Hi Kevin, you have to use the -k option:
-k [keyFile] specify the private keyFile location when using key login, need have BouncyCastle registered as security provider using this flag
On the Karaf side, you need bouncycastle provider and populate the etc/keys.properties.
It's documented there: http://karaf.apache.org/manual/latest/#_managing_authentication_by_key Regards JB On 07/06/2016 05:56 PM, Kevin Schmidt wrote:
I have a follow up question. It is good that one can disable this feature, but if someone would like to use this feature of bin/client to connect without a password but do so with their own public/private key pair, how would bin/client be told to use it? Is that possible or is the private key built in to org.apache.karaf.client.Main? On Tue, Jul 5, 2016 at 4:16 PM, Kevin Schmidt <[email protected] <mailto:[email protected]>> wrote: I just followed the instructions to secure the container and using bin/client does now require a password and doesn't successfully connect to the container. I did this with Karaf 3.0.6. Perhaps something changed with Karaf 4? Kevin On Tue, Jul 5, 2016 at 3:49 PM, Elliot Huntington <[email protected] <mailto:[email protected]>> wrote: I wrote a question (http://stackoverflow.com/questions/38176918/how-to-secure-the-default-apache-karaf-installation) on stack overflow pertaining to Christian Schneider's blog post, How to hack into any default apache karaf installation <http://www.liquid-reality.de/display/liquid/2014/01/08/How+to+hack+into+any+default+apache+karaf+installation>. After following his instructions to secure the container the `bin/client` command, rather than failing, appears to create a new file `etc/host.key` and successfully connects to the container. This was unexpected according to the blog post. It would be helpful if someone would answer this question on stack overflow. Thanks, Elliot
-- Jean-Baptiste Onofré [email protected] http://blog.nanthrax.net Talend - http://www.talend.com
