我有 2 个运行 redis 的服务器,一个是开箱即用的 VM,一个旧的 Ubuntu (12.04) 和 redis 2.2.12,一个我自己用 redis 2.8.19 配置的新服务器,一个 centos 7. 我有一个带 Redis 的 Django 应用程序,它在 centos 服务器上失败了 Client sent AUTH, but no password is set
,如果我去 redis-cli,我使用 AUTH <anything>
它以相同的错误响应我,这没关系,但是,在 ubuntu 服务器中,如果我使用任何随 secret 码做同样的事情,它会说 OK
.这怎么可能?
两个服务器都没有在 redis.conf 文件中配置身份验证。
最佳答案
来自 redis.conf:
# Require clients to issue AUTH <PASSWORD> before processing any other
# commands. This might be useful in environments in which you do not trust
# others with access to the host running redis-server.
#
# This should stay commented out for backward compatibility and because most
# people do not need auth (e.g. they run their own servers).
#
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
#
# requirepass foobared
因此,除非您设置requirepass
,否则redis 将接受任何未经身份验证的命令。
关于django - 带有随 secret 码的Redis AUTH,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/36406691/