Thought it should be straight forward but I have a very hard time figuring out the following:
I got mongodb connection string: mongodb://user:password#123.123.123.111:27017/?authSource=admin
I want to be able to connect to mongo from localhost at port 1234 by doing: mongo localhost:1234
The solution is to create a tunnel, but nothing I do works for me.
I tried the following command:
ssh -L 1234:localhost:27017 user:password#123.123.123.111 -p 27017
Please help me understand what I am doing wrong.
You need to have a unix user on 123.123.123.111
ssh -L 1234:localhost:27017 UNIXuser#123.123.123.111
Then your local mongodb connection string is : mongodb://user:password#localhost:1234/?authSource=admin
MongoDB and ssh use different protocols, so you can't use ssh to connect directly to a mongod process.
If you want to use an ssh tunnel you will first need to have an account on the destination machine, and use that account's credentials with ssh to connect to port 22 (assuming default port). The mongod username/password will probably not be valid for ssh.
Once the tunnel is established, you would connect to the local port using a driver or mongo shell using the connection string:
mongodb://user:password#127.0.0.1:1234/?authSource=admin
Related
I am trying to do ssh tunneling and connect to my localhost which would forward my request to atlas cluster.
Note: My mongo connection string is srv string
Steps I followed.
1. ssh -N -L 27017:cluster0.acsacasc.mongodb.net:27017 -i /Users/cvrg/.ssh/id_rsa ubuntu#2.1.5.2
2 a. connect to string mongodb+srv://cd-cdd:cadcdacaca#localhost/dev?retryWrites=true&w=majority using mongoose/nestjs
2 b. connect to string mongodb://cd-cdd:cadcdacaca#localhost:27017/dev?retryWrites=true&w=majority using mongoose/nestjs
2 c. connect to string mongodb+srv://cd-cdd:cadcdacaca#localhost:27017/dev?retryWrites=true&w=majority using mongoose/nestjs
Nothing out of the above seems working and i didn't found anything which shows how to do tunneling for srv cluster string.
Please help
Note: I tried same with compass, and successfully able to connect but getting issues with terminal and nodejs
Anyone else having hard time doing this, i end up using https://github.com/sshuttle/sshuttle for tunneling/vpn.
Steps to use this:
1. connect to your jumper/bastion server using ssh.
2. sudo sshuttle -r user#jumper_ip 0/0 -vv
Voilla now you can use the same connection string provided by atlas cluster and would be able to connect with it.
I'm going to connect to a remote database using an SSH tunnel. Currently, I'm not sure how long the server is alive, but I will check with my provider.
However, is it safe to assume that I will be able to connect to the database by running this command: ssh -fNg -L 1337:database-name:3306 user#ssh-server.com once on the client? Or do I need to establish a connection all the time? I know there exist some npm modules to connect via SSH.
Thanks in advance!
I have MongoDB 3.2 installed on my Linux Red Hat server.
I am starting to access it and looking at the mongo Shell instructions.
For a Windows machine, the instructions want me to get to the command prompt and change dirs to the installation directory. The problem is, MongoDB is installed on my web server and not my local windows machine.
Question: does Mongo Shell apply to me then? How do I start using, connecting and accessing Mongo from my Windows and Mac machines?
[Note: I am a traditional MySQL / phpMyAdmin developer looking to advance to MongoDB]
Amendments:
(1) With the help of #AlexBlex I am progressing to trying to connect to my MongoDB on my server from Robomongo on my windows client. I get the following error when trying to setup my connection. I tried the address with just my server ip and with http://{my server ip}. Neither worked. See screen shot of error
(2) This is what I have in my current mongod.conf file:
#port=27017
bind_ip=127.0.0.1
(3) here is what my connection settings look like. Oddly, #AlexBlex's solution below shows an SSH tab on his Mac version. The Windows and Mac versions I just installed lacks that tab.
If you install MongoDB on your local machine, you can use the Mongo shell like below to connect to your remote server
mongo yourserver:27017/database
You will have to configure your Mongo server to allow remote connections. In order to achieve this you need to have the following line in your /etc/mongodb.conf file. You need to replace 10.0.0.2 with the ip address of your client machine.
bind_ip = 127.0.0.1,10.0.0.2
You need either ssh to the server where mongodb is installed, or install mongodb on local machine.
For robomongo to connect to remote host you need to ssh to the server, and check it listens on external interface:
lsof -i | grep 27017
In case it is bound to localhost only, you need to edit a line with bind_ip in /etc/mongodb.conf and restart the service.
I would recommend to keep it listening on the local interface only for security reasons, and use ssh tunnelling to connect:
I found the answer. #ShahNewasKhan is brilliant. See How to connect Robomongo to MongoDB
All you need to do is SSH to server and edit mongod.conf file:
uncomment #port=27017 to port=27017
comment bind_ip=127.0.0.1 to #bind_ip=127.0.0.1
restart mongodb via service mongod restart
Then create a mongo connection via your server ip in the address field and 27017 in the port field
Hope this helps mongo newbies and start-ups like me :) Good luck.
Now I just need to figure out how to make this secure. My concern is that anyone who knows my server ip can hack into my MongoDB
I have 2 machines: One has a mysql server that runs on localhost.The second one has no mysql server. I want to access the mysql server from the first machine on the second machine also on localhost. It should be something like a virtual localhost.
The first machine should log in the second machine via secure socket and should emulate the server there somehow.
Is something like this possible, how is it called , and how does it work.
Is this what is called a tunnel?
Yes, this is what is called a tunnel.
Assuming host A is running the mysql server and host B is the one that dose not.
To create the tunnel enter the following on host B:
ssh -L 3306:localhost:3306 username#A
(Add -f -N to the command to not execute any command on the remote host and immediately background the ssh connection).
This creates a listening port 3306 on host B which is forwarded over the ssh tunnel to localhost:3306 on host A.
Now just run mysql on host B and you should be able to connect to the mysql server on host A.
Hope it helps!
i've got another question for you.
I have Amazon EC2 instance with mondodb installed.
It works great except one thing - i can't access (connect to) it from outside (my PC).
I think the problem with Security Groups. It's some sort of default firewall.
Does anyone know how to configure EC2 instance to have access to mongodb?
Thanks in advance.
Think carefully before doing this. If you open the ports, make sure you restrict the IP numbers that can access it, otherwise anyone will be able to access your database. You can enable authentication in MongoDB, but it's not particularly safe, just a username and password. You should not have your database open to the internet, it is not a good idea.
A better way than opening up ports in the EC2 firewall is to open an SSH tunnel an forward the port, this makes sure that only you can access the database, and only while the SSH tunnel is active.
Open up a new terminal and run this command (replacing user and host with the user you use when SSH'ing to your server and the name of the server):
ssh user#host -N -L 27017:127.0.0.1:27017
The command will forward the port 27017 on your computer to the same port on the server. To connect to the MongoDB instance simply run mongo in a terminal (if that doesn't work, try mongo --host 127.0.0.1 or even mongo --host 127.0.0.1 --port 27017).
If you run MongoDB on your local machine you will have to change the first port, since the local server is already using it. In that case run this command instead:
ssh user#host -N -L 27018:127.0.0.1:27017
and then connect with
mongo --port 27018
(possibly adding --host 127.0.0.1 if it doesn't work).
When you're done working with the database, exit mongo and press ctrl-C in the terminal with the SSH command.
You need to add a security group exception for the port 27017 if you are using default config for you to access it from outside. For security group configuration, please check the amazon EC2 documentation. And if you are using a different port on Mongo, change the security group port accordingly.
--Sai
Is your EC2 instance a Windows server by any chance? If so, in addition to EC2's Security Groups you also need to configure Windows Firewall to allow the incoming connection.
Go To Administrative Tools, Windows Firewall with Advanced Security, and configure a new Rule that allows incoming connections on port 27017 (the default mongo port) or whatever port you've chosen.