[ https://issues.apache.org/jira/browse/KARAF-5487?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16256445#comment-16256445 ]
ASF subversion and git services commented on KARAF-5487: -------------------------------------------------------- Commit e8433bc15e3fafed664532b20dbe6b7ef700762e in karaf's branch refs/heads/karaf-4.0.x from [~ffang] [ https://gitbox.apache.org/repos/asf?p=karaf.git;h=e8433bc ] [KARAF-5487]one more file to change > SshRole restriction not enforced when using username/password > ------------------------------------------------------------- > > Key: KARAF-5487 > URL: https://issues.apache.org/jira/browse/KARAF-5487 > Project: Karaf > Issue Type: Bug > Affects Versions: 4.1.3 > Reporter: Christopher Lockard > Assignee: Freeman Fang > Fix For: 4.0.11, 4.1.4 > > > In https://issues.apache.org/jira/browse/KARAF-5330 a role (sshRole) was > added that was required for users to ssh into the karaf instance. However > that role check only was applied to the username/public-key method and not > the username/password method. Currently any user can ssh into the system > using username/password regardless of their roles. > This appears to be fixed in master but not the karaf-4.1.x branch -- This message was sent by Atlassian JIRA (v6.4.14#64029)