As a security best practice, you can deactivate SSH access for the admin user account. The vRealize Operations admin account and the Linux admin account share the same password. Deactivating SSH access to the admin user enforces defense in depth by ensuring all users of SSH first login to a lesser privileged service account with a password that differs from the vRealize Operations admin account and then switch user to a higher privilege such as the admin or root.

Procedure

  1. Edit the /etc/ssh/sshd_config file.
    You can access this file from the command prompt.
  2. Add the DenyUsers admin entry anywhere in the file and save the file.
  3. To restart the sshd server, run the service sshd restart command.