Menu
current setup, 2 master servers, 12 worker servers: workers are connected to master through ssh-copy-id, masters and workers are writing data in redis-queues on masters. issue i have been facing for past week is that redis is writing data in the authorized_keys file, i cant reproduce this issue or confirm which server is doing this. I looked into the redis config file and i didn't find any setting that would make redis write in authorized_keys file. Has anyone else faced this issue or similar, i clear the authorized keys file and it writes into it again.
999
Your servers are most probably being/have been attacked by a "cracker". While it is possible that attack is over, you should treat your servers as compromised and act accordingly. This is in all likelihood the same approach described by Salvatore Sanfilippo a.k.a antirez, Redis' author and security researcher in his past, in this blog post.
To prevent this type of attacks which use Redis as a vector, please refer to the instructions in the Securing Redis in the Quicktart page as a starting point and the Security page for more information.
More discussion is at /r/redis
Update: more ramblings on the same topic at https://redislabs.com/blog/3-critical-points-about-security
187
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
