karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (KARAF-3622) Enhance SSH configuration mechanism
Date Wed, 02 Nov 2016 09:49:58 GMT

    [ https://issues.apache.org/jira/browse/KARAF-3622?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15628399#comment-15628399

ASF subversion and git services commented on KARAF-3622:

Commit 9c878c992a2fa2b516089b47687475211b799ba9 in karaf's branch refs/heads/karaf-4.0.x from
[ https://git-wip-us.apache.org/repos/asf?p=karaf.git;h=9c878c9 ]

[KARAF-3622]Enhance SSH configuration mechanism

(cherry picked from commit 44323c27529c8668db6cc836f00d0bb75e2cb4d5)


> Enhance SSH configuration mechanism
> -----------------------------------
>                 Key: KARAF-3622
>                 URL: https://issues.apache.org/jira/browse/KARAF-3622
>             Project: Karaf
>          Issue Type: Improvement
>          Components: karaf-shell
>    Affects Versions: 3.0.3
>            Reporter: Ancoron Luciferis
>            Assignee: Freeman Fang
>              Labels: security
>         Attachments: karaf-3.0.x-Improve-SSH-shell-configuration-support.patch
> Currently, the SSH configuration for the remote shell provides only limited access to
the configuration capabilities of the library being used (Apache MINA/SSHD).
> E.g., it is currently not possible to configure a better HMAC than SHA1, although the
SSHD core library version 0.12+ supports at least "hmac-sha2-512" and "hmac-sha2-256".
> Also, the key exchange mechanism is currently not configurable at all, which makes it
impossible to enforce highly secure connection establishment from the server side.

This message was sent by Atlassian JIRA

View raw message