the initial joining of a cluster node uses SSH with password (currently, there are plans to change this). AFAIK there is nothing else that needs password-based access, so after you have joined all your nodes to the cluster, disabling it should not break anything.
that being said, disabling public access to your hypervisor nodes (e.g., by putting SSH and the web interface behind a VPN or a jump host) is recommended in any case.
"PermitRootLogin without-password" is actually the default setting for Debian, fyi. Yes, would definitely make sense to do it another way, perhaps using a REST API or something simple. At the very least, add a warning to the console.
Permitting root login exposed is a seriously bad idea, but I agree that exposing proxmox on the internet is also a bad idea.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.