"Fuel Node"
In the/etc/hosts.allow file
Add to:
Sshd:10.129.0.1:allow
Sshd:10.129.0.2:allow
Sshd:10.129.0.3:allow
Sshd:10.129.3.1:allow
Sshd:10.129.3.2:allow
Sshd:10.129.3.3:allow
In the/etc/hosts.deny file
Add to:
Sshd:all
Last sshd restart
Service sshd Restart
"Control Node"
In the/etc/hosts.allow file
Add to:
Sshd:10.129.0.1:allow
Sshd:10.129.0.2:allow
Sshd:10.129.0.3:allow
Sshd:10.129.3.1:allow
Sshd:10.129.3.2:allow
Sshd:10.129.3.3:allow
Sshd:10.254.1.1:allow
In the/etc/hosts.deny file
Add to:
Sshd:all
Last sshd restart
Service sshd Restart
"Compute Node"
In the/etc/hosts.allow file
Add to:
Sshd:10.129.0.1:allow
Sshd:10.129.0.2:allow
Sshd:10.129.0.3:allow
Sshd:10.129.3.1:allow
Sshd:10.129.3.2:allow
Sshd:10.129.3.3:allow
Sshd:10.254.1.1:allow
Sshd:10.254.1.15:allow
Sshd:10.254.1.30:allow
Sshd:10.254.1.45:allow
In the/etc/hosts.deny file
Add to:
Sshd:all
Last sshd restart
Service sshd Restart
Where the compute node can use the following script:
#! /bin/bash
Line= ' grep ^10 ~/hosts|wc-l '
For i in ' seq $line '
Do
Des= ' grep ^10 hosts|sed-n ${i}p '
SSH $des ' echo ' sshd:10.129.0.1:allow ' >>/etc/hosts.allow '
SSH $des ' echo ' sshd:10.129.0.2:allow ' >>/etc/hosts.allow '
SSH $des ' echo ' sshd:10.129.0.3:allow ' >>/etc/hosts.allow '
SSH $des ' echo ' sshd:10.129.3.1:allow ' >>/etc/hosts.allow '
SSH $des ' echo ' sshd:10.129.3.2:allow ' >>/etc/hosts.allow '
SSH $des ' echo ' sshd:10.129.3.3:allow ' >>/etc/hosts.allow '
SSH $des ' echo ' sshd:10.254.1.1:allow ' >>/etc/hosts.allow '
SSH $des ' echo ' sshd:10.254.1.15:allow ' >>/etc/hosts.allow '
SSH $des ' echo ' sshd:10.254.1.30:allow ' >>/etc/hosts.allow '
SSH $des ' echo ' sshd:10.254.1.45:allow ' >>/etc/hosts.allow '
SSH $des ' echo ' sshd:all ' >>/etc/hosts.deny '
SSH $des ' service sshd restart '
echo $des >> Ip.log
Done
if [$i = = $line];then
Echo ' Deploy success '
Else
Echo ' Deploy failed '
Fi
Restrict SSH access to the source and prohibit access to addresses that are outside of 4A