Configure SSH access allowlisting

SSH access allowlisting controls access to hosts on the platform through SSH, for example, access to the hosts on the platform to file transfer to the hosts on the platform through SCP.

Restrictions and guidelines

With SSH access allowlisting enabled, the management IP, storage back-end IP, storage front-end IP, and loopback address 127.0.0.1 will be added to the allowlist by default to ensure correct operation of the management platform, and they cannot be removed from the allowlist.

Enable SSH access allowlisting

  1. On the top navigation bar, click System, and then select Security Management > SSH Access Allowlisting from the navigation pane.

  1. Select On for SSH Access Allowlisting.

  1. In the dialog box that opens, click OK.

Disable SSH access allowlisting

  1. On the top navigation bar, click System, and then select Security Management > SSH Access Allowlisting from the navigation pane.

  1. Select Off for SSH Access Allowlisting. The configured SSH access allowlist will be cleared.

Add IP addresses or subnets to the SSH access allowlist

You can add IP addresses or subnets to the SSH access allowlist only when SSH access allowlisting is enabled.

  1. On the top navigation bar, click System, and then select Security Management > SSH Access Allowlisting from the navigation pane.

  1. Click Add.

  1. Enter an IP address or subnet, and then click OK.

View the SSH access allowlist

  1. On the top navigation bar, click System, and then select Security Management > SSH Access Allowlisting from the navigation pane to view the SSH access allowlist in the IPs or Subnets area.

  1. To synchronize the allowlist, click Synchronize.

Remove an IP address or subnet from the SSH access allowlist

  1. On the top navigation bar, click System, and then select Security Management > SSH Access Allowlisting from the navigation pane.

  1. Click the Delete icon  in the Actions column for an IP address or subnet.

  1. In the dialog box that opens, click OK.