Introduction to Redis Auth
The redis auth command is used to authenticate the redis server with the password specified by the user. If the password matches the password in the configuration file, the server will return an OK status code before accepting commands. If the password entered is incorrect, an error is returned, and the user must enter the correct password or create a new password for redis server authentication.
Key Takeaways
- The auth password format only authenticates with the password specified by the required pass option. To authenticate with the database server, we use the redis auth command.
- We authenticate with the database server by using the config set command on the redis server.
What is Redis Auth?
The command will authenticate a connection in two ways. The first option is to assume that the redis server is password protected, in which case we will need the password options to authenticate with the database. If we are using redis version 6.0 or higher, the redis ACL system will be used. Prior to Redis 6.0, we only use one argument with the auth command.
Using this configuration, the redis server will deny any command simply by connecting to the client, unless we authenticate the connection with the auth command. The redis server is mainly used to authenticate the password-protected server using the specified password. If the provided password matches the password, the redis server responds with an ok command.
Uses of Redis Auth Authentication
Below steps shows how we can use the redis auth authentication by using the redis database server as follows:
1. First we are installing the server of the redis database on the ubuntu system by using the command name as apt. We are using the following command to install the redis server as follows.
# apt install redis-server
2. Now we are starting the redis database server on the ubuntu system by using the redis server command.
# redis-server
3. Now we are login in the redis database by using the redis cli command. In the below example, we can see that we have connected to redis database by using redis-cli command as follows.
# redis-cli
4. After login into the redis database server now we are executing the config set command, in that command we are passing the password of the user as follows.
CONFIG SET requirepass "mypass"
5. After defining the config set the password command and setting the password now in this step we are using auth command to authenticate with the database server as follows.
AUTH “mypass”
How to Authenticate Redis Connection?
By using auth command we are providing the password. Also at the time of using the ACL list, we are also providing a username with auth command.
Syntax:
AUTH <pwd>
AUTH <user_name> <pwd>
In the above syntax auth is the command which is used to authenticate with the server, if suppose authentication is successful then the server returns the ok status message. If suppose authentication is not successful then the server returns the error message. The password parameter is defined as the password provides to authenticate with the server. While using ACL list we are also using the username parameter with AUTH command in the redis server.
In the below example, we can see that we defined the required password value as mypass into the config path as follows.
CONFIG SET requirepass "mypass"
After setting the password as mypass, in the below example, we are using a different password, but the server gives the error that the supplied password is incorrect and needs to give the correct password.
AUTH "mypass1"
In the below example, we are authenticating with the database by using the correct password so it will give the status code as ok.
AUTH “mypass”
When using authentication, before executing any command, we must first authenticate with the database server; otherwise, the command cannot be executed. In the first example, we are not authenticating, so the error occurs. In the second example, we are authenticating with the database, so there is no error, as shown below.
HMSET set1 field1 "set"
AUTH “mypass”
HMSET set1 field1 "set"
Redis Auth Command
The command is mainly used to authenticate with the database server. When using the auth command to authenticate with the database server, we must provide the correct password. The below command shows auth in redis as follows. In the following example, we first set the password using the config set, and then we see that it authenticates with the database server as follows.
AUTH “mypass”
At the time of using auth command in redis, we need to login to the redis server by using redis-cli command.
# redis-cli
AUTH “mypass”
Examples of Redis Auth
Given below are the examples mentioned:
Example #1
In the below example, we are using an incorrect password with auth method as follows. After using an incorrect password it will show an error.
# redis-cli
AUTH “mypass12”
Example #2
In the below example, we are using the correct password with auth method as follows. After using correct password it will not show any error.
# redis-cli
AUTH “mypass”
Example #3
In the below example, we are not using the authentication method while login into the redis server. After not using any method redis is now allowed to execute any command.
# redis-cli
HMSET set1 field1 "example"
Example #4
In the below example, we are executing redis command by using auth command as follows.
AUTH “mypass”
HMSET set1 field1 "example"
Redis Auth Features
When using the redis database, the auth command is optional. We connect to the client while sending the auth command and then using the auth string. The UUID is included in every auth string. The auth string is present in every redis instance that has auth enabled. While the auth feature is enabled. For enabling the auth feature we need to enable the requirepass parameter in the redis configuration file.
# vi /etc/redis/redis.conf
We can disable the feature of redis auth by disabling the parameter of requirepass. In the below example, we are disabling the feature of requirepass as follows.
It allows us to ensure that known entities in our organization do not access the database unintentionally. Auth does not provide security during data transport. Also, it is not protecting our instance from VPC network access. When you enable auth on a redis server, an auth string is generated automatically. The 36 character string is generated at random by the auth string.
Conclusion
The command will authenticate a connection in two ways. The first option is to assume that the redis server is password protected, in which case we will need the password options to authenticate with the database. The command is used to authenticate the redis server using the user’s specified password.
Recommended Articles
This is a guide to Redis Auth. Here we discuss the introduction, uses of redis auth authentication, command, examples, and feature. You may also have a look at the following articles to learn more –