Skip to content

FAQ

To ensure the highest levels of security, Rafay recommends that remote SSH access not be enabled on the Rafay VMs. SSH type of access is not required for any operations performed by administrators. The Rafay Controller provides a zero trust, remote diagnostics and control channel that can be leveraged securely as long as

  • The VM is operational and
  • The VM has network connectivity to the Controller.

Access Rafay VM

Rafay recommends that customers that require this type of access use “Console” access from within OpenStack Console. This approach ensures that access to the Rafay VM is only possible by “approved and authenticated” OpenStack administrators.

Note

Use the username “rafay_admin” for this type of access

Illustrative screenshot below for access to a Rafay VM via OpenStack Console.

SSH via OpenStack Console

Enabling SSH

Although remote access to the Rafay VM via SSH is not required, if you would like enable this, follow the steps described below.

Important

This will require you to operate at a degraded security level

Access OpenStack Console

Login as rafay_admin via console of Rafay_VM in Horizon Dashboard

Switch to Root

sudo su -

Modify SSHD

Modify the file "/etc/ssh/sshd_config" to enable password based authentication over ssh.

vi /etc/ssh/sshd_config

Update "PasswordAuthentication" from "no" to "yes"

Enable SSH in Rafay VM

Enable ssh in the Rafay VM by typing the following command.

systemctl enable ssh

systemctl start ssh