Module Hub Beta
Linux Pluggable Authentication Module (PAM) for Redis
This module replaces the original Redis AUTH command with an alternative implementation that uses the Linux PAM facility to authenticate users.
This module should be used as a proof of concept only. It provides an extreme example of how modules can extend Redis beyond the standard Redis Module API.
- Build a Redis server with support for modules.
- Create a
REDIS_SRC_DIRenvironment variable that points to your Redis source code:
- Build the password module:
- To load the module, Start Redis with the
--loadmodule /path/to/module.sooption, add it as a directive to the configuration file or send a
This module does not create new commands, it only modifies the way
AUTH expects users to provide both username and password in the format
<user>:<password>. This is validated against PAM as a
redis service authentication request.
requirepass settings is ignored as long as the module remains loaded in Redis.
There are several benefits for using PAM:
- Rely on OS user authentication, using same credentials use for OS access.
- Advanced OS authentication configuration such as Active Directory/LDAP membership.
- Additional security features are “for free”, like failed login throttling, granular restrictions based on source IP address, etc.