Backlog #4810: Ability to restrict hypervisor from connecting to frontend via SSH - OpenNebula - OpenNebula Development pages

Backlog #4810

Ability to restrict hypervisor from connecting to frontend via SSH

Added by OpenNebula Systems Support Team almost 5 years ago. Updated almost 5 years ago.

Status:

Pending

Start date:

09/21/2016

Priority:

Sponsored

Due date:

Assignee:

-

% Done:

0%

Category:

-

Target version:

-

Description

Configuration to make it so that only the frontend connects out to the hypervisor and not vica-versa.

The main challenge is that there are two commands when doing ssh from the hypervisor to the nodes: scp and rsync.

A proposed solution is to add the command="..." directive in the authorized_keys files. Develop the command in such a way that in only allows scp and rsync.

History

#1 Updated by Ruben S. Montero almost 5 years ago

Assignee set to Jaime Melis
Priority changed from Normal to Sponsored
Target version set to Release 5.2

#2 Updated by Jaime Melis almost 5 years ago

Tracker changed from Feature to Backlog
Category deleted (~~Documentation~~)
Assignee deleted (~~Jaime Melis~~)
Target version deleted (~~Release 5.2~~)

Also available in: Atom PDF