Randy Redekopp
asked on
OK to leave SSH enabled on iDRAC
I have enabled iDRAC 8 Basic on my Dell T330 server. The default settings have SSH enabled. Normally I do not leave SSH access enabled for any devices on the network (e.g. ESXi). There isn't remote access to the network but wondering if I should still disable or if this case doesn't matter. Thoughts?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Open port != unsecured port...
Be sure all SSH acces (AND ALL HTTP/HTTPS for webmanaged systems) are secured. The same for sudo etc. etc.
SSH at least gives you a chance to do that. Telnet f.e. does not encrypt data in transit., FTP does not encrypt data in transit by default.
So ensure to use public/private key authorizations etc. 2 factor authentication should also not be optional to gain access to management interfaces of anything.
Be sure all SSH acces (AND ALL HTTP/HTTPS for webmanaged systems) are secured. The same for sudo etc. etc.
SSH at least gives you a chance to do that. Telnet f.e. does not encrypt data in transit., FTP does not encrypt data in transit by default.
So ensure to use public/private key authorizations etc. 2 factor authentication should also not be optional to gain access to management interfaces of anything.
ASKER