How to fix : Error: Authentication failed - mongodb

I'm trying to connect remotely on a mongodb server throw my local machine, but i'm having some issues.
On the remote server i modified the 'mongod.cfg' file and i changed the bindIp from 127.0.0.1 to 0.0.0.0 to allow access. In the same file i changed the security by adding Authentication: 'enabled'.
I created an admin user:
> use admin
> db.createUser({user: "root", pwd: "root", roles:["root"]})
I started mongodb with --auth flag
> mongod --auth --port 27017
Once the server was up, i connect to it as administrator
mongo 127.0.0.1:27017 -u "root" -p "root" --authenticationDatabase "admin"
Once i was connected, i created a normal user
> use base
> db.createUser({user: "base", pwd: "base", roles:["dbOwner"]})
Then i disconnected from mongo shell and reconnected with new user credentials
> mongo <127.0.0.1:27017>/base -u "base" -p "base"
It worked properly on the remote server.
On the local machine i tried the same command on my local machine and it failed
> mongo 127.0.0.1:27017/base -u "base" -p "base"
[js] Error: Authentication failed. :
connect#src/mongo/shell/mongo.js:344:17
#(connect):2:6
exception: connect failed

127.0.0.1 is making reference to the localhost of the host machine, you need to set the user in both machines if you are going to use one, if you want to use a db that share the data in the cloud you can use Mlab or if both ip are in the same network you can make reference from one to another by the ip address
mongo <ip_address>:27017/base -u "base" -p "base"

Related

How to configure MongoDB to be able to connect using username and password?

I've a VMWare VM with Ubuntu 16.04.5 and just installed MongoDb 3.6 (not the latest, but it matches production environment)
Inside remote shell, I can run mongo and so my mongod service is working.
This is parts of /etc/mongod.conf file about auth
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1, 192.168.1.50
security:
suthorization: enabled
I created this user into the db admin
> use admin
switched to db admin
> show users
{
"_id" : "admin.realtebo",
"user" : "realtebo",
"db" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
]
}
Then I restarted mongod service.
The problem
I cannot no more access using mongo shell client, it refuses my connection
mongo -u realtebo -p passsword_i_setup_for_user_realtebo
MongoDB shell version v3.6.9
connecting to: mongodb://127.0.0.1:27017
2019-01-16T09:06:51.416+0100 W NETWORK [thread1]
Failed to connect to 127.0.0.1:27017,
in(checking socket for error after poll), reason: Connection refused
2019-01-16T09:06:51.416+0100 E QUERY [thread1]
Error: couldn't connect to server 127.0.0.1:27017,
connection attempt failed :
connect#src/mongo/shell/mongo.js:257:13
#(connect):1:6
exception: connect failed
Important notes
Sure, removing authorization: true and restarting, I can access again, so the daeom in running well, but I'd like to learn the right way: using user and password is the minimum
I verified that this exact user/password combo is working developing a little nodejs app that works using these credentials, and fails without using them, so password is right
I tried to remove auth and verified that "Studio 3T" (a mongodb client) on Windows host can succesfully access MongoDb on the guest, so there are no port/firewalls/other problems with the VM
Othe tries
Failed specifying the auth db, admin as you can see some lines above here.
mongo -u realtebo -p passsword_i_setup_for_user_realtebo --authenticationDatabase admin
Simple questions, I hope
What's the right way to create something like a superuser with user and password in mongodb? And then which 'method' must I use from win client and from linux shell client to access it?
I know that I then must create another user, a readWrite I suppose, for a single and specific db, but this is not the actual question. For now I need to be able to login as a super user to manage it
It's not an authentication problem, actually the server does not start at all ("Connection refused") because of an error in the /etc/mongod.conf file, should be:
security:
authorization: enabled
Also it's mandatory to add the option --authenticationDatabase admin when starting a client.
It was a so simple stupid error.
I fixed the following typo, note the s instead of a in suthorization
security:
suthorization: enabled
Restarted service
From linux shell I can succesfully connect using
mongo -u realtebo -p passsword_i_setup_for_user_realtebo --authenticationDatabase admin
From windows client I setup auth method on legacy and entered username and password
Now all works

How to use the mongodb localhost exception?

From the documentation:
The localhost exception allows you to enable access control and then
create the first user in the system. With the localhost exception,
after you enable access control, connect to the localhost interface
and create the first user in the admin database. The first user must
have privileges to create other users, such as a user with the
userAdmin or userAdminAnyDatabase role.
So I run the latest mongo with enabled access control (--auth):
docker run -p 27017:27017 mongo --auth
connect with my shell and try to create the admin user:
mongo
MongoDB shell version v4.0.2
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 4.0.2
> use admin
switched to db admin
> db.createUser(
... {
... user: "admin",
... pwd: "password",
... roles: [ { role: "userAdminAnyDatabase", db: "admin" }, "readWriteAnyDatabase" ]
... }
... )
2018-10-03T15:29:30.234+0200 E QUERY [js] Error: couldn't add user: command createUser requires authentication :
_getErrorWithCode#src/mongo/shell/utils.js:25:13
DB.prototype.createUser#src/mongo/shell/db.js:1491:15
#(shell):1:1
What am I doing wrong?
You are not connecting to localhost but to the exported port.
For the exception to work you need to connect to localhost from within the container.
E.g.:
docker exec -it `docker ps --filter ancestor=mongo --format "{{.ID}}"` mongo

Dump remote database: Failed: error connecting to db server: no reachable servers

I have a database in www.myweb.io, which has SSL. The version of mongo is 2.6.12 in the server: the version of mongo in local is 3.4.1. I want to dump it into my local machine, modify it, and then restore back.
I tried
mongodump --host www.myweb.io --port 22 --username myname --password "mypassword"
and it gave me an error:
2017-11-20T20:57:07.775+0100 Failed: error connecting to db server: no reachable servers
Does anyone know what host and post I should set?
PS: in my localhost, I can use the following setting in Robo 3T to connect to the database:
1) under Connection, specify localhost:27017
2) under SSH, check Use SSH tunnel, specify xxx.xx.xx.xx:22 as SSH Address
In /etc/nginx/sites-enabled/myweb.io, there is listen 443 ssl.
you are not connecting via SSL or TLS to the database.
Use an ssh tunnel to establish a connection to your mongodb
ssh -N -L 27018:localhost:27017 user#www.myweb.io
you can specify -f to let ssh go in the background
Verify that the tunnel is working
Using mongodb
mongo --port 27018
Or telnet
telnet localhost 27018
dumping the database
mongodump --host 127.0.0.1 --port 27018 --db <dbName>
restore it somewhere, do your modifications
dump your local modifications
reapply the local modifications remote for example with mongorestore or mongoimport

See / change local username and password for MongoDB?

Ive downloaded a project using MongoDB and im having trouble getting set up. From the terminal where ive run mongod I see this error:
2017-05-26T14:51:22.908+0800 I ACCESS [conn21] SCRAM-SHA-1 authentication failed for user on wesbostest from client 127.0.0.1:51653 ; UserNotFound: Could not find user user#wesbostest
From my npm start terminal mongoose logs out this error: Authentication failed.
My environment file has this line:
DATABASE=mongodb://user:pass#localhost:27017/wesbostest
Ive got MongoDB Compass installed. It successfully connects with these settings:
Hostname: localhost
Port: 27017
Authentication: None
SSL: Off
SSH Tunnel: Off
So I think the user:pass part of the environment file is wrong? How can I see what local username and password are and/or set them if no authentication is set up?
I solved this by setting a username and password for MongoDB:
MongoDB what are the default user and password?
Procedure
Start MongoDB without access control.
mongod --port 27017 --dbpath /data/db1
Connect to the instance.
mongo --port 27017
Create the user administrator.
use admin
db.createUser(
{
user: "myUserAdmin",
pwd: "abc123",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)
Re-start the MongoDB instance with access control.
mongod --auth --port 27017 --dbpath /data/db1
Authenticate as the user administrator.
mongo --port 27017 -u "myUserAdmin" -p "abc123" \
--authenticationDatabase "admin"

MongoDB + cannot connect to mongodb server using another DB

UPDATE
I also tried this to connect:
mongo -u root -p 1234 localhost:27017/anotherDB
But again, I can't connect.
END OF UPDATE
I am having problems on connecting to my mongodb server using another DB.
Here's what I did so far:
With auth=False in /etc/mongod.conf, I connected to my server and created a root user in admin db with this command:
db.addUser({ user: "root", pwd: "1234", roles: [{role:"root",db:"admin"}] }
Stop mongod service, set auth=true in the mongod.conf and restarted mongod service.
I connected to my mongod server using this command:
mongo -u root -p 1234 localhost:27017/admin
And I was able to connect. I then, switched to another db and created another user with these commands:
use anotherDB
db.createUser(
{
user: "anotheruser",
pwd: "1234",
roles: ["readWrite"]
}
Creation was successful. I then ended my current connection and tried to connect using this
command:
mongo -u anotheruser -p 1234 localhost:27017/anotherDB
But I can't connect and receiving this error:
Error while trying to show server startup warnings: not authorized on admin to execute command {getLog: "startupWarnings"}
What am I doing wrong? Any ideas are greatly appreciated. Thanks in advance!
I believe you are running into this issue:
https://jira.mongodb.org/browse/SERVER-13588
As of the this time, the fix is already in the master branch and is scheduled to be backported to 2.6.2.