By default, SANnav OVA is shipped with root user login enabled.
Product Affected
All Brocade OVA SANnav versions
Mitigation
Starting with SANnav OVA version v2.3.0 and later versions, a root account is not required for installation and management of the SANnav.
If an administrator is uncomfortable allowing users to log in as root, then they can follow a best practice where root is disabled as shown below:
Best practice recommendation for use on SANnav OVA versions v2.3.0 and later:
> Step 1: Before installing SANnav, login as a root user and create a local sudo user.
> Step 2: Edit the OpenSSH configuration file (/etc/ssh/sshd_config)to disable root login (PermitRootLoginno).
> Step 3: Restart sshd (systemctl restart sshd).
> Step 4: Logout from root, and login as the created sudo user.
> Step 5: Start SANnav installation
Credit