As part of your system hardening process, restrict Secure Shell (SSH) access by configuring the SSH package appropriately on all VMware virtual appliance host machines. Also maintain the required SSH key file permissions on these appliances.

Procedure

  1. Open the /etc/ssh/sshd_config file on your virtual appliance host machine in a text editor.
  2. Change the generic entry for your production environment to include only the local host entries and the management network subnet for secure operations.
    Add the following line to the configuration file:
    AllowUsers root@127.0.0.1 root@::1 root@10.0.0.*

    In this example, all local host connections and connections that the clients make from the 10.0.0.0/24 subnet are allowed.

  3. Save the file and close it.
  4. Restart the SSH service by systemctl restart sshd.