When hardening ESXi Security, some settings may impact operations of a Nutanix cluster. Here are some recommended settings and their possible effect on a Nutanix cluster

Summary of Hardening Requirements can be implemented in /etc/ssh/sshd_config as below:

HostbasedAuthentication          :           no

PermitTunnel                              :           no

AcceptEnv

GatewayPorts                             :           no

Compression                              :           no

StrictModes                                :           yes

KerberosAuthentication            :           no

GSSAPIAuthentication              :           no

PermitUserEnvironment            :           no

PermitEmptyPasswords            :           no

PermitRootLogin                       :           no

Match Address                           :           x.x.x.11,x.x.x.12,x.x.x.13,x.x.x..14,192.168.5.0/24

PermitRootLogin                       :           yes

PasswordAuthentication           :           yes

For more details, Refer to link

Versions Affected: ESXi 6.x, ALL AOS Version