+1 to comment out the default public key in keys.properties, it's really a security hole.
And about specify the key to bin/client, I just added it weeks ago, please see KARAF-3059[1] [1]https://issues.apache.org/jira/browse/KARAF-3059 ------------- Freeman(Yue) Fang Red Hat, Inc. FuseSource is now part of Red Hat On 2014-7-18, at 上午3:44, Jean-Baptiste Onofré wrote: > Hi all, > > Following a discussion that we had with Christian, I would like to raise a > concern. > > Now, on Karaf 2.x/3.x/4.x, the JMX layer is secure using RBAC. The > MBeanServerBuilder is enabled by default, meaning that it's not possible to > locally connect to the MBean server. > I think it's good and secure. > > However, on the other hand, we have a key enabled by default (in > etc/keys.properties) and used by default by bin/client. > So it means that any user that download a Karaf distribution can connect to > any Karaf runtimes by default. > On one hand we have a very secure JMX layer (even for local connection), but > on the other hand, bin/client can connect to any Karaf running instance (so > not very secure). > > I would like to propose the following: > - in etc/keys.properties, we should comment out the default key. We can > document how to enable it and how to change the keys. > - in bin/client, we should be able to specify a key that we want to use. > > WDYT ? > > I already created some Jira about the keys: > - KARAF-2786: I would change this one by comment out the default key > - KARAF-2836 to allow to specify multiple keys for an user in > etc/keys.properties > - KARAF-2787 to allow to specify the key to bin/client > > Thanks, > Regards > JB > -- > Jean-Baptiste Onofré > [email protected] > http://blog.nanthrax.net > Talend - http://www.talend.com
