<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: SSH best practice, is it OK to leave it constantly enabled?  Even with IP limiting FW rules?  Wh in VMware vSphere™ Discussions</title>
    <link>https://communities.vmware.com/t5/VMware-vSphere-Discussions/SSH-best-practice-is-it-OK-to-leave-it-constantly-enabled-Even/m-p/2970701#M45314</link>
    <description>&lt;P&gt;Please refer ESXi SSH security to plan better:&lt;/P&gt;&lt;P&gt;&lt;A href="https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-EF55F930-AC17-46EF-BF43-1DB2500F0734.html" target="_blank"&gt;https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-EF55F930-AC17-46EF-BF43-1DB2500F0734.html&lt;/A&gt;&lt;/P&gt;</description>
    <pubDate>Mon, 29 May 2023 11:49:49 GMT</pubDate>
    <dc:creator>Arvind_Kumar11</dc:creator>
    <dc:date>2023-05-29T11:49:49Z</dc:date>
    <item>
      <title>SSH best practice, is it OK to leave it constantly enabled?  Even with IP limiting FW rules?  What are your thoughts</title>
      <link>https://communities.vmware.com/t5/VMware-vSphere-Discussions/SSH-best-practice-is-it-OK-to-leave-it-constantly-enabled-Even/m-p/1844812#M20681</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P style="margin-bottom: .0001pt;"&gt;&lt;SPAN style="font-size: 10.5pt; font-family: 'Helvetica',sans-serif; color: #3d3d3d;"&gt;All,&lt;/SPAN&gt;&lt;/P&gt;&lt;P style="margin-bottom: .0001pt;"&gt;&lt;/P&gt;&lt;P style="margin-bottom: .0001pt;"&gt;&lt;SPAN style="font-size: 10.5pt; font-family: 'Helvetica',sans-serif; color: #3d3d3d;"&gt;Thanks for any help you can provide in advance, I am being pressed into leaving SSH enabled across out estate by the security team (all be it with IP limited rules in place).&amp;nbsp; The purpose of this is so our security appliance’s can scan the hosts.&amp;nbsp; Perhaps I am being slightly anal but this irks be so I thought I would run it past the community and get a more unbiased opinion.&amp;nbsp; Aside from the fact it feels wrong and its seemingly an unnecessary service using up resource (admitedly a small amount) and will nag me with exclamation marks does anyone know if VMware verry specifically approve/disapprove of it?&lt;/SPAN&gt;&lt;/P&gt;&lt;P style="margin-bottom: .0001pt;"&gt;&lt;/P&gt;&lt;P style="margin-bottom: .0001pt;"&gt;&lt;SPAN style="font-size: 10.5pt; font-family: 'Helvetica',sans-serif; color: #3d3d3d;"&gt;I am also concerned that it might mean we are no longer PCS DSS complaint.&amp;nbsp; I initially suggest we run a script to briefly disable it prior ot a scan.&amp;nbsp; What are everyone else’s thoughts on the matter?&lt;/SPAN&gt;&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Mon, 04 May 2020 08:59:57 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-vSphere-Discussions/SSH-best-practice-is-it-OK-to-leave-it-constantly-enabled-Even/m-p/1844812#M20681</guid>
      <dc:creator>lukeglazebrook</dc:creator>
      <dc:date>2020-05-04T08:59:57Z</dc:date>
    </item>
    <item>
      <title>Re: SSH best practice, is it OK to leave it constantly enabled?  Even with IP limiting FW rules?  What are your thoughts</title>
      <link>https://communities.vmware.com/t5/VMware-vSphere-Discussions/SSH-best-practice-is-it-OK-to-leave-it-constantly-enabled-Even/m-p/1844813#M20682</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;VMware's recommendation is on row 4: &lt;A href="https://www.vmware.com/content/dam/digitalmarketing/vmware/en/files/xls/vsphere-6.7-update-1-security-configuration-guide.xlsx" title="https://www.vmware.com/content/dam/digitalmarketing/vmware/en/files/xls/vsphere-6.7-update-1-security-configuration-guide.xlsx"&gt;https://www.vmware.com/content/dam/digitalmarketing/vmware/en/files/xls/vsphere-6.7-update-1-security-configuration-guid…&lt;/A&gt; &lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Mon, 04 May 2020 09:17:49 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-vSphere-Discussions/SSH-best-practice-is-it-OK-to-leave-it-constantly-enabled-Even/m-p/1844813#M20682</guid>
      <dc:creator>scott28tt</dc:creator>
      <dc:date>2020-05-04T09:17:49Z</dc:date>
    </item>
    <item>
      <title>Re: SSH best practice, is it OK to leave it constantly enabled?  Even with IP limiting FW rules?  Wh</title>
      <link>https://communities.vmware.com/t5/VMware-vSphere-Discussions/SSH-best-practice-is-it-OK-to-leave-it-constantly-enabled-Even/m-p/2970669#M45313</link>
      <description>&lt;P&gt;same here , any best practices ?&lt;/P&gt;</description>
      <pubDate>Mon, 29 May 2023 07:00:51 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-vSphere-Discussions/SSH-best-practice-is-it-OK-to-leave-it-constantly-enabled-Even/m-p/2970669#M45313</guid>
      <dc:creator>vjsysadmin</dc:creator>
      <dc:date>2023-05-29T07:00:51Z</dc:date>
    </item>
    <item>
      <title>Re: SSH best practice, is it OK to leave it constantly enabled?  Even with IP limiting FW rules?  Wh</title>
      <link>https://communities.vmware.com/t5/VMware-vSphere-Discussions/SSH-best-practice-is-it-OK-to-leave-it-constantly-enabled-Even/m-p/2970701#M45314</link>
      <description>&lt;P&gt;Please refer ESXi SSH security to plan better:&lt;/P&gt;&lt;P&gt;&lt;A href="https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-EF55F930-AC17-46EF-BF43-1DB2500F0734.html" target="_blank"&gt;https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-EF55F930-AC17-46EF-BF43-1DB2500F0734.html&lt;/A&gt;&lt;/P&gt;</description>
      <pubDate>Mon, 29 May 2023 11:49:49 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-vSphere-Discussions/SSH-best-practice-is-it-OK-to-leave-it-constantly-enabled-Even/m-p/2970701#M45314</guid>
      <dc:creator>Arvind_Kumar11</dc:creator>
      <dc:date>2023-05-29T11:49:49Z</dc:date>
    </item>
  </channel>
</rss>

