Geek Answers Handbook

Mongo "auth failed" Only for remote connections. Local work is excellent

I have an instance of WIND Bitnami running on EC2. After significant finalization, I was able to successfully connect to the database using the local shell. I created authenticated users with all the permissions necessary to access the data, and when I run the code below, I can access the database without any problems.

sudo mongo admin -u <USERNAME-p <PASSWORD>

However, when I try to repeat this using a remote connection, I am repeatedly given the "auth failed" error from MongoDB.

 mongo <HOST>:<PORT>/<DATABASE> -u <USERNAME> -p <PASSWORD>

...

This is strange because I use the same credentials as when working with the local shell. The only difference is that I include host and port information. Since then, I have also confirmed that my remote connection works if I disable the auth option in the mongodb.config file.

 mongo <HOST>:<PORT>/<DATABASE>

Obviously, in production, I want to be able to authenticate. Do any of you have suggestions as to why there is a discrepancy between remote and local authentication?

+5
source share
5 answers

I ran into the same problem.

The problem for me is:

My local mongo shell was v2.6.10. It uses an authentication method called MONGODB-CR which is deprecated .

My version of the server is v3.0.4. It uses the SCRAM-SHA-1 authentication method.

Try checking the local version of the shell and the remote server with:

 mongo --version mongod --version

If they are different, upgrade the local shell to version v3. (I had to uninstall and install it again.)

+23
source

I previously installed MongoDB version 3.2.12 and was able to connect to the remote instance using:

 mongo -u '<USERNAME>' -p '<PASSWORD>' --host <REPLICA_SET>/<HOST>:<PORT> admin

I am creating a new cluster with version 3.4.2 and could not connect to the same team. After trying many different options, I finally realized that I needed to add -authenticationDatabase to the admin database.

 mongo -u '<USERNAME>' -p '<PASSWORD>' --host <REPLICA_SET>/<HOST>:<PORT> --authenticationDatabase admin
+1
source

This is mainly due to security concerns.

When you have access to the local environment, it is easy to assume that you are the system administrator or developer, because you have access to the machine itself.

If you do not have access to the local computer, you cannot guarantee this, and since database security is really important (in most cases), it makes sense not to enable remote access. You can, of course, disable this, but it is not recommended.

Hope I helped.

0
source

Install the same version both on the server and on the client, solving the problem for me. As @Alexandre explained above, this is probably a password encryption issue. MongoDB Version 3.2.7

I have successfully used two methods:

 mongo --host "your_host" --port "your_port" --username "your_user" --password "your_pass" --authenticationDatabase "your_admin_db" mongo "your_host:your_port/your_db" --username "your_user" --password "your_pass" --authenticationDatabase "your_admin_db"

Also, make sure your server is accessible for remote access. For more information on net.bindIp see https://docs.mongodb.com/v3.2/reference/configuration-options/

0
source

Just in case someone encounters the same problem, the authenticationDatabase is only required if you have created a user in the ANOTHER database. If you create a user in the database to which you are connecting, no problem.

Therefore, be careful: use then create a user.

If you were able to create your user in the administrator database, then you need the authenticationDatabase flag.

0
source

More articles:


All Articles