Karaf
  1. Karaf
  2. KARAF-32

Support ssh public key authentication and agent forwarding

    Details

    • Type: New Feature New Feature
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.2.6, 3.0.0
    • Component/s: karaf-shell
    • Labels:
      None

      Description

      The karaf agent needs to be enhanced to be able to set up an ssh agent and use a public/private key.
      The ssh server need to be configured with a public key authentication that could delegate to the KeystoreInstance using certificates.
      The goal would be support the following use cases:

      • once a user is logged into a given karaf instance, he can connect to any other instance (provided that the public key is supported)
      • the stop script could use the ssh agent so that you don't need to launch it with a password on the command line

      A set of commands to administer the keystores might be interesting (maybe a console plugin too, but we need to check with what Geronimo provides in this area).

      Btw, I wonder if Apache Shiro would help in any way for all the security stuff.

        Issue Links

          Activity

          No work has yet been logged on this issue.

            People

            • Assignee:
              Jean-Baptiste Onofré
              Reporter:
              Guillaume Nodet
            • Votes:
              2 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development