transplant.py: Allow SSH on all interfaces.
Previously (in Fuel 8.0), SSH used to listen only on 10.20.0.2
(admin interface), which required editing sshd_config and restarting
SSH server for allowing SSH connections over the public IP on eth1
(just an example, which corresponds to Armband PODs use cases).
In Fuel 9.0, SSH server on Fuel Master listens on all ifaces,
but connections are filtered by iptables.
This change piggy-backs on a previous Armband addition that allows
transplant.py script to configure additional interfaces (e.g. public).
In case additional interfaces have been configured by transplant,
this change will instruct iptables to accept SSH connections on ANY
interface, not only the admin one.
Possible improvements:
- limit SSH access to admin + interfaces added by transplant instead
of ANY;
Change-Id: I0923496e1b23f6dc826c8afbbe9805956c2d4b34
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Code Review / armband.git / commit