Magento Business Intelligence Help Center

Connecting MongoDB via SSH tunnel



To connect your MongoDB database to Magento BI via an SSH tunnel, you (or your team, if you're not a techie) will need to do a few things:

  1. Retrieve the Magento BI public key
  2. Whitelist the Magento BI IP address
  3. Create a Linux user for Magento BI
  4. Create a MongoDB user for Magento BI
  5. Enter the connection and user info into Magento BI

Due to the technical nature of this setup, we suggest you loop in a developer to help out if you haven't done this before.

Retrieving the Magento BI public key

The public key is used to authorize the Magento BI Linux user. In the next section, we'll create the user and import the key.

  1. Go to Data > Connections and click the Add New Data Source button.
  2. Click the MongoDB icon.
  3. After the MongoDB credentials page opens, toggle the Encrypted button to Yes. This will display the SSH setup form.
  4. The public key is located underneath this form.

Leave this page open throughout the tutorial - you'll need it in the next section and at the end.

If you're a bit lost, here's how to navigate through Magento BI to retrieve the key: 

Retrieving the RJMetrics public key
Click for a closer look!

Whitelisting the Magento BI IP address

For the connection to be successful, your must configure your firewall to allow access from our IP address. It's, but it's also on the MongoDB credentials page. See the blue box in the GIF above? That's it!

Creating a Linux user for Magento BI

If the sshd_config file associated with the server is not set to the default option, only certain users will have server access - this will prevent a successful connection to Magento BI. In these cases, it's necessary to run a command like AllowUsers to allow the rjmetric user access to the server.

This can be a production or slave machine, as long as it contains real-time (or frequently updated) data. You may restrict this user any way you like as long as it retains the right to connect to the MongoDB server.

To add the new user, run the following commands as root on your Linux server:

adduser rjmetric -p
mkdir /home/rjmetric
mkdir /home/rjmetric/.ssh

Remember the public key we retrieved in the first section? To ensure the user has access to the database, we need to import the key into authorized_keys. Copy the entire key into the authorized_keys file as follows:

touch /home/rjmetric/.ssh/authorized_keys
"< PASTE KEY HERE >" >> /home/rjmetric/.ssh/authorized_keys

To finish creating the user, alter the permissions on the /home/rjmetric directory to allow access via SSH:

chown -R rjmetric:rjmetric /home/rjmetric
chmod -R 700 /home/rjmetric/.ssh

Creating an Magento BI MongoDB user

MongoDB servers have two run modes - one with the "auth" option (mongod -- auth) and one without, which is the default. The steps for creating a MongoDB user will vary a bit depending on what mode your server is using, so be sure to verify the mode before continuing.

If your server uses the Auth Option:

When connecting to multiple databases, you can add the user by logging into MongoDB as an admin user and running the following commands. Note that to see all available databases, the Magento BI user requires the permissions to run listDatabases.

This command will grant the Magento BI user access to all databases:

use admin
db.createUser('rjmetric', '< secure password here >', true)

Use this command to grant the Magento BI user access to a single database:

use < database name >
db.createUser('rjmetric', '< secure password here >', true)

This will print a response that looks like this:

"id": ObjectId("< some object id here >"),
"user": "rjmetric",
"readOnly": true,
"pwd": "< some hash here >"

If your server uses the default option:

If your server doesn't use auth mode, your MongoDB server will still be accessible even without a username and password. However, you should ensure the mongodb.conf file (/etc/mongodb.conf) has the following lines - if they're not there, restart your server after you add them.

bind_ip =
noauth = true

To bind your MongoDB server to a different address, adjust the database hostname in the next step accordingly.

Entering the connection and user info into Magento BI

To wrap things up, we need to enter the connection and user info into Magento BI. Did you leave the MongoDB credentials page open? If not, go to Data > Connections and click the Add New Data Source button, then the MongoDB icon. Don't forget to toggle the Encrypted button to Yes.

Enter the following info into this page, starting with the Database Connection section:

  • Host:
  • Username:  The Magento BI MongoDB username (should be rjmetric)
  • Password: The Magento BI MongoDB password
  • Port: MongoDB's port on your server (27017 by default)
  • Database Name (Optional): If you only allowed access to one database, specify the name of that database here.

Under the SSH Connection section:

  • Remote Address: The IP address or hostname of the server we will SSH into
  • Username: The Magento BI Linux (SSH) username (should be rjmetric)
  • SSH Port: The SSH port on your server (22 by default)

That's it! When you're finished, click the Save & Test button to complete the setup.


Was this article helpful?
0 out of 0 found this helpful


Powered by Zendesk