Port 22 usage after initial setup? #1539
-
|
Congrats on GA, been following this for a long time! We have some far reaching locations to deploy forward nodes that have very strict requirements on traffic that sources from that towards our more secure locations. I'm wondering about the port 22 requirement for nodes reaching the manager, as far as I can tell it is just required on initial setup for the soremote user to register with saltstack and pull some initial config and then from that point saltstack takes over for remote management. I just searched the code for "ssh", "scp" and "soremote" to see what I could find, but wondering if there is any other need for port 22 after the initial setup is complete? |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
SSH is just used for initial setup to copy up the pillar file and allows some firewall changes so the sensor can talk to the manager. You can shut off this access once that is complete without any issues. @howsTricks |
Beta Was this translation helpful? Give feedback.
-
|
Awesome, thanks! |
Beta Was this translation helpful? Give feedback.
SSH is just used for initial setup to copy up the pillar file and allows some firewall changes so the sensor can talk to the manager. You can shut off this access once that is complete without any issues. @howsTricks