key-based SSH access to a cluster is supported. Adding a key through the Prism web console provides key-based access to the cluster, Controller VM, and hypervisor host. Each node employs a public/private key pair, and the cluster is made secure by distributing and using these keys. 

Users can create a key pair (or multiple key pairs) and add the public keys to enable key-based SSH access. However, when site security requirements do not allow such access, you can remove all public keys to prevent SSH access. 

To control key-based SSH access to the cluster, do the following: 

Steps:

1. Click the gear icon in the main menu and then select Cluster Lockdown in the Settings page.The Cluster Lockdown dialog box appears. Enabled public keys (if any) are listed in this window.
2. To disable (or enable) remote login access, uncheck (check) theEnable Remote Login with Password box.

   Remote login access is enabled by default.

3. To add a new public key, click the New Public Key button and then do the following in the displayed fields: 
   1. Name: Enter a key name. 
   2. Key: Enter (paste) the key value into the field.
   3. Click the Save button (lower right) to save the key and return to the main Cluster Lockdown window.

   There are no public keys available by default, but you can add any number of public keys. 

4. To delete a public key, click the X on the right of that key line. 

   Note: Deleting all the public keys and disabling remote login access locks down the cluster from SSH access.
   
   Reference: Portal document