1

I have a 3-instance high availability redis deployed. On each server I have redis and sentinel installed. I am trying to set a password so that it requests it at the moment of entering with the command "redis-cli".

I am modifying the value of the "requirepass" parameter of the "redis.conf" file.

requirepass password123

Also inside the redis terminal, I am setting the password with the following commands

config set requirepass password123
auth password123

When I connect with the following command

redis-cli --tls --cert /<path>/redis.crt --key /<path>/redis.key --cacert /<path>/ca.crt -a password123

It works fine, my problem is when I restart the redis service, for some reason the password settings are not kept and I get the following message

Warning: AUTH failed

I do not know what configuration I need to do so that the change is maintained after restarting the redis service.

The version of redis that I have installed is "Redis server v=6.0.6"

2 Answers2

1

Check your ACL configuration,Your requirepass configuration will be ignored with ACL operation. I get follow infomation from redis.conf example file.

IMPORTANT NOTE: starting with Redis 6 "requirepass" is just a compatibility layer on top of the new ACL system. The option effect will be just setting the password for the default user. Clients will still authenticate using AUTH as usually, or more explicitly with AUTH default if they follow the new protocol: both will work. The requirepass is not compatable with aclfile option and the ACL LOAD command, these will cause requirepass to be ignored.

Renshaw
  • 1,075
  • 6
  • 12
  • 1
    You are right, I am checking the redis ACL and I see that the default user has configured not to use password 1) "user default on nopass ~* +@all" Is it possible to assign a password to the default user? –  Mar 22 '21 at 17:05
  • 1
    yes, you can assign password to default user. try `ACL SETUSER default on >newpass ~* +@all` – Renshaw Mar 23 '21 at 03:38
  • 1
    Thanks, testing this command I see that the default user is assigned a password. My only problem is that with that command, the password is temporary. If I restart the redis service it goes back to "nopass". Is there a way to make it permanent? –  Mar 23 '21 at 04:51
  • 1
    https://redis.io/topics/acl There are two ways in order to store users inside the Redis configuration. 1. Users can be specified directly inside the `redis.conf` file. 2. It is possible to specify an external ACL file. – Renshaw Mar 23 '21 at 08:45
  • 1
    I managed to set the password permanently for the default user. Adding these 2 parameters in the file "redis.conf" `requirepass newpass123` `masterauth newpass123` And in the file "sentinel.conf" `sentinel auth-pass mymaster newpass123` Thanks –  Mar 24 '21 at 04:19
0
config rewrite

This command will solve your issue of nopass after restart. After setting the requirepass from redis cli.

T.S.
  • 18,195
  • 11
  • 58
  • 78
Shubham Yadav
  • 1
  • 2