Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document.
Note: Even the most advanced machine translation cannot match the quality of professional translators.
Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Remote Login Permission for the root User in SSH Mode (Two-Node Cluster)
To improve system security, you need to disable the root user to remotely log in to the server using SSH. In maintenance scenarios such as upgrade and patch installation, you can allow the root user to remotely log in to the server.
Disabling the root User to Remotely Log In To the Server in SSH Mode
The following operations must be performed on both the active and standby servers.
- Log in to the eSight server as the root user.
- Run the following commands to disable the root user to remotely log in to the server in SSH mode:
# cd /opt/ommha/config
# ./sshdPermitRootLogin.sh -n or
# ./sshdPermitRootLogin.sh --no
Enabling the root User to Remotely Log In To the Server in SSH Mode
The following operations must be performed on both the active and standby servers.
- Log in to the server as the root user. Alternatively, log in to the server as the ossuser user and run the su - root command to switch to the root user.
- Run the following commands to enable the root user to remotely log in to the server in SSH mode:
# cd /opt/ommha/config
# ./sshdPermitRootLogin.sh -y or
# ./sshdPermitRootLogin.sh --yes