Recently, Nutanix clusters may display security warnings related to SSH login methods. While these warnings aim to enhance security,
they may not always be applicable to every organization’s infrastructure setup. Fortunately, you can disable this warning through a few simple steps.
Common Nutanix CVM SSH Security Warnings
You may encounter one or more of the following Nutanix CVM SSH security warning messages:
- “The cluster is using password-based SSH access for the CVM XX.XX.YY.YY.”
- “Password-based remote login is enabled on the Nutanix Cluster.
It is recommended to use key-based SSH access instead of password-based SSH
access for better security.” - “The SSH security of the Nutanix CVM is weak.”
- Change the SSH security setting of the Nutanix CVM
Why Does This Warning Appear?
Nutanix clusters flag password-based SSH logins because key-based SSH access is considered more secure.
While this recommendation is valid for improving security, some organizations may find it challenging to implement immediately.
Disable Nutanix CVM SSH Security Warning
If you need to disable this warning, follow these easy steps:
Step 1: Login to Nutanix PRISM Console
- Open your browser and log in to your Nutanix PRISM console using your credentials.
Read more: If you don’t know the default credential of Nutanix PRISM & CVM
Step 2: Navigate to the “Health” Section
- In the top-left menu, go to Menu > Health.
Step 3: Access “Manage Checks”
- On the right side of the screen, click on Action > Manage Checks.
Step 4: Locate the SSH Security Setting
- In the search bar on the left side, type “SSH” to filter the security settings.
Step 5: Disable SSH Security Warning
- Locate the service titled “Check CVM SSH Security Setting”.
- Click on “Turn check OFF”.
✅ The Nutanix CVM SSH security warning is now disabled and will no longer appear in the cluster’s health checks.
How to Enable Nutanix CVM SSH Security Check-Scan
If you wish to re-enable this security warning for improved security, follow these steps:
Step 1: Login to PRISM Console
- Access your Nutanix PRISM console as before.
Read more: You can Change Nutanix Prism password easily through PRISM & CVM.
Step 2: Go to “Health” Section
- Navigate to Menu > Health.
Step 3: Access “Manage Checks”
- Click on Action > Manage Checks.
Step 4: Locate the SSH Security Setting
- Search for “SSH” in the search bar.
Step 5: Enable SSH Security Warning
- Locate “Check CVM SSH Security Setting” and click “Turn check ON”.
✅ Once enabled, Nutanix will start scanning for password-based SSH access vulnerabilities in your cluster.
Read more: How Nutanix SCMA Security Framework Protect Cluster
Best Practices for SSH Security in Nutanix Clusters
While disabling the SSH security warning is sometimes necessary, following these best practices is recommended for improved security for you Nutanix cluster:
- ✅ Enable Key-Based SSH Access: This method enhances security by eliminating password vulnerabilities.
- ✅ Restrict SSH Access to Trusted IPs: Limiting SSH access to known and trusted IP addresses reduces attack exposure.
- ✅ Regularly Audit SSH Logins: Frequent checks can help identify unauthorized access attempts.
Read more: For more security can integrate TCP wrapper into Nutanix cluster
Conclusion
Disabling the Nutanix CVM SSH security warning may be necessary in specific environments where password-based logins are unavoidable.
However, adopting SSH key-based authentication remains the best practice for enhanced security.
Key Takeaways:
- ✔ Follow the step-by-step guide to disable or enable SSH security checks.
- ✔ Understand when password-based SSH warnings are critical for your security posture.
- ✔ Adopt best practices to improve cluster security in the long run.
💬 Have questions or concerns about Nutanix SSH security settings? Drop your queries in the comments below!
🔔 Follow HyperHCI on social media for the latest cloud security updates and expert insights.
- Top 10 Powerful Hyper-Converged Infrastructure (HCI) Benchmarks - March 9, 2025
- Expert Nutanix AHV Cluster Shutdown and Start - March 7, 2025
- How to Change Nutanix CVM Hostname on AHV Cluster - March 2, 2025