Understanding Linux – SSH or SUDO are not required
Using a Linux server, you typically need some form of SSH or SUDO to connect and install components or make changes. In Veeam v11, you were required to have these services when working with Linux servers that had been added to VBR, except for hardened repositories.
With Linux hardened repositories, VBR v12 has made enhancements so that once you have added the repository to the system, you no longer need the single-use credential account in the SUDO group. In addition, you can further improve security by turning off SSH on the server.
So how does Veeam communicate with the Linux hardened repository if these things are disabled? Well, during the setup of the Linux hardened repository, the system creates a certificate, which is stored in the VBR database, and it is with this that further communication is handled. The certificate allows the following:
- Component upgrades, for example, the transport or installer services...
