What is a keyfile

I feel like the video didn’t elaborate what is a keyfile and what purpose does it serve? what is openssl and what was the values specified at the commant line for it?
if nodes in replica set need to authenticate each other I think a password or a shared secret is enough and I think it would be easier to specify such a value inside the node config file so I don’t understand why the key should be a file rather than simply a text?

1 Like

Hi, I’m not very well-versed here, but it seems reasonable to me, to be an authentication mechanism, to make sure no other computer is interacting with the nodes.

Surely we don’t want any user password to be involved there. But it’s possible, if desired, create a keyfile with your user password.

Thanks for your response. I agree with you that there is a need to an authentication mechanism that only nodes of a replica set can connect to each other. What I don’t understand is what is that SSL thing in there. I want to know what is that openssl does in there and how it works.

When offering a course like that, they must assume that people have some prior knowledge. In your case, you do not know SSL or openssh. In some other cases, people do not know they have to press [ENTER] at the end of a command. Some do not know they have to adjust their path when installing new software. Some do not know about IP address.

This course is to learn to administrate the MongoDB server. They have to concentrate on that and assume you have some basic knowledge and otherwise that you can search for it. Otherwise if they cover every little bit of everything. The course will be too long and too boring for some.

When you do not know a concept, google is quite powerful to help you. So here it is:

https://www.openssh.com/
https://www.ssl.com/faqs/faq-what-is-ssl/

1 Like

Hi @Meysam_Naseri,

Please go through our documentation on Internal/Membership Authentication. You will find it helpful.

Thank you, the link explained to me what is a keyfile and now I understand that keyfile has nothing to do with SSL which removes my confusion.

On a separate note, I wonder what’s the point of me flagging as inappropriate when you don’t take any action.