New SSH configuration applied to vRA 8.11.2 and above
Article ID: 318879
Updated On:
Products
VMware Aria Suite
Issue/Introduction
Symptoms:
- A new SSH service was introduced in VMware vRealize Automation 8.11.2.
- No modifications to the SSH configuration are supported for the 8.11.2 release, only 8.12+.
- All updates to /etc/ssh/sshd_config should refer to /etc/ssh/sshd_config_effective
- This applies to all virtual appliances for the vRA platform including standalone vRealize Orchestrator appliances and Cloud Extensibility Proxies in vRA SaaS.
Environment
VMware vRealize Orchestrator 8.11.x
VMware vRealize Automation 8.11.x
VMware vRealize Automation 8.11.x
Cause
This is a planned change to the SSH service config in order to handle security hardening during upgrades without interrupting the virtual appliance upgrade process.
Resolution
All enhancements, such as hardening, to the SSH service specified in official VMware documentation and KBs should refer to the new /etc/ssh/sshd_config_effective instead.
If SSH configurations are required in 8.11.2, you must upgrade to 8.12+ to support modifications.
If SSH configurations are required in 8.11.2, you must upgrade to 8.12+ to support modifications.
Additional Information
Impact/Risks:
All enhancements, such as hardening, to the SSH service specified in the official VMware documentation and Knowledge articles, will not work as they refer to /etc/ssh/sshd_config.
All enhancements, such as hardening, to the SSH service specified in the official VMware documentation and Knowledge articles, will not work as they refer to /etc/ssh/sshd_config.
Feedback
Yes
No
Powered by
