- Security >
- Security Tutorials >
- Access Control Tutorials >
- Generate a Key File
Generate a Key File¶
On this page
This section describes how to generate a key file to store
authentication information. After generating a key file, specify the key
file using the keyFile
option when starting a
mongod
or mongos
instance.
A key’s length must be between 6 and 1024 characters and may only contain characters in the base64 set. The key file must not have group or world permissions on UNIX systems. Key file permissions are not checked on Windows systems.
Generate a Key File¶
Use the following openssl
command at the system shell to generate
pseudo-random content for a key file:
Note
Key file permissions are not checked on Windows systems.
Key File Properties¶
Be aware that MongoDB strips whitespace characters (e.g. x0d
,
x09
, and x20
) for cross-platform convenience. As a result,
the following operations produce identical keys: