Previously, bin/client embedded a default key (as you can see in
etc/keys.properties). It's now disable.
However, bin/client assumes username karaf and password karaf, that's
why you don't have to provide anything.
You can change the default password in etc/users.properties.
Regards
JB
On 07/06/2016 01:16 AM, Kevin Schmidt wrote:
I just followed the instructions to secure the container and using
bin/client does now require a password and doesn't successfully connect
to the container. I did this with Karaf 3.0.6. Perhaps something
changed with Karaf 4?
Kevin
On Tue, Jul 5, 2016 at 3:49 PM, Elliot Huntington
<[email protected] <mailto:[email protected]>> wrote:
I wrote a question
(http://stackoverflow.com/questions/38176918/how-to-secure-the-default-apache-karaf-installation)
on stack overflow pertaining to Christian Schneider's blog post, How
to hack into any default apache karaf installation
<http://www.liquid-reality.de/display/liquid/2014/01/08/How+to+hack+into+any+default+apache+karaf+installation>.
After following his instructions to secure the container the
`bin/client` command, rather than failing, appears to create a new
file `etc/host.key` and successfully connects to the container. This
was unexpected according to the blog post.
It would be helpful if someone would answer this question on stack
overflow.
Thanks,
Elliot
--
Jean-Baptiste Onofré
[email protected]
http://blog.nanthrax.net
Talend - http://www.talend.com
