[ https://issues.apache.org/jira/browse/KARAF-4809?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15663325#comment-15663325 ]
Achim Nierbeck commented on KARAF-4809: --------------------------------------- I see this more to be a documentation issue on how to secure your instance, per default I'd rather have SSH handled the way it is before. Therefore a -1 on this change > SSH should not listen to all hosts > ---------------------------------- > > Key: KARAF-4809 > URL: https://issues.apache.org/jira/browse/KARAF-4809 > Project: Karaf > Issue Type: Bug > Affects Versions: 4.0.7 > Reporter: Lars Kiesow > Assignee: Jean-Baptiste Onofré > > The default SSH server configuration will make Karaf listen to all hosts. It > is usually good practice to instead listen to localhost only by default to > avoid possible security risks (e.g. accidentally exposing an unconfigured SSH > server). > This can be fixed by adjusting `sshHost` in `org.apache.karaf.shell.cfg` -- This message was sent by Atlassian JIRA (v6.3.4#6332)