Redis configuration connection password

Original link: https://fugary.com/?p=402

Redis supports password authentication by default. Generally, Redis can be accessed on the intranet, and IP can be restricted. It does not matter if you do not need a password. However, the information security level protection evaluation requires Redis to configure password access.

Single node Redis configuration password

redis.conf configure the password, find requirepass project, and remove the comment

 # requirepass foobared requirepass 12345678

Restart after modification.

If you are just testing, you can set a temporary password in redis-cli, it will be invalid next time you restart, and the connected client will not be affected :

 redis-cli -h 10.181.3.25 -p 6379 10.181.3.25:6379>CONFIG SET requirepass 1234567890

Client connection

 redis-cli -h 10.181.3.25 -p 6379 10.181.3.25:6379> get key (error) NOAUTH Authentication required.

Authenticate using the AUTH command with the password: AUTH 12345678 :

 10.181.3.25:6379> AUTH 12345678 OK

You can also bring a password when connecting to redis-cli :

 redis-cli -h 10.181.3.25 -p 6379 -a 12345678 10.181.3.25:6379> get key

SpringBoot connection

If the SpringBoot client does not configure a password, an error will be reported. The following is the Redisson error:

org.redisson.client.RedisAuthRequiredException: NOAUTH Authentication required.. channel: [id: 0x253ac582, L:/10.181.3.97:49802 – R:/10.181.3.25:6379] data: CommandData [promise=RedissonPromise [promise=ImmediateEventExecutor$ ImmediatePromise@52cbca32(incomplete)], command=(EVAL), params=[local value = redis.call(‘hget’, KEYS[1], ARGV[2]); if value == false then return nil; end; local t,…, 5, appws:dev:ws.account.nonce, redisson timeout set:{appws:dev:ws.account.nonce}, redisson idle set:{appws:dev:ws.account.nonce}, redisson map_cache__last_access set:{appws:dev:ws.account.nonce}, {appws:dev:ws.account.nonce}:redisson_options, 1662365670189, PooledUnsafeDirectByteBuf(ridx: 0, widx: 26, cap: 256)], codec=org .redisson.codec.FstCodec]

springboot then connects to the configuration and configures the password:

 spring: redis: host: 10.181.3.25 port: 6379 password: 12345678

Cluster configuration password

The cluster configuration is similar to that of a single machine. The master Redis configuration is the same as that of a single machine. The slave server needs to configure the password of the master server.

Replace the content of the redis.conf configuration file on the main Redis :

 sed -i 's/# requirepass foobared/requirepass 12345678/g' redis7000.conf sed -i 's/# requirepass foobared/requirepass 12345678/g' redis7001.conf sed -i 's/# requirepass foobared/requirepass 12345678/g' redis7002.conf

Replace the content from the redis.conf configuration file on Redis

Main configuration: requirepass 12345678 and masterauth 12345678

 sed -i 's/# requirepass foobared/requirepass 12345678/g' redis7000.conf sed -i 's/# requirepass foobared/requirepass 12345678/g' redis7001.conf sed -i 's/# requirepass foobared/requirepass 12345678/g' redis7002.conf sed -i 's/# masterauth <master-password>/masterauth 12345678/g' redis7000.conf sed -i 's/# masterauth <master-password>/masterauth 12345678/g' redis7001.conf sed -i 's/# masterauth <master-password>/masterauth 12345678/g' redis7002.conf

Just restart the server.

Client connection

Similar to the stand-alone version, the connection method is the same

 redis-cli -h 10.181.3.25 -p 7000 10.181.3.25:7000> cluster nodes NOAUTH Authentication required. 10.181.3.25:7000> auth 12345678

SpringBoot connection

Configure yml connection:

 spring: redis: cluster: nodes: xxxx password: 12345678

Configuration is complete.

This article is reprinted from: https://fugary.com/?p=402
This site is for inclusion only, and the copyright belongs to the original author.

Leave a Comment