Information
The key file is used for authentication in the sharded cluster. Implementing proper file permissions on the key file will prevent unauthorized access to it.
Rationale:
Protecting the key file strengthens authentication in the sharded cluster and prevents unauthorized access to the MongoDB database.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Set the keyFile ownership to mongodb user and remove other permissions by executing these commands:
chmod 600 /keyfile
sudo chown mongodb:mongodb /keyfile
Default Value:
Not configured