We are excited to introduce the Horizon Cloud Connector 1.9 release, which features enhancements to the automatic update functionality, as well as SSH enhancements.
Automatic update enhancements
For previous releases of Cloud Connector, admins needed to configure complete network details to enable the Horizon Cloud Connector automatic update feature. You can read more about the feature in the Horizon Cloud Connector Know-How Series: Auto-Upgrade and in this product document.
In the 1.9 release, we have listened to customers’ requests and simplified the network configuration. Compared to version 1.8 where admins needed to configure 4 values—DNS, gateway, network mask and IP—admins only need to configure an unassigned static IP address to be used temporarily for the updated appliance in the 1.9 release. All the other required network information, like gateway, subnet and DNS server are automatically collected from the existing appliance configuration.
Please note that the unassigned IP address must be distinct from the static IP address used by the current version of the appliance.
Horizon Cloud Connector vCenter Server Details
SSH (Secure Shell) enhancements
Towards the continuous endeavor of improving product security, appliance access via SSH is made more secure with SSH access disabled for root users.
Previously, root users had all privileges on appliance. Now, a new custom user, “ccadmin” is available for SSH access. A ccadmin user can be granted elevated privileges if needed, but the control is with the admin who deploys the appliance.
In order to enable SSH access to troubleshoot Cloud Connector 1.9, you need to configure a SSH public key or password for this new ccadmin user. Once the authentication credentials are configured, SSH can be enabled by following steps provided here in the Horizon documentation.
Although one can log in as the ccadmin user with password credentials, it is preferable for security reasons to authenticate using an SSH public key instead. The keys for ccadmin can be set during deployment and from the configuration portal after pairing is successful. Using keys for authentication is more secure and supplying these keys during deployment gives more flexibility, as it reduces the number of steps required later.
Unless required, SSH access should be kept disabled to enhance security. An upcoming blog post will cover details on enabling SSH and configuring credentials for SSH access.