Increase the ssh security

Hi everybody,

How can I increase the security over ssh service on the manager nodes ? Can I restrict the access using security groups ?


Yes, Docker’s CloudFormation template adds all Managers into a security group called:

[Your Stack Name]-ManagerVpcSG-[Unknown Code]

One of the entries in this is SSH, allowing access from, which is the whole internet. You can change this as you wish, or add new SSH related entries. Internally, the stack doesn’t use SSH for any inter-node communication, so it’s safe for you to amend the SSH rules as you see fit.

Hope this helps :slightly_smiling_face: x