April 11, 2024

Hotfix

This update addresses a security vulnerability for autoscaling clusters where SSH ports were open to the Internet. As an immediate measure to prevent unauthorized access to a cluster, a public IP address is no longer generated for a cluster head node.

As a result of this change, users cannot currently ssh to a cluster head node from their local machine. They can only connect to the head node from a Linux virtual desktop in the same project space (using the private IP address). This mainly affects users who submit jobs to a cluster from their local machine using sbatch.

Connecting to a cluster from a local machine is only possible if there is a VPN connection between the local network and the Virtual Network.

Enhancements that will allow secure access to a cluster from a local machine are under development and will be available in an upcoming release.

If you created an autoscaling cluster prior to this hotfix, Ansys recommends that you delete the cluster and create a new one to ensure that you are protected from this vulnerability.

(Issue 1021241)