how to change the ssh control for CVM

  • 7 April 2021
  • 3 replies

Badge +6



I have a question in the Nutanix enviroment.

I need to change control for the ssh to CVM so that just some IPs can access to avoid some intrusion access.

I checked the <Nutanix security Guide> and there are some descriptopm in TCP Wrapper Integration, But after I changed the file of /etc/hosts.allow to include just the allowed IPs and CVM management subnet. But It will be changed to default after the cluster security config schedule(by default daily.)


Is it possible to change the sshd allow list to achieved this goal? there are security requreiments for the enviroment.




Best answer by Sergei Ivanov 7 April 2021, 16:16

View original

This topic has been closed for comments

3 replies

Userlevel 4
Badge +5

According to the Security Guide you will need to modify the following file:


If you modify only the /etc/hosts.allow, the Salt will overwrite it with the next run.


Badge +6

Hi Segei


Thanks for your information, I also noted the file of /srv/salt/security/CVM/Network/hosts.allow description. So l will change the file and check whether it can be worked and update the result.


Thanks Sergei.

Badge +6

@Sergei Ivanov 


It is worked after tested in the enviroment. Thanks for your solution.