[ https://issues.apache.org/jira/browse/KARAF-4809?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15616380#comment-15616380 ]
ASF GitHub Bot commented on KARAF-4809: --------------------------------------- GitHub user lkiesow opened a pull request: https://github.com/apache/karaf/pull/260 KARAF-4809, SSH should not listen to all hosts The default SSH server configuration will make Karaf listen to all hosts. It is usually good practice to instead listen to localhost only by default to avoid possible security risks (e.g. accidentally exposing an unconfigured SSH server). This is a rebased version of pull request #259 since @cschneider told me in IRC that pull requests are expected to be created against master and then cherry-picked to release branches. Hence, please feel free to reject the other pull request. You can merge this pull request into a Git repository by running: $ git pull https://github.com/lkiesow/karaf karaf-4809-default-sshd-address-master Alternatively you can review and apply these changes as the patch at: https://github.com/apache/karaf/pull/260.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #260 ---- commit 733f8ae69328e14b8f595b67156ff07ec250ba12 Author: Lars Kiesow <lkie...@uos.de> Date: 2016-10-28T15:38:06Z KARAF-4809, SSH should not listen to all hosts The default SSH server configuration will make Karaf listen to all hosts. It is usually good practice to instead listen to localhost only by default to avoid possible security risks (e.g. accidentally exposing an unconfigured SSH server). Signed-off-by: Lars Kiesow <lkie...@uos.de> ---- > SSH should not listen to all hosts > ---------------------------------- > > Key: KARAF-4809 > URL: https://issues.apache.org/jira/browse/KARAF-4809 > Project: Karaf > Issue Type: Bug > Affects Versions: 4.0.7 > Reporter: Lars Kiesow > Fix For: 4.0.8 > > > The default SSH server configuration will make Karaf listen to all hosts. It > is usually good practice to instead listen to localhost only by default to > avoid possible security risks (e.g. accidentally exposing an unconfigured SSH > server). > This can be fixed by adjusting `sshHost` in `org.apache.karaf.shell.cfg` -- This message was sent by Atlassian JIRA (v6.3.4#6332)