One place for hosting & domains

      MongoDB

      How to Install MongoDB on Ubuntu 20.04


      An earlier version of this tutorial was written by Melissa Anderson.

      Introduction

      MongoDB, also known as Mongo, is an open-source document database used in many modern web applications. It is classified as a NoSQL database because it does not rely on a traditional table-based relational database structure.

      Instead, it uses JSON-like documents with dynamic schemas, meaning that, unlike relational databases, MongoDB does not require a predefined schema before you add data to a database. You can alter the schema at any time and as often as is necessary without having to set up a new database with an updated schema.

      In this tutorial you’ll install MongoDB on an Ubuntu 20.04 server, test it, and learn how to manage it as a systemd service.

      Prerequisites

      To follow this tutorial, you will need:

      Step 1 — Installing MongoDB

      Ubuntu’s official package repositories include a stable version of MongoDB. However, as of this writing, the version of MongoDB available from the default Ubuntu repositories is 3.6, while the latest stable release is 4.4.

      To obtain the most recent version of this software, you must include MongoDB’s dedicated package repository to your APT sources. Then, you’ll be able to install mongodb-org, a meta-package that always points to the latest version of MongoDB.

      To start, import the public GPG key for the latest stable version of MongoDB. You can find the appropriate key file by navigating to the MongoDB key server and finding the file that includes the latest stable version number and ends in .asc. For example, if you want to install version 4.4 of MongoDB, you’d look for the file named server-4.4.asc.

      Right-click on the file, and select Copy link address. Then, paste that link into the following curl command, replacing the highlighted URL:

      • curl -fsSL https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -

      cURL is a command line tool available on many operating systems used to transfer data. It reads whatever data is stored at the URL passed to it and prints the content to the system’s output. In the following example, cURL prints the content of the GPG key file and then pipes it into the following sudo apt-key add - command, thereby adding the GPG key to your list of trusted keys.

      Also, note that this curl command uses the options -fsSL which, together, essentially tell cURL to fail silently. This means that if for some reason cURL isn’t able to contact the GPG server or the GPG server is down, it won’t accidentally add the resulting error code to your list of trusted keys.

      This command will return OK if the key was added successfully:

      Output

      OK

      If you’d like to double check that the key was added correctly, you can do so with the following command:

      This will return the MongoDB key somewhere in the output:

      Output

      /etc/apt/trusted.gpg -------------------- pub rsa4096 2019-05-28 [SC] [expires: 2024-05-26] 2069 1EEC 3521 6C63 CAF6 6CE1 6564 08E3 90CF B1F5 uid [ unknown] MongoDB 4.4 Release Signing Key <packaging@mongodb.com> . . .

      At this point, your APT installation still doesn’t know where to find the mongodb-org package you need to install the latest version of MongoDB.

      There are two places on your server where APT looks for online sources of packages to download and install: the sources.list file and the sources.list.d directory. sources.list is a file that lists active sources of APT data, with one source per line and the most preferred sources listed first. The sources.list.d directory allows you to add such sources.list entries as separate files.

      Run the following command, which creates a file in the sources.list.d directory named mongodb-org-4.4.list. The only content in this file is a single line reading deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse:

      • echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list

      This single line tells APT everything it needs to know about what the source is and where to find it:

      • deb: This means that the source entry references a regular Debian architecture. In other cases, this part of the line might read deb-src, which means the source entry represents a Debian distribution’s source code.
      • [ arch=amd64,arm64 ]: This specifies which architectures the APT data should be downloaded to. In this case, it specifies the amd64 and arm64 architectures.
      • https://repo.mongodb.org/apt/ubuntu: This is a URI representing the location where the APT data can be found. In this case, the URI points to the HTTPS address where the official MongoDB repository is located.
      • focal/mongodb-org/4.4: Ubuntu repositories can contain several different releases. This specifies that you only want version 4.4 of the mongodb-org package available for the focal release of Ubuntu (“Focal Fossa” being the code name of Ubuntu 20.04).
      • multiverse: This part points APT to one of the four main Ubuntu repositories. In this case, it’s pointing to the multiverse repository.

      After running this command, update your server’s local package index so APT knows where to find the mongodb-org package:

      Following that, you can install MongoDB:

      • sudo apt install mongodb-org

      When prompted, press Y and then ENTER to confirm that you want to install the package.

      When the command finishes, MongoDB will be installed on your system. However it isn’t yet ready to use. Next, you’ll start MongoDB and confirm that it’s working correctly.

      Step 2 — Starting the MongoDB Service and Testing the Database

      The installation process described in the previous step automatically configures MongoDB to run as a daemon controlled by systemd, meaning you can manage MongoDB using the various systemctl commands. However, this installation procedure doesn’t automatically start the service.

      Run the following systemctl command to start the MongoDB service:

      • sudo systemctl start mongod.service

      Then check the service’s status. Notice that this command doesn’t include .service in the service file definition. systemctl will append this suffix to whatever argument you pass automatically if it isn’t already present, so it isn’t necessary to include it:

      • sudo systemctl status mongod

      This command will return output like the following, indicating that the service is up and running:

      Output

      ● mongod.service - MongoDB Database Server Loaded: loaded (/lib/systemd/system/mongod.service; disabled; vendor preset: enabled) Active: active (running) since Tue 2020-06-09 12:57:06 UTC; 2s ago Docs: https://docs.mongodb.org/manual Main PID: 37128 (mongod) Memory: 64.8M CGroup: /system.slice/mongod.service └─37128 /usr/bin/mongod --config /etc/mongod.conf

      After confirming that the service is running as expected, enable the MongoDB service to start up at boot:

      • sudo systemctl enable mongod

      You can further verify that the database is operational by connecting to the database server and executing a diagnostic command. The following command will connect to the database and output its current version, server address, and port. It will also return the result of MongoDB’s internal connectionStatus command:

      • mongo --eval 'db.runCommand({ connectionStatus: 1 })'

      connectionStatus will check and return the status of the database connection. A value of 1 for the ok field in the response indicates that the server is working as expected:

      Output

      MongoDB shell version v4.4.0 connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb Implicit session: session { "id" : UUID("1dc7d67a-0af5-4394-b9c4-8a6db3ff7e64") } MongoDB server version: 4.4.0 { "authInfo" : { "authenticatedUsers" : [ ], "authenticatedUserRoles" : [ ] }, "ok" : 1 }

      Also, note that the database is running on port 27017 on 127.0.0.1, the local loopback address representing localhost. This is MongoDB’s default port number.

      Next, we’ll look at how to manage the MongoDB server instance with systemd.

      Step 3 — Managing the MongoDB Service

      As mentioned previously, the installation process described in Step 1 configures MongoDB to run as a systemd service. This means that you can manage it using standard systemctl commands as you would with other Ubuntu system services.

      As mentioned previously, the systemctl status command checks the status of the MongoDB service:

      • sudo systemctl status mongod

      You can stop the service anytime by typing:

      • sudo systemctl stop mongod

      To start the service when it’s stopped, run:

      • sudo systemctl start mongod

      You can also restart the server when it’s already running:

      • sudo systemctl restart mongod

      In Step 2, you enabled MongoDB to start automatically with the server. If you ever wish to disable this automatic startup, type:

      • sudo systemctl disable mongod

      Then to re-enable it to start up at boot, run the enable command again:

      • sudo systemctl enable mongod

      For more information on how to manage systemd services, check out Systemd Essentials: Working with Services, Units, and the Journal.

      Conclusion

      In this tutorial, you added the official MongoDB repository to your APT instance, and installed the latest version of MongoDB. You then tested Mongo’s functionality and practiced some systemctl commands.

      As an immediate next step, we strongly recommend that you harden your MongoDB installation’s security by following our guide on How To Secure MongoDB on Ubuntu 20.04. Once it’s secured, you could then configure MongoDB to accept remote connections.

      You can find more tutorials on how to configure and use MongoDB in these DigitalOcean community articles. We also encourage you to check out the official MongoDB documentation, as it’s a great resource on the possibilities that MongoDB provides.



      Source link

      How To Secure MongoDB on Ubuntu 20.04


      An earlier version of this tutorial was written by Melissa Anderson.

      Introduction

      MongoDB, also known as Mongo, is an open-source document database used in many modern web applications. It is classified as a NoSQL database because it does not rely on a traditional table-based relational database structure. Instead, it uses JSON-like documents with dynamic schemas.

      MongoDB doesn’t have authentication enabled by default, meaning that any user with access to the server where the database is installed can add and delete data without restriction. In order to secure this vulnerability, this tutorial will walk you through creating an administrative user and enabling authentication. You’ll then test to confirm that only this administrative user has access to the database.

      Prerequisites

      To complete this tutorial, you will need the following:

      • A server running Ubuntu 20.04. This server should have a non-root administrative user and a firewall configured with UFW. Set this up by following our initial server setup guide for Ubuntu 20.04.
      • MongoDB installed on your server. This tutorial was validated using MongoDB version 4.4, though it should generally work for older versions of MongoDB as well. To install Mongo on your server, follow our tutorial on How To Install MongoDB on Ubuntu 20.04.

      Step 1 — Adding an Administrative User

      Since the release of version 3.0, the MongoDB daemon is configured to only accept connections from the local Unix socket, and it is not automatically open to the wider Internet. However, authentication is still disabled by default. This means that any users that have access to the server where MongoDB is installed also have complete access to the databases.

      As a first step to securing this vulnerability, you will create an administrative user. Later, you’ll enable authentication and connect as this administrative user to access the database.

      To add an administrative user, you must first connect to the Mongo shell. Because authentication is disabled you can do so with the mongo command, without any other options:

      There will be some output above the Mongo shell prompt. Because you haven’t yet enabled authentication, this will include a warning that access control isn’t enabled for the database and that read and write access to data and and the database’s configuration are unrestricted:

      Output

      MongoDB shell version v4.4.0 . . . 2020-06-09T13:26:51.391+0000 I CONTROL [initandlisten] ** WARNING: Access control is not enabled for the database. 2020-06-09T13:26:51.391+0000 I CONTROL [initandlisten] ** Read and write access to data and configuration is unrestricted. . . . >

      These warnings will disappear after you enable authentication, but for now they mean anyone who can access your Ubuntu server could also take control over your database.

      To illustrate, run Mongo’s show dbs command:

      This command returns a list of every database on the server. However, when authentication is enabled, the list changes based on the Mongo user’s role, or what level of access it has to certain databases. Because authentication is disabled, though, it will return every database currently on the system without restrictions:

      Output

      admin 0.000GB config 0.000GB local 0.000GB

      In this example output, only the default databases appear. However, if you have any databases holding sensitive data on your system, any user could find them with this command.

      As part of mitigating this vulnerability, this step is focused on adding an administrative user. To do this, you must first connect to the admin database. This is where information about users, like their usernames, passwords, and roles, are stored:

      Output

      switched to db admin

      MongoDB comes installed with a number of JavaScript-based shell methods you can use to manage your database. One of these, the db.createUser method, is used to create new users on the database on which the method is run.

      Initiate the db.createUser method:

      This method requires you to specify a username and password for the user, as well as any roles you want the user to have. Recall that MongoDB stores its data in JSON-like documents. As such, when you create a new user, all you’re doing is creating a document to hold the appropriate user data as individual fields.

      As with objects in JSON, documents in MongoDB begin and end with curly braces ({ and }). To begin adding a user, enter an opening curly brace:

      Note: Mongo won’t register the db.createUser method as complete until you enter a closing parenthesis. Until you do, the prompt will change from a greater than sign (>) to an ellipsis (...).

      Next, enter a user: field, with your desired username as the value in double quotes followed by a comma. The following example specifies the username AdminSammy, but you can enter whatever username you like:

      Next, enter a pwd field with the passwordPrompt() method as its value. When you execute the db.createUser method, the passwordPrompt() method will provide a prompt for you to enter your password. This is more secure than the alternative, which is to type out your password in cleartext as you did for your username.

      Note: The passwordPrompt() method is only compatible with MongoDB versions 4.2 and newer. If you’re using an older version of Mongo, then you will have to write out your password in cleartext, similarly to how you wrote out your username:

      Be sure to follow this field with a comma as well:

      Then enter the roles you want your administrative user to have. Because you’re creating an administrative user, at a minimum you should grant them the userAdminAnyDatabase role over the admin database. This will allow the administrative user to create and modify new users and roles. Because the administrative user has this role in the admin database, this will also grant it superuser access to the entire cluster.

      In addition, the following example also grants the administrative user the readWriteAnyDatabase role. This grants the administrative user the ability to read and modify data on any database in the cluster except for the config and local databases, which are mostly for internal use:

      • roles: [ { role: "userAdminAnyDatabase", db: "admin" }, "readWriteAnyDatabase" ]

      Following that, enter a closing brace to signify the end of the document:

      Then enter a closing parenthesis to close and execute the db.createUser method:

      All together, here’s what your db.createUser method should look like:

      > db.createUser(
      ... {
      ... user: "AdminSammy",
      ... pwd: passwordPrompt(),
      ... roles: [ { role: "userAdminAnyDatabase", db: "admin" }, "readWriteAnyDatabase" ]
      ... }
      ... )
      

      If each line’s syntax is correct, the method will execute properly and you’ll be prompted to enter a password:

      Output

      Enter password:

      Enter a strong password of your choosing. Then, you’ll receive a confirmation that the user was added:

      Output

      Successfully added user: { "user" : "AdminSammy", "roles" : [ { "role" : "userAdminAnyDatabase", "db" : "admin" }, "readWriteAnyDatabase" ] }

      Following that, you can exit the MongoDB client:

      At this point, your user will be allowed to enter credentials. However, they will not be required to do so until you enable authentication and restart the MongoDB daemon.

      Step 2 — Enabling Authentication

      To enable authentication, you must edit mongod.conf, MongoDB’s configuration file. Once you enable it and restart the Mongo service, users will still be able to connect to the database without authenticating. However, they won’t be able to read or modify any data until they provide a correct username and password.

      Open the configuration file with your preferred text editor. Here, we’ll use nano:

      • sudo nano /etc/mongod.conf

      Scroll down to find the commented-out security section:

      /etc/mongod.conf

      . . .
      #security:
      
      #operationProfiling:
      
      . . .
      

      Uncomment this line by removing the pound sign (#):

      /etc/mongod.conf

      . . .
      security:
      
      #operationProfiling:
      
      . . .
      

      Then add the authorization parameter and set it to "enabled". When you’re done, the lines should look like this:

      /etc/mongod.conf

      . . .
      security:
        authorization: "enabled"
      . . . 
      

      Note that the security: line has no spaces at the beginning, while the authorization: line is indented with two spaces.

      After adding these lines, save and close the file. If you used nano to open the file, do so by pressing CTRL + X, Y, then ENTER.

      Then restart the daemon to put these new changes into effect:

      • sudo systemctl restart mongod

      Next, check the service’s status to make sure that it restarted correctly:

      • sudo systemctl status mongod

      If the restart command was successful, you’ll receive output that indicates that the mongod service is active and was recently started:

      Output

      ● mongod.service - MongoDB Database Server Loaded: loaded (/lib/systemd/system/mongod.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2020-06-09 22:06:20 UTC; 7s ago Docs: https://docs.mongodb.org/manual Main PID: 15370 (mongod) Memory: 170.1M CGroup: /system.slice/mongod.service └─15370 /usr/bin/mongod --config /etc/mongod.conf Jun 09 22:06:20 your_host systemd[1]: Started MongoDB Database Server.

      Having verified the daemon is back up and running, you can test that the authentication setting you added works as expected.

      Step 3 — Testing Authentication Settings

      To begin testing that the authentication requirements you added in the previous step are working correctly, start by connecting without specifying any credentials to verify that your actions are indeed restricted:

      Now that you’ve enabled authentication, none of the warnings you encountered previously will appear:

      Output

      MongoDB shell version v4.4.0 connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb Implicit session: session { "id" : UUID("5d50ed96-f7e1-493a-b4da-076067b2d898") } MongoDB server version: 4.4.0 >

      Confirm whether your access is restricted by running the show dbs command again:

      Recall from Step 1 that there are at least a few default databases on your server. However, in this case the command won’t have any output because you haven’t authenticated as a privileged user.

      Because this command doesn’t return any information, it’s safe to say the authentication setting is working as expected. You also won’t be able to create users or perform other privileged tasks without first authenticating.

      Go ahead and exit the MongoDB shell:

      Note: Instead of running the following exit command as you did previously in Step 1, an alternative way to close the shell is to just press CTRL + C.

      Next, make sure that your administrative user is able to authenticate properly by running the following mongo command to connect as this user. This command includes the -u flag, which precedes the name of the user you want to connect as. Be sure to replace AdminSammy with your own administrative user’s username. It also includes the -p flag, which will prompt you for the user’s password, and specifies admin as the authentication database where the specified username was created:

      • mongo -u AdminSammy -p --authenticationDatabase admin

      Enter the user’s password when prompted, and then you’ll be dropped into the shell. Once there, try issuing the show dbs command again:

      This time, because you’ve authenticated properly, the command will successfully return a list of all the databases currently on the server:

      Output

      admin 0.000GB config 0.000GB local 0.000GB

      This confirms that authentication was enabled successfully.

      Conclusion

      By completing this guide, you’ve set up an administrative MongoDB user which you can employ to create and modify new users and roles, and otherwise manage your MongoDB instance. You also configured your MongoDB instance to require that users authenticate with a valid username and password before they can interact with any data.

      For more information on how to manage MongoDB users, check out the official documentation on the subject. You may also be interested in learning more about how authentication works on MongoDB.

      Also, if you plan to interact with your MongoDB instance remotely, you can follow our guide on How To Configure Remote Access for MongoDB on Ubuntu 20.04.



      Source link

      How To Configure Remote Access for MongoDB on Ubuntu 20.04


      An earlier version of this tutorial was written by Melissa Anderson.

      Introduction

      MongoDB, also known as Mongo, is an open-source document database used commonly in modern web applications. By default, it only allows connections that originate on the same server where it’s installed. If you want to manage MongoDB remotely or connect it to a separate application server, there are a few changes you’d need to make to the default configuration.

      In this tutorial, you will configure a MongoDB installation to securely allow access from a trusted remote computer. To do this, you’ll update your firewall rules to provide the remote machine access to the port on which MongoDB is listening for connections and then update its configuration file to change its IP binding setting. Then, as a final step, you’ll test that your remote machine is able to make the connection to your database successfully.

      Prerequisites

      To complete this tutorial, you’ll need:

      • A server running Ubuntu 20.04. This server should have a non-root administrative user and a firewall configured with UFW. Set this up by following our initial server setup guide for Ubuntu 20.04.
      • MongoDB installed on your server. This tutorial assumes that you have MongoDB 4.4 or newer installed. You can install this version by following our tutorial on How To Install MongoDB on Ubuntu 20.04.
      • A second computer from which you’ll access your MongoDB instance. For simplicity, this tutorial assumes that this machine is another Ubuntu 20.04 server, with a non-root administrative user and a UFW firewall configured following our initial server setup guide for Ubuntu 20.04. However, Steps 1 and 2, which describe the actual procedure for enabling remote connectivity on the database server, will work regardless of what operating system the remote machine is running.

      Lastly, while it isn’t required to complete this tutorial, we strongly recommend that you secure your MongoDB installation by creating an administrative user account for the database and enabling authentication. To do this, follow our tutorial on How To Secure MongoDB on Ubuntu 20.04.

      Step 1 — Adjusting the Firewall

      Assuming you followed the prerequisite initial server setup tutorial and enabled a UFW firewall on your server, your MongoDB installation will be inaccessible from the internet. If you intend to use MongoDB only locally with applications running on the same server, this is the recommended and secure setting. However, if you would like to be able to connect to your MongoDB server from a remote location, you have to allow incoming connections to the port where the database is listening by adding a new UFW rule.

      Start by checking which port your MongoDB installation is listening on with the lsof command. This command typically returns a list with every open file in a system, but when combined with the -i option, it lists only network-related files or data streams.

      The following command will redirect the output produced by lsof -i to a grep command that searches for a string named mongo:

      • sudo lsof -i | grep mongo

      This example output shows that MongoDB is listening for connections on its default port, 27017:

      Output

      mongod 82221 mongodb 11u IPv4 913411 0t0 TCP localhost:27017 (LISTEN)

      In most cases, MongoDB should only be accessed from certain trusted locations, such as another server hosting an application. One way to configure this is to run the following command on your MongoDB server, which opens up access on MongoDB’s default port while explicitly only allowing the IP address of the other trusted server.

      Run the following command, making sure to change trusted_server_ip to the IP address of the trusted remote machine you’ll use to access your MongoDB instance:

      Note: If the previous command’s output showed your installation of MongoDB is listening on a non default port, use that port number in place of 27017 in this command.

      • sudo ufw allow from trusted_server_ip to any port 27017

      In the future, if you ever want to access MongoDB from another machine, run this command again with the new machine’s IP address in place of trusted_server_ip.

      You can verify the change in firewall settings with ufw:

      The output will show that traffic to port 27017 from the remote server is now allowed:

      Output

      Status: active To Action From -- ------ ---- OpenSSH ALLOW Anywhere 27017 ALLOW trusted_server_ip OpenSSH (v6) ALLOW Anywhere (v6)

      You can find more advanced firewall settings for restricting access to services in UFW Essentials: Common Firewall Rules and Commands.

      Next, you’ll bind MongoDB to the server’s public IP address so you can access it from your remote machine.

      Step 2 — Configuring a Public bindIP

      At this point, even though the port is open, MongoDB is currently bound to 127.0.0.1, the local loopback network interface. This means that MongoDB is only able to accept connections that originate on the server where it’s installed.

      To allow remote connections, you must edit the MongoDB configuration file — /etc/mongod.conf — to additionally bind MongoDB to your server’s publicly-routable IP address. This way, your MongoDB installation will be able to listen to connections made to your MongoDB server from remote machines.

      Open the MongoDB configuration file in your preferred text editor. The following example uses nano:

      • sudo nano /etc/mongod.conf

      Find the network interfaces section, then the bindIp value:

      /etc/mongod.conf

      . . .
      # network interfaces
      net:
        port: 27017
        bindIp: 127.0.0.1
      
      . . .
      

      Append a comma to this line followed by your MongoDB server’s public IP address:

      /etc/mongod.conf

      . . .
      # network interfaces
      net:
        port: 27017
        bindIp: 127.0.0.1,mongodb_server_ip
      
      . . .
      

      Save and close the file. If you used nano, do so by pressing CTRL + X, Y, then ENTER.

      Then, restart MongoDB to put this change into effect:

      • sudo systemctl restart mongod

      Following that, your MongoDB installation will be able to accept remote connections from whatever machines you’ve allowed to access port 27017. As a final step, you can test whether the trusted remote server you allowed through the firewall in Step 1 can reach the MongoDB instance running on your server.

      Step 3 — Testing Remote Connectivity

      Now that you configured your MongoDB installation to listen for connections that originate on its publicly-routable IP address and granted your remote machine access through your server’s firewall to Mongo’s default port, you can test that the remote machine is able to connect.

      Note: As mentioned in the Prerequisites section, this tutorial assumes that your remote machine is another server running Ubuntu 20.04. The procedure for enabling remote connections outlined in Steps 1 and 2 should work regardless of what operating system your remote machine runs, but the testing methods described in this Step do not work universally across operating systems.

      One way to test that your trusted remote server is able to connect to the MongoDB instance is to use the nc command. nc, short for netcat, is a utility used to establish network connections with TCP or UDP. It’s useful for testing in cases like this because it allows you to specify both an IP address and a port number.

      First, log into your trusted server using SSH:

      • ssh sammy@trusted_server_ip

      Then run the following nc command, which includes the -z option. This limits nc to only scan for a listening daemon on the target server without sending it any data. Recall from the prerequisite installation tutorial that MongoDB is running as a service daemon, making this option useful for testing connectivity. It also includes the v option which increases the command’s verbosity, causing netcat to return some output which it otherwise wouldn’t.

      Run the following nc command from your trusted remote server, making sure to replace mongodb_server_ip with the IP address of the server on which you installed MongoDB:

      • nc -zv mongodb_server_ip 27017

      If the trusted server can access the MongoDB daemon, its output will indicate that the connection was successful:

      Output

      Connection to mongodb_server_ip 27017 port [tcp/*] succeeded!

      Assuming you have a compatible version of the mongo shell installed on your remote server, you can at this point connect directly to the MongoDB instance installed on the host server.

      One way to connect is with a connection string URI, like this:

      • mongo "mongodb://mongo_server_ip:27017"

      Note: If you followed the recommended How To Secure MongoDB on Ubuntu 20.04 tutorial, you will have closed off access to your database to unauthenticated users. In this case, you’d need to use a URI that specifies a valid username, like this:

      • mongo "mongodb://username@mongo_server_ip:27017"

      The shell will automatically prompt you to enter the user’s password.

      With that, you’ve confirmed that your MongoDB server can accept connections from the trusted server.

      Conclusion

      You can now access your MongoDB installation from a remote server. At this point, you can manage your Mongo database remotely from the trusted server. Alternatively, you could configure an application to run on the trusted server and use the database remotely.

      If you haven’t configured an administrative user and enabled authentication, anyone who has access to your remote server can also access your MongoDB installation. If you haven’t already done so, we strongly recommend that you follow our guide on How To Secure MongoDB on Ubuntu 20.04 to add an administrative user and lock things down further.



      Source link