To generate a keyfile for use in internal authentication among MongoDB shards or replica sets, perform this command in OpenSSL (in Linux).
openssl rand -base64 755 > mk
After creating the file, change the permissions to read by owner only with this command:
sudo chmod 400 mk
To generate a keyfile for local key management when using at-rest encryption of the database, perform this command in OpenSSL (in Linux)
openssl rand -base64 32 > mke
Then change the permissions to read/write by owner only:
chmod 600 mke
•If the keyfile is in a directory shared between the Linux virtual machine and Windows 10, the chmod command does not work. The solution is to move the keyfile to a directory in Linux that is not shared and then set the permissions.