Remote connect to MongoDB on Digital Ocean


#1

I want to use Robomongo to connect to my MongoDB on Digital Ocean. I can archive that by making the MongoDB on Digital Ocean listen to all interfaces ( remove bind_ip line in mongod.conf ). But this makes the db vulnerable to people attack because everyone can connect to it. Is there any better way to do this ?
Any suggestion would be much appreciated. thank you.


#2

I use robomongo with a project in digital ocean and connect by SSH:
Connection tab:

  • Address: 127.0.0.1
  • Port: 27017

SSH tab:

  • SSH address: your droplet IP:22
  • The SSH username and password

#3

thank you very much :smiley:


#4

How about setting up authentication? My setup prevents attacks because even though the DB listens for connections from any IP address, only users who are able to authenticate can gain access.


#5

how do we find our ssh address and username?


#6

Am I missing something?

I did exactly as you suggest there and I cannot connect. The connection is refused.

I did not use a passphrase when creating the private key. Could that be the problem?

Cheers


#7

Just in case anyone else runs across this, the latest public release of Robomongo (0.9.0-RC6 at the time of this writing) does not allow SSH authentication for remote connections. There’s a way around this though.

On your remote server, edit mongod.conf:
sudo nano /etc/mongod.conf

Uncomment “port” and specify something inconspicuous (little more secure IMO, not running on the default 27017)
port = 47779

Comment out “bind_ip = 127.0.0.1”
#bind_ip = 127.0.0.1

From the client side (your system):
ssh -L 47779:localhost:47779 me@myRemoteServer

In my case, I also made this a bash alias. So all I have to type is bindrobomongo and then launch robomongo.

In your Robomongo connection settings for the remote server, set your connection to localhost:47779.

You’re basically binding a local port to forward to a remote port. You can choose a different local port number, it was just easier in my case to use the same one and instruct one of my padawan devs.

I wouldn’t recommend this though for super-heavy-secure production applications. Works well for my team in a remote dev environment setup.


#8

I just gave up an ended up using an admin package for Meteor.


#9

could help by adding: if you like RoboMongo you’ll love RoboChef!
No affiliation, but we found it to offer a lot more.

Cheers!