16.20 - Enabling IP-Restricted SSH Access from Viewpoint to Ecosystem Manager Servers - Teradata Ecosystem Manager

Teradata® Ecosystem Manager Installation, Configuration, and Upgrade Guide for Customers

prodname
Teradata Ecosystem Manager
vrm_release
16.20
created_date
December 2020
category
Configuration
Installation
featnum
B035-3203-107K
If root access to the Ecosystem Manager server is disabled, complete the following steps to enable SSH with public key authentication as root user from Viewpoint to the Ecosystem Manager server and block root with password access.
  1. Modify sshd_config on the Ecosystem Manager servers:
    $ vi /etc/ssh/sshd_config
    # Globally disables all root logins over SSH 
    PermitRootLogin no 
    ... 
    
    # Match block for Viewpoint IP's - This should be at the very end of 
    # the /etc/ssh/sshd_config file 
    # Permits public key authentication as root only for the ip addresses
    # referenced above
    Match Address 10.25.112.27,10.25.112.194 
    PermitRootLogin without-password 
  2. Restart sshd:
    $ /etc/init.d/sshd restart