Understanding the Exhibit & the Alert

The alert states:

"The cluster is using password-based SSH access for the CVM."

"Password-based remote login is enabled on the cluster."

"It is recommended to use key-based SSH access instead of password-based SSH access for better security."

This means that the nutanix user can log in to Controller VMs (CVMs) using a password, which is a security risk.

Corrective Action: Enabling Cluster Lockdown

✅(C) Enable Cluster Lockdown. (Correct Answer)

Cluster Lockdown Mode restricts password-based SSH access and forces key-based authentication.

This prevents users from logging into CVMs using passwords, enhancing cluster security.

To enable Cluster Lockdown:

Go to Prism Central or Prism Element.

Navigate to Settings → Security → Cluster Lockdown.

Enable Cluster Lockdown Mode.

Evaluating the Other Answer Choices

❌(A) Rename the nutanix user. (Incorrect)

The nutanix user is a built-in system account required for cluster operations.

Renaming the user will not prevent SSH access via password.

❌(B) Block port 22 on the CVM firewall. (Incorrect)

Blocking port 22 (SSH) will completely disable SSH access, including key-based authentication.

This may break cluster management and troubleshooting operations.

❌(D) Delete the nutanix user. (Incorrect)

The nutanix user is a critical system account required for cluster functionality.

Deleting the account will cause serious issues with cluster management.

Multicloud Infrastructure References & Best Practices

Nutanix Security Best Practices:

Always use key-based SSH authentication instead of password-based logins.

Enable Cluster Lockdown Mode to enforce security policies.

Regularly audit user access to ensure security compliance.

Cluster Lockdown Benefits:

Prevents unauthorized SSH access via passwords.

Enforces public key authentication, reducing brute-force attack risks.

Strengthens CVM security against potential exploits.