Hi Kerry, as it's not an OpenSSH implementation, it might not be possible, from what you expect from OpenSSH. Actually we just use the apache mina project for SSH [1], the documentation there should hopefully help you to find what is possible, and what's not :) If you find something possible there, which isn't fully working it might be a bug, just file it here so we can make sure we fix that :-)
regards, Achim [1] - http://mina.apache.org/sshd-project/documentation.html 2016-11-07 19:35 GMT+01:00 JT <[email protected]>: > > Hi JB, > > Sorry that's not what I meant to ask but it reminds me of a second > question I have regarding user keys, but to clarify my first question: > > I want to be able to configure the authentication method Karaf uses based > upon the IP address of the client. So for example if the IP address of the > client is on the same local network as the Karaf instance then I wish to > allow authentication by password. If the client tries to connect from > outside the local network then only authentication by SSH keys is allowed. > This is achievable for example with OpenSSH server and I just wondered if > it were possible to do the same with Karaf. > > My second question is regarding multiple public keys for a single Karaf > user. I tried to add multiple keys for the default 'karaf' user in > etc/keys.properties in the hope I could allow two different clients > authenticate with different keys but for the same user. When I tried this > only one key would authenticate, the other being ignored. Is it possible to > allow both keys? > > Thanks > > Kerry > > > On 07/11/16 05:58, Jean-Baptiste Onofré wrote: > >> Hi, >> >> you can generate a key per client and define in etc/keys.properties. >> >> Is it what you want ? >> >> Regards >> JB >> >> On 11/06/2016 11:28 AM, JT wrote: >> >>> Hi All, >>> >>> I was wondering if it is possible to configure Karaf SSH to authenticate >>> using keys alone based upon the client's IP address, in a similar way >>> that OpenSSH server can be configured? >>> >>> Cheers Kerry >>> >> >> -- Apache Member Apache Karaf <http://karaf.apache.org/> Committer & PMC OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/> Committer & Project Lead blog <http://notizblog.nierbeck.de/> Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS> Software Architect / Project Manager / Scrum Master
