Return-Path: <issues-return-32097-archive-asf-public=cust-asf.ponee.io@karaf.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 1F5E6200BB6
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Fri,  4 Nov 2016 10:25:00 +0100 (CET)
Received: by cust-asf.ponee.io (Postfix)
	id 1E2A6160B07; Fri,  4 Nov 2016 09:25:00 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 93511160AE8
	for <archive-asf-public@cust-asf.ponee.io>; Fri,  4 Nov 2016 10:24:59 +0100 (CET)
Received: (qmail 68137 invoked by uid 500); 4 Nov 2016 09:24:58 -0000
Mailing-List: contact issues-help@karaf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:issues-help@karaf.apache.org>
List-Unsubscribe: <mailto:issues-unsubscribe@karaf.apache.org>
List-Post: <mailto:issues@karaf.apache.org>
List-Id: <issues.karaf.apache.org>
Reply-To: dev@karaf.apache.org
Delivered-To: mailing list issues@karaf.apache.org
Received: (qmail 68071 invoked by uid 99); 4 Nov 2016 09:24:58 -0000
Received: from arcas.apache.org (HELO arcas) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 Nov 2016 09:24:58 +0000
Received: from arcas.apache.org (localhost [127.0.0.1])
	by arcas (Postfix) with ESMTP id 99D072C2A66
	for <issues@karaf.apache.org>; Fri,  4 Nov 2016 09:24:58 +0000 (UTC)
Date: Fri, 4 Nov 2016 09:24:58 +0000 (UTC)
From: "Ancoron Luciferis (JIRA)" <jira@apache.org>
To: issues@karaf.apache.org
Message-ID: <JIRA.12783225.1426770642000.186505.1478251498627@Atlassian.JIRA>
In-Reply-To: <JIRA.12783225.1426770642000@Atlassian.JIRA>
References: <JIRA.12783225.1426770642000@Atlassian.JIRA> <JIRA.12783225.1426770642062@arcas>
Subject: [jira] [Commented] (KARAF-3622) Enhance SSH configuration mechanism
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394
archived-at: Fri, 04 Nov 2016 09:25:00 -0000


    [ https://issues.apache.org/jira/browse/KARAF-3622?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15635771#comment-15635771 ] 

Ancoron Luciferis commented on KARAF-3622:
------------------------------------------

Thank you for picking up on this one. :)

> Enhance SSH configuration mechanism
> -----------------------------------
>
>                 Key: KARAF-3622
>                 URL: https://issues.apache.org/jira/browse/KARAF-3622
>             Project: Karaf
>          Issue Type: Improvement
>          Components: karaf-shell
>    Affects Versions: 3.0.3
>            Reporter: Ancoron Luciferis
>            Assignee: Freeman Fang
>              Labels: security
>             Fix For: 4.1.0, 4.0.8
>
>         Attachments: karaf-3.0.x-Improve-SSH-shell-configuration-support.patch
>
>
> Currently, the SSH configuration for the remote shell provides only limited access to the configuration capabilities of the library being used (Apache MINA/SSHD).
> E.g., it is currently not possible to configure a better HMAC than SHA1, although the SSHD core library version 0.12+ supports at least "hmac-sha2-512" and "hmac-sha2-256".
> Also, the key exchange mechanism is currently not configurable at all, which makes it impossible to enforce highly secure connection establishment from the server side.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)