remote

Can't Connect to mongo 28017 from remote host...

Admittedly, it's been a long, long time since I've had to do a fresh install of mongodb...I am in the process of setting up a couple of mongo servers behind my firewall to use for cluster testings.  Ancient PC's.  AMD Athalon class.  One even has a floppy disk installed. Anyway, once I had the OS installed (Ubuntu 12.10 server) and all the various packages, including mongodb, added to the system, I wanted to access the mongodb from another machine on my network but for the life of me I couldn't connect to the default port of 28017.

Oh, I could connect from localhost using wget without problem.

netstat -a | grep -i listen

Showed port *:28017 in listen mode so no problem there...

I even added the port via iptables to the firewall rules:

iptables -A INPUT -p tcp -d 0/0 -s 0/0 --dport 28017 -j ACCEPT

But I still couldn't connect.

I started to browse /etc/mongodb.conf file looking for a configuration setting that may prevent me from accessing remotely and there is was:

bind-ip = 127.0.0.1

Since I don't have concerns about security on my private network, I commented out this line and restarted mongo services.

(side note:  you don't want to do this on a production server - instead, use a comma-separated list of ip-addresses to specifically authorize which remote hosts you will permit to connect to your mongo server.)

Worked!  Full access from within my network to mongod!

Hope this helps!

X11Forwarding from CentOS 6 Linux to Mac OS X Lion via SSH

In my previous post, I wrote about getting gpass (a password manager for the gnome desktop) compiled from source and running on our CentOS 6 platform.  The screenie I took of the welcome screen was a mac-i-fied version.

I had configured my Linux machine to support X11 port-forwarding over a secure shell.  It was surprisingly quick and easy to set-up and execute.

I wanted to remote-display the gpass window to my Mac OS X Lion desktop because I needed to transfer passwords from my 1Password application (running on Lion) to my gpass (Linux) program.  Some of the passwords are pretty gnarly so the only way I can guarantee transferring data without making typos was to set-up a copy-paste-friendly environment.

One quick caveat. I've noticed that, when I terminate an X11 program from my Lion shell, I can no longer use that shell to initialize another X11 applet.  I need to exit and re-start the terminal.  If you know of the work-around for this, please leave a comment/reply to this post.

For all the following commands, it is assumed you have sudo privileges on your Linux system.

The first step I took was to edit the /etc/ssh/ssh_config file.  At the end of the file, past the comments, there is a section labeled:

Host *

...

ForwardX11Trusted yes X11 Forwarding yes

...

Make sure that you have those two lines, uncommented and present, in your configuration.

Next, (re)start your sshd server:

# /etc/init.d/sshd restart

Stopping sshd:                                         [ FAILED ] Generating SSH1 RSA host key:         [      OK      ] Generating SSH2 RSA host key:         [      OK      ] Generating SSH2 DSA host key:         [      OK      ] Starting sshd:                                           [      OK      ]

 

In case you're curious, the FAILED message in the first line of output was generated because I didn't already have sshd running on my system.

My machines run on a 192.168 subnet behind two firewalls - the firewall on my DSL modem, and the firewall on my multi-port router.  Normally, I'm not too concerned about the security of my individual machines.  (e.g.: I'm not running a software firewall on my Mac or my Linux server.)  My subnet is DHCP-served by my router and the router is on it's own subnet DHCP-served by the dsl router/modem.

I need to obtain the current IP address of my linux server which I do so my running the ipconfig command.

Next, I switch over to my Mac and open a terminal -- within the terminal, I enter:

iMac:~ mike$ ssh -X 192.168.0.6
The authenticity of host '192.168.0.6 (192.168.0.6)' can't be established.
RSA key fingerprint is f9:04:2d:0e:70:3d:a7:8f:92:c0:02:69:8c:f2:e6:51.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.6' (RSA) to the list of known hosts.
mike@192.168.0.6's password:
whassup?
/usr/bin/xauth: creating new authority file /home/mike/.Xauthority
[mike@codeMonkey ~]$

At the command prompt, I now only have to enter whatever X11 command and that program will be displayed on my Mac Desktop.  I can even open and start an entire desktop session.  I could - but I won't -- my Linux server only has 2gB of Ram...

Instead, I'll open a gnome-terminal.  So, at the prompt, I simply type: gnome-terminal and I get the gnome-terminal to appear on my desktop:

That's pretty much all there is to it, as far as I could tell.  Eazy-peezy.

One last note -- once you have a terminal running on your Lion desktop, then any X11 commands, such as gpass, you enter will all be displayed on your Lion desktop.  This circumvents the one-terminal-one-applet restriction I mentioned at the top of this article.

That's pretty much it for this article -- hope this helps!