Setting SSH
When deploying the JetStream DR MSA, a public key can be set to govern access to the system. If it is not provided, the system will allow password-based SSH access, which may be considered a security issue.
- To toggle password-based SSH access for users to log in to the MSA:
- Edit the file /etc/ssh/sshd_config.
- Set the PasswordAuthentication option to “yes” or “no”
- Restart the sshd service using the command:
service sshd restart
.
- Additional SSH public keys can be manually appended to the file /root/.ssh/authorized_keys or added by using the script ssh-copy-id.
- If the directory or the file does not already exist, either can be manually created using the following commands:
mkdir /root/.ssh
echo “” >> /root/.ssh/authorized_keys
chmod 600 /root/.ash/authorized_keys
chmod 700 /root/.ssh/
External references:
man sshd_config – https://man7.org/linux/man-pages/man5/sshd_config.5.html
man ssh-copy-id – https://www.unix.com/man-page/linux/1/SSH-COPY-ID/
man sshd – https://man7.org/linux/man-pages/man8/sshd.8.html