Mongo "auth failed" Only for Remote Connections. Local Works fine

Question

I have a Bitnami MEAN instance running on EC2. After much finagling, I've been able to successfully connect to the DB using the local shell. I created authenticated users with all of the permissions necessary to access the data, and when I run the below code -- I am able to access the DB with no problem.

sudo mongo admin -u <USERNAME-p <PASSWORD>

That said, when I try to repeat this using a remote connection I am repeatedly given an "auth failed" error from MongoDB.

mongo <HOST>:<PORT>/<DATABASE> -u <USERNAME> -p <PASSWORD>

...

This is strange because I am using the exact same credentials as I do in running the local shell. The only difference is I'm including the host and port information. I've since also confirmed that my remote connection DOES work if I disable the auth parameter in mongodb.config.

mongo <HOST>:<PORT>/<DATABASE>

Obviously, in production I want to be able to authenticate. Do any of you have suggestions as to why there is a discrepancy between remote and local authentication?

Answer 1

Install the same version both on the server and on the client solved the problem for me. As @Alexandre explained above, it is probably a problem of password encryption. MongoDB version 3.2.7

I tried successfully with the two methods:

mongo --host "your_host" --port "your_port" --username "your_user" --password "your_pass" --authenticationDatabase "your_admin_db"

mongo "your_host:your_port/your_db" --username "your_user" --password "your_pass" --authenticationDatabase "your_admin_db"

Besides, make sure that your server is available for remote accesses. See details about net.bindIp at https://docs.mongodb.com/v3.2/reference/configuration-options/

Answer 2

If you're using more recent versions of MongoDB (server version 4.2.6 / shell version v3.6.9 in my case) you don't have to force them to match like in @Alexandre's example. For instance, if you're getting this error:

[thread1] Error: Authentication failed. :
DB.prototype._authOrThrow@src/mongo/shell/db.js:1608:20

You can connect with this syntax:

mongo --host mongodb://username:password@IP:PORT/ --authenticationDatabase admin

Answer 3

I was facing the same issue.

The problem for me:

My local mongo shell was v2.6.10. It uses an authentication method called MONGODB-CR that has been deprecated.

My server version is v3.0.4. It uses an authentication method called SCRAM-SHA-1.

Try to check your local shell and remote server versions with:

mongo --version
mongod --version

If they are different, upgrade your local shell to v3. (I had to uninstall and install it again.)

Answer 4

I had previously be installing MongoDB version 3.2.12 and was able to connect to a remote instance using:

mongo -u ‘<USERNAME>’ -p ‘<PASSWORD>’ --host <REPLICA_SET>/<HOST>:<PORT> admin

I am creating a new cluster with version 3.4.2 and was not able to connect with the same command. After trying many different options I was finally able to figure out that I needed to add --authenticationDatabase before the admin database.

mongo -u ‘<USERNAME>’ -p ‘<PASSWORD>’ --host <REPLICA_SET>/<HOST>:<PORT> --authenticationDatabase admin