I'm considering using the free edition of VMware ESXi 5.5 at a co-location site. If I understand correctly, the free edition doesn't include the management console application, so I would have to manage it via a web browser.
How do I set it up so I can manage it remotely in a secure manner? My initial thoughts are to close every port on the host server except ssh, and lock down ssh in the usual manner: disable protocol 1, disable password authentication so the only access is via RSA keys, use the AllowUsers directive so only the admins have access to the host server, and access the web management console over an ssh tunnel. I'm assuming that guest VMs wil run in bridged mode, and that the firewall on the host server won't block network access to the guest VMs. Each guest will therefore need its own instance of iptables to firewall itself. Does this approach cover all the bases, or are there issues I've overlooked? -- John Abreau / Executive Director, Boston Linux & Unix Email: abre...@gmail.com / WWW http://www.abreau.net / PGP-Key-ID 0x920063C6 PGP-Key-Fingerprint A5AD 6BE1 FEFE 8E4F 5C23 C2D0 E885 E17C 9200 63C6 _______________________________________________ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss