Redis raises "NOAUTH Authentication required" error but there is no password setting
Asked Answered
E

12

61

I got error NOAUTH Authentication required when I connect to Redis server via command: redis-cli and run ping to check if Redis is working.

I found answer for NOAUTH Authentication required error which describes that this error only happens when Redis is set a password, but I checked Redis config file at etc/redis/redis.conf and there is no password setting.

Redis config

Does anyone know that if there are other settings which can cause this error? Thanks for any help.

p/s: I am using Ruby on Rails web framework, Redis database is used for Sidekiq.

Edited: Redis version is 2.8.4. Server is hosted on AWS.

Currently, I decided to set a password for Redis server so that it can not be set password when it is running.

(When Redis server is restarted, it will work normal. You can run sudo service redis-server restart to restart Redis server.)

Ebon answered 6/12, 2015 at 7:48 Comment(9)
It could be that this isn't the config file that your server is using. Alternatively, it may be that someone connected to your server and set a password using the CONFIG SET requirepass command, in which case a restart of you Redis server should sort that out.Setsukosett
@ItamarHaber I sure that it is config file my server is using. Yes, I restart Redis server and it works again without password, but I don't know why it requires password later, and I can not run CONFIG get requirepass to get the password.Ebon
Probably because someone is connecting to your server and setting requirepass.Setsukosett
I am sure that no one change this. But does it effect without setting in config file, just change via command line and it is applied?Ebon
Yep - all config directives (I think) can be changed during runtime. Sending a CONFIG REWRITE persists the changes in the conf file.Setsukosett
Even we are getting the same issue. Were you able to figure out the specific reason for it?Namara
@Namara we have not figured out the root cause of this problemEbon
@Namara I decided to set password for Redis server to check if it still get this error.Ebon
@KienThanh thanks for getting back! Can you please provide details about the redis version you are using?Namara
T
55

We also faced a similar issue. Looks like someone scanned AWS, connected to all public redis servers, and possibly ran "CONFIG SET REQUIREPASS ''", thus locking down the running instance of redis. Once you restart redis, the config is restored to normal.

Best thing would be to use AWS security group policy and block port 6379 for public.

Tempietempla answered 8/12, 2015 at 6:43 Comment(6)
In my case, the troll cleared the database (ran FLUSHALL), then ran CONFIG SET REQUIREPASS '', twice. Luckily I had backups, thank you for pointing the exact vunerability that allowed him to do this, and how to fix it.Selfmoving
Seems like the very reasonable explanation, had same problem on AWSTooley
I think I have the same problem, but how did you restart redis? When I try "sudo /etc/init.d/redis_6379 restart", I get "Stopping ... (error) NOAUTH Authentication required."Germinate
Nevermind, I found the PID and sudo kill'd the process.Germinate
@Germinate you can run sudo service redis-server restart to restart redisEbon
@KienThanh thanks but that didn't work for me (perhaps it was not installed as a service?)Germinate
M
15

I'm running Redis with Docker and there is an authentication password with the REDIS_PASSWORD env variable.

After connecting to the container with docker exec command, connect to redis CLI by entering the redis-cli command.

Then enter auth {password}, (the password that is set with the REDIS_PASSWORD)

Margeret answered 8/11, 2021 at 10:58 Comment(0)
M
13

specific your redis password in the redis-cli command line eg:

redis-cli -h 127.0.0.1 -p 6379 -a "$your_password"

check your $your_password.

It's recommend to add double quote to the password on the command line.

Moony answered 15/5, 2022 at 9:9 Comment(2)
I think -a should be used for the password. This worked for me sudo -u redis -g redis redis-cli --user admin -h ${IP_ADDRESS} -p 6379 -a "$ADMIN_PASS"Ous
@Ous You are right. I‘ve corrected my typo.Moony
D
7

Redis password has been saved in redis.conf in this /etc/redis/ directory you are able to see/edit redis config/password by:

sudo vim /etc/redis/redis.conf

Scroll to the SECURITY section and look for a commented directive that reads(use / to enter a phrase to search in vim and press enter):

# requirepass foobared

Uncomment it by removing the #, and change the foobared to a secure password (save changes by press esc key and :wq).

you can use openssl to generate a secure password to use in real project on server:

openssl rand 60 | openssl base64 -A

and copy secure password to redis.conf or use a simple password for learning on the local machine. After the password is changed don't forget to restart the redis service by:

sudo systemctl restart redis.service

use redis-cli to enter redis shell. then enter password using auth.

127.0.0.1:6379> auth your_password
OK
127.0.0.1:6379>

credits goes to DigitalOcean Community read more about securing redis here.

Dubois answered 8/1, 2023 at 8:7 Comment(0)
R
4

I Have the same problem. after that I'm set requirepass for the redis server.
And add that password in initializer/redis.rb

$redis = Redis.new(:password=>"****") 

It works fine

Reformed answered 10/12, 2015 at 4:0 Comment(1)
you should also limit connect to your Redis port if your server is installed on AWS.Ebon
A
4

Had the exact same problem running Redis on an AWS instance. I would restart redis-server without any password requirements (#requirepass ''), would work fine for a few hours, then would throw "NOAUTH Authentication required" and eventually would have to restart redis-server.

Checked the Security Groups settings in AWS for the instance and saw port 6379 open to the public (0.0.0.0/0). We limited the port access to our only server that needs to access and haven't seen the issue come up ever since!

P.S. This is my first ever contribution to StackOverflow. Thanks for the help!

Atwell answered 11/12, 2015 at 16:22 Comment(0)
B
3

I had the same issue (running on AWS) and discovered our redis port was exposed. You probably had the same. Someone was messing around.

EDIT: The solution: reset your redis password and then (assuming you have it running as a service) restart the service providing the new password

Bollen answered 7/12, 2015 at 18:28 Comment(3)
Yes, I restarted server and it works normal but then stuck again. So I decided to set a password for it so that it can not set new password again.Ebon
Do you have your redis port (presumably 6379) exposed to the world? Closing it is the first step in the solution.Bollen
Yes, maybe the server is not protected port 6379 of redis. My solution is set a password for redis server so it can not be override password.Ebon
A
2

If you have made any changes in configuration file then don't forget to restart redis service with sudo service redis-server restart command.

Edit: If you are running redis service in production mode then redis requires password to run. For that you need to set password in your config file present at /etc/redis.

You need to set requirepass ******* in that file under ########### SECURITY ############ section.

Then restart your server sudo service redis-server restart.

After that add that password in your config or initializer file where you have set your hostname and port. Example:

$redis = Redis.new(:host => 'localhost', :port => 6379, :password => "*******")

Armand answered 7/12, 2015 at 10:38 Comment(1)
I did not make any change, the Redis server require a password when it is running while configuration is not set password.Ebon
N
2

You can have a try: auth 'foobared' It should be default password in config file: /etc/redis/redis.conf

Newscast answered 4/8, 2021 at 11:39 Comment(0)
C
0

I Have the same problem, I found it's caused by someone starting redis with another redis.cnf configure file, So I stopped redis-server and then started redis-server to specify a configure file.

redis-server /etc/redis.cnf

Then everything works fine.

Chu answered 23/9, 2016 at 7:8 Comment(0)
C
0

I was getting the same error on localhost so just tried this, which is default behaviour by the way:

redis-cli
auth admin

And it worked. By the way if anyone just struggling for

redis.conf

(as i was) just use:

nano /usr/local/etc/redis.conf

you can also see you password here in redis.conf file against

requirepass (can search for it in file)

Note: Don't use such configuration for production its just for localhost.

Connolly answered 28/6, 2022 at 11:43 Comment(0)
B
0

If you are still facing issues like after setting requirepass as "" still you are being asked for password then you should go for acl list

Don't forget to fire acl save after calling config set requirepass ""

Balaton answered 3/4 at 9:45 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.