system service-processor ssh remove-allowed-addresses
Remove IP addresses from the list that is allowed to access the Service Processor
Availability: This command is available to cluster administrators at the admin privilege level.
Description
The system service-processor ssh remove-allowed-addresses
command blocks the specified IP address from accessing the Service Processor. If all IP addresses are removed from the access list, then the Service Processor is not accessible from any IP address.
Parameters
-allowed-addresses <IP Address/Mask>,…
- Public IP Addresses-
Use this parameter to specify one or more IP addresses with corresponding netmasks. The value should be specified in the format of address/netmask, for example, 10.98.150.10/24, fd20:8b1e:b255:c09b::/64. Use commas to separate multiple address/netmask pairs.
Examples
The following example prevents the specified IP addresses from accessing the Service Processor. It also displays the list of public IP addresses that are allowed to access the Service Processor.
cluster1::> system service-processor ssh show Allowed Addresses: 192.168.1.202/24, 192.168.10.201/24 cluster1::> system service-processor ssh remove-allowed-addresses -allowed-addresses 192.168.1.202/24, 192.168.10.201/24 Warning: If all IP addresses are removed from the allowed address list, all IP addresses will be denied access. To restore the "allow all" default, use the "system service-processor ssh add-allowed-addresses -allowed-addresses 0.0.0.0/0, ::/0" command. Do you want to continue? {y|n}: y cluster1::> system service-processor ssh show Allowed Addresses: - cluster1::>