云网牛站
所在位置:首页 > Linux云数据库 > 配置MongoDB 3.x/4.x身份验证的方法

配置MongoDB 3.x/4.x身份验证的方法

2019-02-08 10:49:28作者:陈自坚稿源:云网牛站

本文介绍配置MongoDB 3.x/4.x身份验证的方法。

 

很多人习惯于在没有身份验证的情况下运行MongoDB,如果尝试Lynis或Nessus安全审核,你可能会收到“No MongoDB authorization”的警告,本文我们将介绍如何在MongoDB中为用户/数据库设置身份验证。

 

你需要运行MongoDB,请参考:在Ubuntu 18.04/16.04系统中安装MongoDB的方法在RHEL 8/CentOS 8系统上安装和配置MongoDB 4的方法

 

当mongod服务正在运行时,使用mongo命令行工具连接到它:

# mongo --port 27017

 

然后创建具有root角色的用户帐户作为数据库admin:

> use testdb;

switched to db testdb

> db.createUser(

{

user: "dbadmin",

pwd: "StrongPassword",

roles: [ { role: "root", db: "admin" } ]

}

)

> exit

bye

 

打开文件/etc/mongod.conf并启用身份验证:

security:

authorization: enabled

 

重启MongoDB:

sudo systemctl restart mongod

 

通过以dbadmin用户身份连接到testdb进行测试:

mongo --port 27017 -u "dbadmin" -p --authenticationDatabase "testdb"

 

当要求输入密码时,请输入你设置的密码:

MongoDB shell version v4.0.2

Enter password: 

connecting to: mongodb://127.0.0.1:27017/

MongoDB server version: 4.0.2

Server has startup warnings: 

2019-02-08T10:02:40.821+0000 I CONTROL  [initandlisten] 

2019-02-08T10:02:40.821+0000 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.

2019-02-08T10:02:40.821+0000 I CONTROL  [initandlisten] **        We suggest setting it to 'never'

2019-02-08T10:02:40.821+0000 I CONTROL  [initandlisten] 

2019-02-08T10:02:40.821+0000 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.

2019-02-08T10:02:40.821+0000 I CONTROL  [initandlisten] **        We suggest setting it to 'never'

2019-02-08T10:02:40.821+0000 I CONTROL  [initandlisten] 

---

Enable MongoDB's free cloud-based monitoring service, which will then receive and display

metrics about your deployment (disk utilization, CPU, operation statistics, etc).

The monitoring data will be available on a MongoDB website with a unique URL accessible to you

and anyone you share the URL with. MongoDB may use this information to make product

improvements and to suggest MongoDB products and deployment options to you.

To enable free monitoring, run the following command: db.enableFreeMonitoring()

To permanently disable this reminder, run the following command: db.disableFreeMonitoring()

---

>

 

至此,可以使用MongoDB身份验证来访问特定数据库了。

 

相关主题

ubuntu18.04下使用Robo 3T连接Mongodb数据库

精选文章
热门文章