Some people talk about security, many people skimp on security, few do security right. Of course, security has many meanings, but in this post I will be discussing physical and online security of data. With the amount of data available today, it is critical that we all take security seriously. In this post, I would like to talk about some of the security issues I have had in the past and a few of my approaches to ensure better security of my data. Read on to learn more!
I have received a few comments that while I post a lot of technical information about Log Insight, I do not post a lot of examples and use cases. To begin to address this, I would like to demonstrate how to handle authentication logs, more specific Linux SSH logs, in Log Insight as I recently had someone ask me about this particular use case.
As you all know by now, ESXi comes with SSH, which VMware now refers to as Tech Support Mode, disabled. The reasons behind this include security and the removal of the service console. While the service console has been removed, a shell called BusyBox remains. According to VMware best practice, SSH should not be enabled as it should not be needed. Of course, customers require this kind of access to install agents and to troubleshoot problems. VMware’s response was to enable remote access to the systems via vCenter Server, vMA, or an API and to recommend reinstalling ESXi should troubleshooting become necessary. If you want to read more about this, I would recommend seeing Duncan’s post over at yellow-bricks: http://www.yellow-bricks.com/2010/03/01/disable-tech-support-on-esxi/.
Recently, I ran into an issue where several potential ESXi bugs were discovered, which required SSH access to the ESXi host as the logs were lacking information (one of the reported bugs) and the commands that needed to be executed could not be done remotely (e.g. df -h). As such, I was asked to enable SSH on 64 ESXi hosts. Performing this task manually was not an option so I turned to PowerCLI to automate the task.
This raises the question, how do you enable SSH on ESXi via PowerCLI?