Description

Currently, kamailio NDB Redis integration with Sentinel does not offer support for password authentication, leading to potential security concerns in our system. As a result, we are unable to ensure the desired level of protection for sensitive data stored in Redis.
Expected Behavior:
We expect Kamailio to allow the configuration of password authentication for Sentinel in the NDB Redis integration, enabling a secure and password-protected connection to the Redis instances.
Proposed Solution:
To address this issue, we recommend implementing a feature that enables password authentication for the Sentinel-based NDB Redis connections. This improvement will provide an added layer of security, ensuring that only authorized users can access the Redis instances.

Impact:
The absence of password authentication support poses a security risk, making our system vulnerable to potential unauthorized access and data breaches. Implementing this enhancement will safeguard sensitive information and strengthen our Redis integration's security framework.

Note: as of now NDB REDIS support redis authentication using password

Troubleshooting

Reproduction

Steps to Reproduce:*

1. Attempt to configure password authentication for Sentinel in kamailio NDB Redis integration.
   ex:
   modparam("ndb_redis", "server", "name=srvZ;sentinel_group=group_name;sentinel_master=1;sentinel=1.2.3.4:26379;sentinel=1.2.3.5:26379";pass=mypassword")

*It is failed to connect the sentinel *

Debugging Data

(paste your debugging data here)

Log Messages

(paste your log messages here)

SIP Traffic

(paste your sip traffic here)

Possible Solutions

Additional Information

• Kamailio Version - output of kamailio -v

(paste your output here)

• Operating System:

(paste your output here)

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: <kamailio/kamailio/issues/3530@github.com>