开发者

How to set password for Redis?

开发者 https://www.devze.com 2023-04-06 22:51 出处:网络
I\'m working with redis on my local machineso I dont really need to set up a password to connect to the server with my php client (I\'m using predis as a client). However, I\'m moving my app to a live

I'm working with redis on my local machine so I dont really need to set up a password to connect to the server with my php client (I'm using predis as a client). However, I'm moving my app to a live server, so I want to set up a password to connect to my redis server.

I have few questions:

  • I checked all over the internet about how to set up the password and it looks like I need to add the password in the redis.conf. I couldnt find though what I should add exactly to the configuration file to set up the password.

  • also in predis how should I add the password. I'm using the following array of parameters to connect to the redis server

    $my_server = array('host' => '127.0.0.1','port' => 6379,'database' => 1);

should I add the password this way?

> $my_server = array('host'     => '127.0.0.1','port'     =>
> 6379,'database' => 1,'password'=>password);
  • last question, I'm trying to stop my redis-server on the live server. Every time I enter the followin开发者_运维问答g command , I keep getting the same error message

    redis-server stop

    [23925] 23 Sep 20:23:03 # Fatal error, can't open config file 'stop'

    usually on my local machine I enter

    /etc/init.d/redis-server stop

to stop redis server but its not working on my live server since there is no process called redis-server in my /etc/init.d


To set the password, edit your redis.conf file, find this line

# requirepass foobared

Then uncomment it and change foobared to your password. Make sure you choose something pretty long, 32 characters or so would probably be good, it's easy for an outside user to guess upwards of 150k passwords a second, as the notes in the config file mention.

To authenticate with your new password using predis, the syntax you have shown is correct. Just add password as one of the connection parameters.

To shut down redis... check in your config file for the pidfile setting, it will probably be

pidfile /var/run/redis.pid

From the command line, run:

cat /var/run/redis.pid

That will give you the process id of the running server, then just kill the process using that pid:

kill 3832

Update

I also wanted to add, you could also make the /etc/init.d/redis-server stop you're used to work on your live server. All those files in /etc/init.d/ are just shell scripts, take the redis-server script off your local server, and copy it to the live server in the same location, and then just look what it does with vi or whatever you like to use, you may need to modify some paths and such, but it should be pretty simple.


you can also use following command on client

cmd :: config set requirepass p@ss$12E45

above command will set p@ss$12E45 as a redis server password.


Example:

redis 127.0.0.1:6379> AUTH PASSWORD
(error) ERR Client sent AUTH, but no password is set
redis 127.0.0.1:6379> CONFIG SET requirepass "mypass"
OK
redis 127.0.0.1:6379> AUTH mypass
Ok


sudo nano /etc/redis/redis.conf 

find and uncomment line # requirepass foobared, then restart server

now you password is foobared


using redis-cli:

root@server:~# redis-cli 
127.0.0.1:6379> CONFIG SET requirepass secret_password
OK

this will set password temporarily (until redis or server restart)

test password:

root@server:~# redis-cli 
127.0.0.1:6379> AUTH secret_password
OK


For those who use docker-compose, it’s really easy to set a password without any config file like redis.conf. Here’s how you would normally use the official Redis image:

redis:
    image: 'redis:4-alpine'
    ports:
      - '6379:6379'

And here’s all you need to change to set a custom password:

  redis:
    image: 'redis:4-alpine'
    command: redis-server --requirepass yourpassword
    ports:
      - '6379:6379'

Everything will start up as normal and your Redis server will be protected by a password.

For details, this blog post seems to support the idea.


open redis configuration file

sudo nano /etc/redis/redis.conf 

set passphrase

replace

# requirepass foobared

with

requirepass YOURPASSPHRASE

restart redis

redis-server restart


  1. stop redis server using below command

    /etc/init.d/redis-server stop
    
  2. enter command: sudo nano /etc/redis/redis.conf

  3. find requirepass foobared word and remove # and change foobared to YOUR PASSWORD

ex. requirepass root


On versions prior to REDIS 6 , the only way to secure your REDIS is to open your redis.conf , uncomment the # requirepass line, and add in your password. However , the downside of this is that this is a global password shared by ALL connections.

requirepass iampwd

Unless you need backwards compatibility you should move to REDIS 6, and instead use ACLs to create users with the least privileges

acl setuser dummyuser on >dummypwd allcommands allkeys 

https://redis.io/topics/acl


For that, you need to update the redis configuration file.By default, there is no any password for redis.

01) open redis configuration file

sudo vi /etc/redis/redis.conf

find requirepass field under SECURITY section and uncomment that field.Then set your password instead of "foobared"

# requirepass foobared

It should be like,

requirepass YOUR_PASSWORD

Then restart redis and start redis-cli.

If you need to check whether you have set the password correctly, you can run below commads in redis-cli.

sithara@sithara-X555UJ ~ $ redis-cli
127.0.0.1:6379> set key1 18
(error) NOAUTH Authentication required.
127.0.0.1:6379> auth admin
OK
127.0.0.1:6379> get key1
(nil)
127.0.0.1:6379> exit


sithara@sithara-X555UJ ~ $ redis-cli
127.0.0.1:6379> set key1 18
(error) NOAUTH Authentication required.
127.0.0.1:6379> auth admin
OK
127.0.0.1:6379> set key2 check
OK
127.0.0.1:6379> get key2
"check"
127.0.0.1:6379> get key1
(nil)
127.0.0.1:6379> set key1 20
OK
127.0.0.1:6379> get key1
"20"
127.0.0.1:6379> exit

`


Run Command

redis-cli


redis 127.0.0.1:6379> AUTH PASSWORD
(error) ERR Client sent AUTH, but no password is set
redis 127.0.0.1:6379> CONFIG SET requirepass "amolpass"
OK
redis 127.0.0.1:6379> AUTH amolpass    
Ok

------------------OR ----------------------

Get Redis Installation Path

redis-cli config get dir

GET Config File Path

sudo find / -name "redis.conf" -exec grep -H "^dir" {} \; 2> /dev/null

generate the same password as this one:

echo "amol-pass" | sha1sum OUTPUT :960c3dac4fa81b4204779fd16ad7c954f95942876b9c4fb1a255667a9dbe389d

Edit : /etc/redis/redis.conf
requirepass 960c3dac4fa81b4204779fd16ad7c954f95942876b9c4fb1a255667a9dbe389d

Restart Redis

 service redis-server restart

 TEST Command : 
 redis-cli 
 set key1 10
 (error) NOAUTH Authentication required.
 auth your_redis_password


For Mac installed with HomeBrew/Brew (redis-cli):

redis-cli
AUTH oldpassword
CONFIG SET requirepass "newpassword"
CONFIG REWRITE

Restart:

brew services stop redis
//relogin


i couldnt find though what i should add exactly to the configuration file to set up the password.

Configuration file should be located at /etc/redis/redis.conf and password can be set up in SECURITY section which should be located between REPLICATION and LIMITS section. Password setup is done using the requirepass directive. For more information try to look at AUTH command description.


How to set redis password ?

step 1. stop redis server using below command /etc/init.d/redis-server stop

step 2.enter command : sudo nano /etc/redis/redis.conf

step 3.find # requirepass foobared word and remove # and change foobared to YOUR PASSWORD

ex. requirepass root


If you are losing password on Redis restart and you are running Redis as a windows service then you should set requirepass in redis.windows-service.conf file as well.


This error means there is no password set in your redis instance. If you send auth information from your code you will probably get this message. There are two ways to solve.

  1. Open the redis config file.

    sudo nano /etc/redis/redis.conf
    

    You can use 'where is' option to find '# requirepass'

    Uncomment the passphrase line and set new password

    # requirepass yourpassword
    
  2. Open terminal and connect redis-cli

    redis-cli
    
  3. Set passphrase

    CONFIG SET requirepass "yourpassword"
    
    
  4. Finally, you can test

    AUTH yourpassword
    

Thats is!

0

精彩评论

暂无评论...
验证码 换一张
取 消