Root access can be restricted on the HyperScale X Appliance nodes by enabling a restricted shell, to provide an additional layer of security for the cluster. This process involves the following steps:
-
Creating the cvbackupadmin user with limited capabilities or commands needed to administer the nodes and cluster. This user's capabilities will be limited to the set of commands supported by the restricted shell. For more information, see Creating a Restricted User.
-
Disabling root login on the nodes from the Command Center, so that only the cvbackupadmin user can log on and access the nodes. For more information, see Disabling Root Access.
HyperScale X Appliance security features, which includes Enabling Firewall and Restricting Root Access requires the following minimum version in the CommServe server and the HyperScale MediaAgent:
- Commvault V11 Feature Release 28 , with Maintenance Release 11.28.19 or later