Why?
I wanted to access a production mongodb cluster to look at some data but the database has a list of whitelisted IP addresses which I cannot edit.
I do have access to the production server but I didn’t want to install any tools on it. I wanted to use the GUI interface Mongo Compass to view the data.
How?
Since the mongodb cluster is hosted on Atlas and not on the production server itself, I couldn’t do a local port forwarding.
The only way is if the production server can perform the requests my local computer requested. This sounds like a VPN or a Proxy.
Instead of setting up a VPN server, I used the ssh -D flag to open a SOCKS proxy server on a specific port locally and forward all traffic through the SSH tunnel to the remote server.
In my head, I imagine the setup will look something like this for the command ssh -D 8080 user@remote-server
+-------------------+ +---------------------+ +----------------------+
| Local Machine | | Remote Server | | Destination Server |
+-------------------+ +---------------------+ +----------------------+
| | |
| | |
| SSH Connection with -D flag | |
|---------------------------------->| |
| | |
| Local SOCKS Proxy | |
|<----------------------------------| |
| | |
| Traffic forwarded | |
|---------------------------------->| |
| | Traffic sent to |
| |---------------------------------->|
| | Destination Service |
| |<----------------------------------|
| | |
| Traffic forwarded | |
|<----------------------------------| |
| | |
+-------------------+ +---------------------+ +----------------------+
| Local Machine | | Remote Server | | Destination Server |
+-------------------+ +---------------------+ +----------------------+With that setup, I can connect to the mongodb server by adding some additional connection options. Which looks like this.
mongodb+srv://admin:*****@abcd.mongodb.net/db?proxyHost=localhost&proxyPort=8080With that, I am able to view my whitelisted database on my local pc using the production server as a tunnel.
