Login/Register
Does Redis use a username for authentication?
Asked Answered
databaseredis
H

3

21

I have set up Redis in my environment, and have only seen a section for authorizing via a password. Is there a way to set up a username too? Or is it only authenticated via password?

Hb answered 4/10, 2017 at 16:7 Comment(3)
redis.io/topics/security it's not really designed for external exposure.Nellienellir
Thank you for your replyHb
I'm voting to close this question as off-topic because its not a programming questionFash
S
20

On Redis 6 there are ACL's. These have a username. Check out https://redis.io/topics/acl

To get access with a username add the following on the redis.conf file:

user bert allcommands allkeys on >abc123
requirepass foobar

The 'user' command adds the user, and the requirepass command just sets the password for user 'default'.

To show how this looks in the redis-cli:

Redis# redis-cli -a foobar
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
127.0.0.1:6379> ACL LIST
1) "user bert on #6ca13d52ca70c883e0f0bb101e425a89e8624de51db2d2392593af6a84118090 ~* &* +@all"
2) "user default on #c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2 ~* &* +@all"

And login in, from redis-cli, on user 'bert':

redis-cli --user bert --pass abc123

It is currently unclear from the documentation how you can do this out of a program like NodeJS.

Subjacent answered 20/3, 2021 at 23:3 Comment(0)
G
10

Redis can only be authenticated via password.

Keep in mind that the password (like everything else) is sent over the network unencrypted so it is very easy to eavesdrop by anyone who can listen to the network traffic, so using a password is not enough to protect Redis that is exposed on the network:

The goal of the authentication layer is to optionally provide a layer of redundancy. If firewalling or any other system implemented to protect Redis from external attackers fail, an external client will still not be able to access the Redis instance without knowledge of the authentication password.

To safely use Redis over the network, you'd either use a network level tunnel or SSL/TLS, see:

Gnomic answered 19/6, 2018 at 16:44 Comment(0)
D
4

If you came here default username for redis, it is default.

If you have started Redis via docker like this redis-server --requirepass secretPassword! --protected-mode yes, then the redis URL in Python celery etc should be redis://default:secretPassword!@localhost/0.

Dactylic answered 28/3 at 6:34 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.