How to secure MongoDB with username and password
I want to set up user name & password authentication for my MongoDB instance, so that any remote access will ask for the user name & password. I tried the tutorial from the MongoDB site and did following:
use admin
db.addUser('theadmin', '12345');
db.auth('theadmin','12345');
After that, I exited and ran mongo again. And I don't need password to access it. Even if I connect to the database remotely, I am not prompted for user name & password.
UPDATE Here is the solution I ended up using
1) At the mongo command line, set the administrator:
use admin;
db.addUser('admin','123456');
2) Shutdown the server and exit
db.shutdownServer();
exit
3) Restart mongod with --auth
$ sudo ./mongodb/bin/mongod --auth --dbpath /mnt/db/
4) Run mongo again in 2 ways:
i) run mongo first then login:
$ ./mongodb/bin/mongo localhost:27017
use admin
db.auth('admin','123456');
ii) run & login to mongo in command line.
$ ./mongodb/bin/mongo localhost:27017/admin -u admin -p 123456
The username & password will work the same way for mongodump
and mongoexport
.
You need to start mongod
with the --auth
option after setting up the user.
From the MongoDB Site:
Run the database (mongod process) with the --auth
option to enable security. You must either have added a user to the admin db before starting the server with --auth
, or add the first user from the localhost interface.
MongoDB Authentication
First, un-comment the line that starts with #auth=true
in your mongod configuration file (default path /etc/mongo.conf
). This will enable authentication for mongodb.
Then, restart mongodb : sudo service mongod restart
This answer is for Mongo 3.2.1 Reference
Terminal 1:
$ mongod --auth
Terminal 2:
db.createUser({user:"admin_name", pwd:"1234",roles:["readWrite","dbAdmin"]})
if you want to add without roles (optional):
db.createUser({user:"admin_name", pwd:"1234", roles:[]})
to check if authenticated or not:
db.auth("admin_name", "1234")
it should give you:
1
else :
Error: Authentication failed.
0
链接地址: http://www.djcxy.com/p/36078.html
上一篇: 访问路径被拒绝
下一篇: 如何用用户名和密码保护MongoDB