You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@karaf.apache.org by "Jean-Baptiste Onofré (JIRA)" <ji...@apache.org> on 2016/11/14 06:17:58 UTC

[jira] [Commented] (KARAF-4809) SSH should not listen to all hosts

    [ https://issues.apache.org/jira/browse/KARAF-4809?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15662900#comment-15662900 ] 

Jean-Baptiste Onofré commented on KARAF-4809:
---------------------------------------------

If I agreed for RMI, I don't think it's a good idea to change this for SSH. It's a convenient way to allow remote connection. An user can always change to localhost instead of 0.0.0.0.

I would say -1 for this change.

> SSH should not listen to all hosts
> ----------------------------------
>
>                 Key: KARAF-4809
>                 URL: https://issues.apache.org/jira/browse/KARAF-4809
>             Project: Karaf
>          Issue Type: Bug
>    Affects Versions: 4.0.7
>            Reporter: Lars Kiesow
>            Assignee: Jean-Baptiste Onofré
>
> The default SSH server configuration will make Karaf listen to all hosts. It is usually good practice to instead listen to localhost only by default to avoid possible security risks (e.g. accidentally exposing an unconfigured SSH server).
> This can be fixed by adjusting `sshHost` in `org.apache.karaf.shell.cfg`



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)