[jira] [Commented] (KARAF-4809) SSH should not listen to all hosts

Fri, 28 Oct 2016 13:01:35 -0700 

    [ 
https://issues.apache.org/jira/browse/KARAF-4809?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15616380#comment-15616380
 ] 

ASF GitHub Bot commented on KARAF-4809:
---------------------------------------

GitHub user lkiesow opened a pull request:

    https://github.com/apache/karaf/pull/260

    KARAF-4809, SSH should not listen to all hosts

    The default SSH server configuration will make Karaf listen to all
    hosts. It is usually good practice to instead listen to localhost only
    by default to avoid possible security risks (e.g. accidentally exposing
    an unconfigured SSH server).
    
    This is a rebased version of pull request #259 since @cschneider told me in 
IRC that pull requests are expected to be created against master and then 
cherry-picked to release branches. Hence, please feel free to reject the other 
pull request.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/lkiesow/karaf 
karaf-4809-default-sshd-address-master

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/karaf/pull/260.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #260
    
----
commit 733f8ae69328e14b8f595b67156ff07ec250ba12
Author: Lars Kiesow <lkie...@uos.de>
Date:   2016-10-28T15:38:06Z

    KARAF-4809, SSH should not listen to all hosts
    
    The default SSH server configuration will make Karaf listen to all
    hosts. It is usually good practice to instead listen to localhost only
    by default to avoid possible security risks (e.g. accidentally exposing
    an unconfigured SSH server).
    
    Signed-off-by: Lars Kiesow <lkie...@uos.de>

----


> SSH should not listen to all hosts
> ----------------------------------
>
>                 Key: KARAF-4809
>                 URL: https://issues.apache.org/jira/browse/KARAF-4809
>             Project: Karaf
>          Issue Type: Bug
>    Affects Versions: 4.0.7
>            Reporter: Lars Kiesow
>             Fix For: 4.0.8
>
>
> The default SSH server configuration will make Karaf listen to all hosts. It 
> is usually good practice to instead listen to localhost only by default to 
> avoid possible security risks (e.g. accidentally exposing an unconfigured SSH 
> server).
> This can be fixed by adjusting `sshHost` in `org.apache.karaf.shell.cfg`



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to