Public connection to AWS Linux server - linux

I'm quite new to setting up the config for servers.
I want to have a user connect my Linux server, I'm using AWS to host the virtual machine. I cannot find anywhere to do this without using the public key. I want the user to just have to enter a username and password.
Any help would be appreciated!

Why the user will connect your server? Is for database operations or something? If it is for database operations, you can use an API for this. A direct user connection to server is not a good thing. If you want to connect your server for configurations, you can use ssh to connect to your server.

Related

Connect to remote server without SSH Key using VSCode and AWS SSM

I'm looking for a way to connect to a server with VSCode without an SSH key. One way is to enable password authentication which I'd rather avoid. The servers are on company LAN but I still don't want to go that route.
We've looked at solutions such as Okta ASA for keyless SSH connection (client/agent model). And also AWS SSM with IAM Roles and profiles. Both work great through Terminal, but not sure how that connection could be passed through an IDE such as when you use a key or password.
Any thoughts or directions would be helpful. Thanks!

Connection Node app with MongoDB hosted in a Droplet

I am now trying to host my Angular, Node, MongoDB app on DigitalOcean. I have succesfully set up the two Droplets, one for Node Backend and one for MongoDB Database. Until now I was using a local link to connect to local database like the following link mongodb://localhost:27017/creditApp .
How do I connect my Node app hosted in Droplet to the MongoDB hosted in another Droplet? The database has admin password set up, also has allowed the IP address from my backend in the ufw list. I assume it needs a config object with admin name, password, ssh key .pub file etc and attach that object while trying to connect it, but I am not quite sure how to do it. How do I get this done?
Any help will be highly appreciated, thanks in advance.

How to restrict a server so it only allows SSH, a connection to an external RabbitMQ server, and a connection to an external MongoDB server?

I have a Ubuntu server which needs to only do the following:
Allow SSH access from me. I'm thinking of using a combination of private key + password for this. I would mainly be pulling code from Github and updating software on the server. The solution for this seems to be AuthenticationMethods.
Allow connections to an external RabbitMQ server. (There would be a local node app connecting to the RabbitMQ server).
Allow connections to an external MongoDB database. (There would be a local node app connecting to the MongoDB database).
All other connections should be blocked.
How can I accomplish this?
Thank you.
Put a firewall, allow only:
rabbitmq-ip:rabbitmq-port
mongodb-ip:mongodb-port
all-ips:ssh-port
And use a private key for SSH. This way, you can use that key for SSH connections and only people who have that key can do SSH to the server.
You also have to use SSH for git pulls as this configuration does not allow HTTPS connections to the server.

Connecting to Mongodb Amazon EC2 instance programmatically in Nodejs

I am making a NodeJS webapp. I would like to deploy the app using Amazon's elastic beanstalk and I would like to use MongoDB as the database. Right now my understanding of a solution is to:
Set up a MongoDB instance on an Amazon EC2 instance (I've already done this)
Connect to this database programmatically in server.js to read and write to the database
Does this solution make sense? If so, how do I connect to the EC2 MongoDB instance programmatically?
I've found the official MongoDB package for node:https://www.npmjs.com/package/mongodb
but the documentation only mentions connecting to a local instance of MongoDB:
// Connection URL
var url = 'mongodb://localhost:27017/myproject';
// Use connect method to connect to the Server
MongoClient.connect(url, function(err, db) {
assert.equal(null, err);
console.log("Connected correctly to server");
db.close();
});
Current I am able to ssh into my EC2 MongoDB instance but I don't understand how to take the next step and connect to it programmatically.
When I ssh into the EC2 MongoDB instance, I need to provide a .pem key file, do I need to do something similar when I connect programmatically?
As per your use case your Mongodb is local on a EC2 instance. So when you connect to Mongodb you will have to SSH using a pem key to EC2 instance in order to connect to the Mongodb. If you want to avoid using pem key each time, you can create a SSH user which can SSH to instance using UN and password.
This is helpful guide to achieve it:
https://coderwall.com/p/j5nk9w/access-ec2-linux-box-over-ssh-without-pem-file
Or another way is connecting using the SSH key.
No, you don't need a .pem key for connecting to MongoDB instance.
Make sure your Ec2 instance has a public domain or IP. This IP can be used in place of localhost in your node DB configuration.
The mongo server should be running on the instance. Check mongo shell to confirm.
Create a VPC for better management of instance and define security group with required ports.
Use security credentials in your database configuration file.
I would suggest to always have a private IP for database instances and the instance on which your HTTP server is running should have public IP which is mapped with DNS provider. Open minimum ports on DB server mainly :27017 which makes it secure. Both the instances should be inside once VPC since private IP's are only accessible here.

How to connect Mongodb Admin GUI to Cloud Foundry?

I am looking a way to browse my Cloud Foundry Mongodb services. Look like there are two options:
Tunneling to a Cloud Foundry Service with Caldecott http://docs.cloudfoundry.com/tools/vmc/caldecott.html. I never tried this but I guess it may work.
My question is this: Is it possible to connect directly into Cloud Foundry from Mongodb Admin GUI such as mViewer or Mongovue? But if so, how do I know the username/password in process.env.VCAP_SERVICES['mongodb-1.8'][0]['credentials']?
https://github.com/Imaginea/mViewer
http://www.mongovue.com/2011/08/04/mongovue-connection-to-remote-server-over-ssh/
By using the GUI client you have to get a tunnel to the service. Once you open it in a CLI console the connection info will be generated and displayed, including the host address, usually 127.0.0.1, port number, username and password. You cannot connect using the values from VCAP_SERVICES if you try to do that from outside environment because these will be local values behind the CF router.
You need to create a tunnel using Caldecott.
See http://docs.cloudfoundry.com/tools/vmc/caldecott.html.
When you open the tunnel, it should provide you with either a command line client, or the credentials to use.
In case it does not, create a piece of code that returns a dump of process.env.VCAP_SERVICES when visit a certain url on your server.

Resources