cmake + make for compilation. So for redis4, the main thing is to write the CMakeLists.txt file first. CmakeLists.txt file redis4/CMakeLists.txt cmake_minimum_required (VERSION 3.15 ) project (redis4) set (CMAKE_BUILD_TYPE
Mac system uses clion to remotely debug redis4 source code
Publish Date:2025/04/09 Views:129 Category:Redis
-
The remote host uses the Linux system. The first step is definitely to establish a code synchronization mechanism on the local and remote hosts - sftp is the first choice. The second step is to write the CMakeLists.txt file of redis4. There
Validating inserted values in MySQL table with duplicate key
Publish Date:2025/04/09 Views:98 Category:MySQL
-
Traditional SQL INSERT statements do not perform input validation of their parameters/values against existing database tables, which sometimes results in errors when duplicate keys are found during the insert process. This is handled
Installing and configuring Redis on Mac OS X via Homebrew
Publish Date:2025/04/07 Views:108 Category:OPERATING SYSTEM
-
By using Homebrew, you can greatly reduce the cost of setting up and configuring a development environment on Mac OS X. Let's install Redis. $ brew install redis After installation, we will see some notifications about configuration conside
SSH key-based authentication setup from openSSH to SSH2
Publish Date:2025/04/07 Views:128 Category:OPERATING SYSTEM
-
Previous articles ( openSSH to openSSH setup , SSH2 to SSH2 setup ) explained how to set up key-based authentication on the same version of ssh to perform ssh and scp without entering a password. This article explains how to set up SSH key-
