You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
The organization policy "Disable VM serial port access" is deactivated by default even though the enforcement is recommended by GCP security best practices.
Rationale
GCP implements the serial port as an Internet accessible SSH service running on port 9600 on ssh-serialport.googleapis.com without any ability to set firewall rules; you just require an SSH metadata key that is set for that instance or project.
Google recommends disabling serial ports as it presents the same security issue as an SSH server open to 0.0.0.0/0.
Recommendation
Disable VM serial port access. [by organization policy]
The text was updated successfully, but these errors were encountered:
Describe the bug
The organization policy "Disable VM serial port access" is deactivated by default even though the enforcement is recommended by GCP security best practices.
Rationale
GCP implements the serial port as an Internet accessible SSH service running on port 9600 on ssh-serialport.googleapis.com without any ability to set firewall rules; you just require an SSH metadata key that is set for that instance or project.
Google recommends disabling serial ports as it presents the same security issue as an SSH server open to 0.0.0.0/0.
Recommendation
Disable VM serial port access. [by organization policy]
The text was updated successfully, but these errors were encountered: