Tech Monger

Programming, Web Development and Computer Science.

Skip to main content| Skip to information by topic

Set and Connect to Redis Database with Password

By default redis server does not require password for connection but it allows configuration to accepts remote connections which is potential security risk. If your redis server accept connections from remote client then it is of utmost importance to have password based authentication configured for your redis instance. Below we will check the configuration changes required to set password and secure our redis setup from an unauthorized access.

If you do not know how to setup redis then read installation instructions for Linux and Windows.

Configure Password for Redis Server

To set password you would need to modify redis configuration file and restart the redis server with modified configuration like below.

  1. Move to the redis server installation directory. 
    cd /home/techmonger/redis/redis-4.0.11/
  2. Open redis configuration file redis.conf (Linux) or redis.windows.conf (Windows).
  3. Uncomment following line and set strong password by removing default one.
    Default Configuration 
    #requirepass foobared
    Configuration after Setting Password 
    requirepass MyStr0ngP#d
  4. Start the redis instance with configuration file.
    • Start Redis Server - Linux 
      cd /home/techmonger/redis/redis-4.0.11/src/
./redis-server ../redis.conf
    • Start Redis Server - Windows 
      cd C:\Users\techmonger\Documents\Programs
redis-server.exe redis.windows.conf

Connect to Redis DB with Password

Above we have set password now let us connect to database with redis client. Here we will assume that redis is running on the the host example.com on the default port 6379. Note that we have set password as MyStr0ngP#d

  1. Start redis client to initiate connection by moving inside redis installation directory. 
    cd /home/techmonger/redis/redis-4.0.11/src
  2. Initiate connection by providing hostname (-h flag), port number(-p flag) and password (-a flag). 
    redis-cli -h example.com -p 6379 -a MyStr0ngP#d
127.0.0.1:6379> PING
PONG

Note that if you are trying to connect redis server that is running on same machine as that of client (via localhost) then hostname and default port number is not required. 

redis-cli -a MyStr0ngP#d
127.0.0.1:6379> PING
PONG

Also If you try to connect with invalid credentials then you should get following error.

(error) NOAUTH Authentication required.

redis-cli -h example.com -p 6379 -a hunter2
127.0.0.1:6379> PING
(error) NOAUTH Authentication required.
127.0.0.1:6379>

Conclusion

With above configuration we have secured redis installation so that it could be connected remotely without compromising security. We have also seen how to use -h, -p and -a flags to provide information about hostname, port and password respectively to initiate connection with redis database.

Tagged Under : Linux Open Source Redis Windows

Previous Next