Thanks Achim, will take a look.
Kerry On 07/11/16 19:01, Achim Nierbeck wrote:
Hi Kerry, as it's not an OpenSSH implementation, it might not be possible, from what you expect from OpenSSH. Actually we just use the apache mina project for SSH [1], the documentation there should hopefully help you to find what is possible, and what's not :) If you find something possible there, which isn't fully working it might be a bug, just file it here so we can make sure we fix that :-) regards, Achim [1] - http://mina.apache.org/sshd-project/documentation.html 2016-11-07 19:35 GMT+01:00 JT <[email protected] <mailto:[email protected]>>: Hi JB, Sorry that's not what I meant to ask but it reminds me of a second question I have regarding user keys, but to clarify my first question: I want to be able to configure the authentication method Karaf uses based upon the IP address of the client. So for example if the IP address of the client is on the same local network as the Karaf instance then I wish to allow authentication by password. If the client tries to connect from outside the local network then only authentication by SSH keys is allowed. This is achievable for example with OpenSSH server and I just wondered if it were possible to do the same with Karaf. My second question is regarding multiple public keys for a single Karaf user. I tried to add multiple keys for the default 'karaf' user in etc/keys.properties in the hope I could allow two different clients authenticate with different keys but for the same user. When I tried this only one key would authenticate, the other being ignored. Is it possible to allow both keys? Thanks Kerry On 07/11/16 05:58, Jean-Baptiste Onofré wrote: Hi, you can generate a key per client and define in etc/keys.properties. Is it what you want ? Regards JB On 11/06/2016 11:28 AM, JT wrote: Hi All, I was wondering if it is possible to configure Karaf SSH to authenticate using keys alone based upon the client's IP address, in a similar way that OpenSSH server can be configured? Cheers Kerry -- Apache Member Apache Karaf <http://karaf.apache.org/> Committer & PMC OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/> Committer & Project Lead blog <http://notizblog.nierbeck.de/> Co-Author of Apache Karaf Cookbook <http://bit.ly/1ps9rkS> Software Architect / Project Manager / Scrum Master
