1 Reply Latest reply: Nov 28, 2017 6:51 AM by Chris Klosterman RSS

Anyone have disable Root login to Isilon via SSH

PJurisprudencia

There's an /etc/ssh/sshd_config file that you can tweak just like other Unix system to disable SSH to the server for root user for security reason.    Does anyone have implemented this in Isilon? 

  • 1. Re: Anyone have disable Root login to Isilon via SSH
    Chris Klosterman

    I'd say in general this is a really terrible idea.  Yes I know lots of people do this on other *nix systems, however those are physical servers that have ILO or DRAC cards, or VMs that you can get to the console of with an application.  Isilon doesn't have an out-of-band management interface / IPMI, so if you mess something up you're going to have to find a USB to Serial cable, and console into the node as root, which might mean taking a trip if you're far from the datacenter.  Just my 2 cents.  If you need to harden Isilon, take a look at the OneFS Security Configuration Guide.

    OneFS 8.0.0 Security Configuration Guide

     

    ~Chris