Question posted in
The official documentation can be found here.

Redis in-service authentication enablement

I have a redis infrastructure running already with no authentication enabled. I need to enable authentication due to security concerns. But the applications which connects to redis needs to be updated about the redis password and redis restart also required. This enablement requires a downtime. Is there any option available in redis to enable the authentication in-service. Or is there any transistion state where redis can accept both authenticated and un-authenticated request so that we can plan the auth in 2 phase approach?

Tags:

2

Answers


  1. 0

    It is impossible to enable authentication without restart. Best option is to replicate data to slave and serve from slave then you can enable authentication in master.

    For accepting both authenticated and un-authenticated commands you can create a wrapper around redis driver for creating a new client with authenticated request when authentication fails.

    I hope this will help you

    Login or Signup to reply.
  2. 0

    Is there any option available in redis to enable the authentication in-service

    You can use the config set requirepass password to enable authentication on the fly. However, after that, your client has to use the AUTH command to send the new password to Redis.

    NOTE: After restart of Redis, the password set by config set command will gone. So you must also set the password in config file.

    Or is there any transistion state where redis can accept both authenticated and un-authenticated request

    You can take a look at Redis 6.0’s ACL, which support different ACL control for different users.

    NOTE: Redis 6.0 is still in pre-release stage.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search