EDR: Can root user SSH access be disabled on minion nodes of a cluster?
book
Article ID: 289024
calendar_today
Updated On:
Products
Carbon Black EDR (formerly Cb Response)
Issue/Introduction
Can root user SSH access be disabled on minion nodes of a cluster to satisfy a compliance directive?
Environment
EDR: All Versions
Linux OS: All Supported Verisons
Resolution
Yes. The CB Response Server/Cluster Management Guide describes how to use the CBCLUSTER command as a non-root user.
Additional Information
Changing the PermitRootLogin value to prevent SSH communication by the ROOT user on the minion nodes would break communication if a non-root user is not setup as the account used for communication.