BMSs Have Key Pair Login Enabled
Rule Details
|
Parameter |
Description |
|---|---|
|
Rule Name |
bms-key-pair-security-login |
|
Identifier |
bms-key-pair-security-login |
|
Description |
If a BMS does not have key pair login enabled, ths BMS is non-compliant. |
|
Tag |
bms |
|
Trigger Type |
Configuration change |
|
Filter Type |
bms.servers |
|
Rule Parameters |
None |
Application Scenarios
A key pair consists of a public key and a private key. Key Pair Service (KPS) stores the public key and you store the private key. If you have imported a public key into a Linux ECS, you can use the corresponding private key to log in to the ECS without a password. Key pairs provide the following benefits:
- Preventing credential leakage: You can configure key pairs and disable password login to prevent brute force attacks. Private keys are usually more difficult to guess or crack than passwords.
- Encrypted communication: Key pairs use asymmetric encryption technology to ensure SSH communication security and prevent man-in-the-middle (MITM) attacks.
Solution
Create a key pair for the bare metal server on the management console and server's password. For details, see Using an SSH Key Pair.
Rule Logic
- If a BMS does not have key pair login enabled, this BMS is non-compliant.
- If a BMS has key pair login enabled, this BMS is compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
