Bug 1085901

Summary: [RFE] ovirt-node: Security tab (users must be able to choose the ssh daemon port)
Product: Red Hat Enterprise Virtualization Manager Reporter: Douglas Schilling Landgraf <dougsland>
Component: ovirt-nodeAssignee: Ryan Barry <rbarry>
Status: CLOSED DEFERRED QA Contact: Virtualization Bugs <virt-bugs>
Severity: high Docs Contact:
Priority: high    
Version: 3.4.0CC: bazulay, cshao, dfediuck, fdeutsch, gouyang, hadong, huiwa, iheim, leiwang, rbarry, rpai, scohen, ybronhei, ycui, yeylon, ylavi
Target Milestone: ---Keywords: FutureFeature
Target Release: ---Flags: sherold: Triaged+
Hardware: x86_64   
OS: Linux   
Whiteboard: node
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-06-23 10:22:35 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Node RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1085907    
Bug Blocks: 1123945    

Description Douglas Schilling Landgraf 2014-04-09 15:27:12 UTC 
Description of problem:

If users want to use a different ssh port to communicate between ovirt-node and ovirt-engine we should be able to configure it via TUI on ovirt-node.

My suggestion is on ovirt-node in Security tab have an option for it.

[ 22 ] SSH Daemon Port (or something like)

When users provide the ssh port we need also to setup the firewall rules for this new port.
Comment 1 Fabian Deutsch 2014-06-19 07:57:39 UTC 
The patch is actually 92d26a1369cd4b3dcd59217f7e4c1b0f743a22c0
Comment 7 Fabian Deutsch 2014-08-11 12:45:30 UTC 
Moving this into the future, as the Engine side part is missing.
Comment 9 Doron Fediuck 2014-08-24 14:09:26 UTC 
Marking as 3.5.0 since the node part is ready and can be tested for
basic ssh connectivity using a different port than 22. However, to get the
feature working with the engine Bug 1085907 should be completed. In the meantime
the node part is ready.
Comment 10 Fabian Deutsch 2014-09-01 10:23:40 UTC 
For now the feature is hidden from the users eyes (by hiding the appropriate box in the TUI).

The reason is to prevent any accidental change of the port, which will result in the loss of communication between Node and Engine.

This also means that this feature can currently not be tested.
Comment 11 Fabian Deutsch 2014-09-01 19:00:15 UTC 
Moving this bug to 3.6, because it can currently not be tested.