Docs Menu
Docs Home
/
MongoDB Compass
/
Connect
/
Advanced Options

Proxy / SSH Tunnel Connection Tab

On this page

  • Procedure

The Proxy / SSH Tunnel tab allows you to connect to your deployment with a Proxy method or SSH tunnel.

Procedure

1

Open the New Connection modal.

In the bottom panel of the Connections Sidebar, click Add New Connection to open the New Connection modal.

If you already have connections listed in the Connections Sidebar, click the icon on the top right of the sidebar to open the New Connection modal.

2

Click Advanced Connection Options.

New Advanced Connection Options
click to enlarge
3

Click the Proxy / SSH Tunnel tab.

You have the following connection options:

Option
Description
SSH with Password
Connects to a deployment using a SSH Tunnel and has the option to secure the connection with a password. For information on SSH connections and the fields for this connection option, see SSH Connection.
SSH with Identity File
Connects to a deployment using a SSH Tunnel and uses an Identity File to secure the connection. For information on SSH connections and the fields for this connection option, see SSH Connection.
Socks5
Connects to a deployment using a seperate proxy server. For more information on the fields for this connection option, see Socks5.
Application-level Proxy
Connects to a deployment using application-level proxy settings specified in the Compass Settings panel.

SSH Connection

To connect to a deployment using SSH with Password or SSH with Identity File, use the following fields:

Field
Description
SSH Hostname
Bastion (jumpbox) hostname. This is the unique identifier (Fully Qualified Domain Name, or FQDN) for the computer to access.
SSH Port
Port used for the SSH connection. This defaults to 22, the standard port for SSH.
SSH Username
This is the user for which the profile to log into on the remote system. This is the user for which you want to establish the SSH connection.
SSH Password
(Optional) Password used to secure the SSH connection. This is required if you are not using an identity file.
SSH Identity File

File from which the identity (private key) for SSH public key authentication is read.

Unix or OS X: If using OpenSSH, identity files are found in the ~/.ssh directory. By default, the private key files have one of the following file names:

  • id_dsa

  • id_ecdsa

  • id_ed25519

  • id_rsa

On Windows, the location of the identity files depends on your choice of SSH client, such as PuTTY.

SSH Passphrase
(Optional) If your private key is encrypted, provide the passphrase used to decrypt your private key. A passphrase provides an extra layer of security for an SSH connection.
Behavior

  • In MongoDB Compass, SSH Tunnel Connections allow users to connect to replica sets.

  • Users can connect to replica sets using SSH Tunnels and TLS / SSL connections.

Socks5

To connect to a deployment using Socks5, use the following fields:

Field
Description
Proxy Hostname
Domain name, IPv4, or IPv6 address on which a socks5 proxy is listening.
Proxy Tunnel Port
(Optional) TCP port number. Default is 1080.
Proxy Username
(Optional) Username used to authenticate the connection with the proxy server.
Proxy Password
(Optional) Password used to authenticate the connection with the proxy server.
Behavior

  • If you specify a non-local Socks5 proxy host and provide a username and password authentication, you receive a warning stating that the credentials will be sent in plaintext.

  • If you specify a remote Socks5 proxy host and do not enable TLS, you receive a warning stating that the proxy administrator will be able to intercept data sent and received by Compass.

4

(Optional) For advanced connection configuration options, click the Advanced tab.

5

Click Connect.

Tip

See also:

To disconnect from your deployment, see Disconnect from MongoDB.

Back

TLS/SSL

Next

In-Use Encryption

On this page