HomePhabricator

Specify SSHD listen address for lvs hosts

Description

Specify SSHD listen address for lvs hosts

In order to safely offer a service on port 22 on a
service ip we should restrict what IP SSH can listen
on for host access.

I used:

for host in cat lvshosts; \
do ssh $host "hostname -f && \
/usr/bin/facter | grep 'ipaddress_eth0 ' \
&& host \/bin/hostname -f\"; done

where lvshosts are defined as:

puppet cert -l -all | \
grep lvs | awk '{print $2}' \

cut -d \" -f 2

...to verify that existing LVS hosts are using their eth0
address for ssh access now.

ref T100519

Change-Id: Ie6ec636e8d6f0979ba81d2806a6b9cc15e4c2d11