docs/doc/source/security/kubernetes/remote-access-for-linux-accounts.rst


.. tfe1552681897084
.. _remote-access-for-linux-accounts:

================================
Remote Access for Linux Accounts
================================

You can log in remotely as a Linux user\(either sysadmin or a local |LDAP|
user\) using :command:`ssh`.

.. note::
    For security reasons, it is recommended that ONLY admin level users be
    allowed to |SSH| to the nodes of the |prod|. Non-admin level users should
    strictly use remote |CLIs| or remote web GUIs.

Specifying the |OAM| floating IP address as the target establishes a
connection to the currently active controller; however, if the |OAM| floating
IP address moves from one controller node to another, the ssh session is
blocked. To ensure access to a particular controller regardless of its
current role, specify the controller physical address instead.

.. note::
    Password-based access to the **root** account is not permitted over
    remote connections.
Security guide update Re-organized topic hierarchy Tiny edit to restart review workflow. Squashed with Resolved index.rst conflict commit Change-Id: I13472792cb19d1e9975ac76c6954d38054d606c5 Signed-off-by: Keane Lim <keane.lim@windriver.com> Signed-off-by: MCamp859 <maryx.camp@intel.com> 2020-08-31 11:01:56 -04:00
			`.. tfe1552681897084`
			`.. _remote-access-for-linux-accounts:`

			`================================`
			`Remote Access for Linux Accounts`
			`================================`

Update Security Fixed merge conflict (RS) Signed-off-by: Rafael Jardim <rafaeljordao.jardim@windriver.com> Change-Id: I30b882a14196525f440db1108a56bbf862dfaf55 Signed-off-by: Ron Stone <ronald.stone@windriver.com> 2021-03-15 16:56:04 -03:00			`You can log in remotely as a Linux user\(either sysadmin or a local \|LDAP\|`
			user\) using :command:`ssh`.
Security guide update Re-organized topic hierarchy Tiny edit to restart review workflow. Squashed with Resolved index.rst conflict commit Change-Id: I13472792cb19d1e9975ac76c6954d38054d606c5 Signed-off-by: Keane Lim <keane.lim@windriver.com> Signed-off-by: MCamp859 <maryx.camp@intel.com> 2020-08-31 11:01:56 -04:00
			`.. note::`
			`For security reasons, it is recommended that ONLY admin level users be`
Update Security Fixed merge conflict (RS) Signed-off-by: Rafael Jardim <rafaeljordao.jardim@windriver.com> Change-Id: I30b882a14196525f440db1108a56bbf862dfaf55 Signed-off-by: Ron Stone <ronald.stone@windriver.com> 2021-03-15 16:56:04 -03:00			`allowed to \|SSH\| to the nodes of the \|prod\|. Non-admin level users should`
			`strictly use remote \|CLIs\| or remote web GUIs.`
Security guide update Re-organized topic hierarchy Tiny edit to restart review workflow. Squashed with Resolved index.rst conflict commit Change-Id: I13472792cb19d1e9975ac76c6954d38054d606c5 Signed-off-by: Keane Lim <keane.lim@windriver.com> Signed-off-by: MCamp859 <maryx.camp@intel.com> 2020-08-31 11:01:56 -04:00
Update Security Fixed merge conflict (RS) Signed-off-by: Rafael Jardim <rafaeljordao.jardim@windriver.com> Change-Id: I30b882a14196525f440db1108a56bbf862dfaf55 Signed-off-by: Ron Stone <ronald.stone@windriver.com> 2021-03-15 16:56:04 -03:00			`Specifying the \|OAM\| floating IP address as the target establishes a`
			`connection to the currently active controller; however, if the \|OAM\| floating`
Security guide update Re-organized topic hierarchy Tiny edit to restart review workflow. Squashed with Resolved index.rst conflict commit Change-Id: I13472792cb19d1e9975ac76c6954d38054d606c5 Signed-off-by: Keane Lim <keane.lim@windriver.com> Signed-off-by: MCamp859 <maryx.camp@intel.com> 2020-08-31 11:01:56 -04:00			`IP address moves from one controller node to another, the ssh session is`
			`blocked. To ensure access to a particular controller regardless of its`
			`current role, specify the controller physical address instead.`

			`.. note::`
			`Password-based access to the root account is not permitted over`
			`remote connections.`