Redis安全性设置
设置客户端密码
一般默认登录客户端和使用命令操作时不需要密码。但是为了安全起见,可以设置客户端连接后进行任何操作之前进行密码验证,可以修改redis.conf(redis.windows.conf)进行配置。
################################## SECURITY ###################################
# Require clients to issue AUTH <PASSWORD> before processing any other
# commands. This might be useful in environments in which you do not trust
# others with access to the host running redis-server.
#
# This should stay commented out for backward compatibility and because most
# people do not need auth (e.g. they run their own servers).
#
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
#
requirepass root
上码段所示,requirepass 密码进行设置密码,设置后,有两种方式进行登录
(1)登录时不指定密码,在登录后使用auth命令进行登录
PS C:\Users\hz> redis-cli.exe -h localhost -p 6378
localhost:6378> keys *
(error) NOAUTH Authentication required.
localhost:6378> auth root
OK
localhost:6378> keys *
1) "my"
2) "l"
(2)登录时指定密码,可以直接访问数据
PS C:\Users\hz> redis-cli.exe -h localhost -p 6378 -a root
localhost:6378> keys *
1) "my"
2) "l"
localhost:6378> keys *
1) "my"
2) "l"