When deploying the JetStream DR MSA, a public key can be set to govern access to the system. If it is not provided, the system will allow password based SSH access, which may be considered a security issue.

Note: An option is provided to disable SSH access and prevent it from being used to log into the management server.

  • To toggle password based SSH access for users to log in to the MSA:
    • Edit the file /etc/ssh/sshd_config
    • Set the PasswordAuthentication option to “yes” or “no”
    • Restart the sshd service using the command: service sshd restart
  • Additional SSH public keys can be manually appended to the file /root/.ssh/authorized_keys or added by using the script ssh-copy-id.
  • If the directory or the file does not already exist, either can be manually created using the following commands:

mkdir /root/.ssh

echo “<public key text>” >> /root/.ssh/authorized_keys

chmod 600 /root/.ash/authorized_keys

chmod 700 /root/.ssh/


External references:

man sshd_config – https://man7.org/linux/man-pages/man5/sshd_config.5.html

man ssh-copy-id – https://www.unix.com/man-page/linux/1/SSH-COPY-ID/

man sshd – https://man7.org/linux/man-pages/man8/sshd.8.html

Note: The directory must have access mode 700. The file must have access mode 600.