[
https://issues.apache.org/jira/browse/KARAF-4809?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15663325#comment-15663325
]
Achim Nierbeck commented on KARAF-4809:
---------------------------------------
I see this more to be a documentation issue on how to secure your instance, per
default I'd rather have SSH handled the way it is before.
Therefore a -1 on this change
> SSH should not listen to all hosts
> ----------------------------------
>
> Key: KARAF-4809
> URL: https://issues.apache.org/jira/browse/KARAF-4809
> Project: Karaf
> Issue Type: Bug
> Affects Versions: 4.0.7
> Reporter: Lars Kiesow
> Assignee: Jean-Baptiste Onofré
>
> The default SSH server configuration will make Karaf listen to all hosts. It
> is usually good practice to instead listen to localhost only by default to
> avoid possible security risks (e.g. accidentally exposing an unconfigured SSH
> server).
> This can be fixed by adjusting `sshHost` in `org.apache.karaf.shell.cfg`
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
