Backlog #4810

Ability to restrict hypervisor from connecting to frontend via SSH

Added by OpenNebula Systems Support Team almost 5 years ago. Updated almost 5 years ago.

Status:PendingStart date:09/21/2016
Priority:SponsoredDue date:
Assignee:-% Done:


Target version:-


Configuration to make it so that only the frontend connects out to the hypervisor and not vica-versa.

The main challenge is that there are two commands when doing ssh from the hypervisor to the nodes: scp and rsync.

A proposed solution is to add the command="..." directive in the authorized_keys files. Develop the command in such a way that in only allows scp and rsync.


#1 Updated by Ruben S. Montero almost 5 years ago

  • Assignee set to Jaime Melis
  • Priority changed from Normal to Sponsored
  • Target version set to Release 5.2

#2 Updated by Jaime Melis almost 5 years ago

  • Tracker changed from Feature to Backlog
  • Category deleted (Documentation)
  • Assignee deleted (Jaime Melis)
  • Target version deleted (Release 5.2)

Also available in: Atom PDF