1
2################################################################################
3#
4#    Licensed to the Apache Software Foundation (ASF) under one or more
5#    contributor license agreements.  See the NOTICE file distributed with
6#    this work for additional information regarding copyright ownership.
7#    The ASF licenses this file to You under the Apache License, Version 2.0
8#    (the "License"); you may not use this file except in compliance with
9#    the License.  You may obtain a copy of the License at
10#
11#       http://www.apache.org/licenses/LICENSE-2.0
12#
13#    Unless required by applicable law or agreed to in writing, software
14#    distributed under the License is distributed on an "AS IS" BASIS,
15#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16#    See the License for the specific language governing permissions and
17#    limitations under the License.
18#
19################################################################################
20
21#
22# These properties are used to configure Karaf's ssh shell.
23#
24
25#
26# Via sshPort and sshHost you define the address you can login into Karaf.
27#
28sshPort = 8101
29sshHost = 127.0.0.1
30
31#
32# The sshIdleTimeout defines the inactivity timeout to logout the SSH session.
33# The sshIdleTimeout is in milliseconds, and the default is set to 30 minutes.
34#
35sshIdleTimeout = 1800000
36
37#
38# Define the number of the NIO workers for the sshd server. Default is 2.
39#
40#nio-workers = 2
41
42#
43# Define the maximum number of SSH sessions. Default is unlimited.
44#
45#max-concurrent-sessions = -1
46
47#
48# sshRealm defines which JAAS domain to use for password authentication.
49#
50sshRealm = karaf
51
52#
53# Role name used for SSH access authorization
54# If not set, this defaults to the ${karaf.admin.role} configured in etc/system.properties
55#
56# sshRole = admin
57
58#
59# Defines if the SFTP system is enabled or not in the SSH server
60#
61sftpEnabled=true
62
63#
64# The location of the hostKey file defines where the private key of the server
65# is located. If no file is at the defined location it will be ignored.
66#
67hostKey = ${karaf.etc}/host.key
68
69#
70# The password required to decrypt the private key of the server stored in
71# 'hostKey'. This is not required if the private key stored in 'hostKey' is
72# not encrypted
73#
74#hostKeyPassword =
75
76#
77# The location of the hostKeyPub file defines where the public key of the server
78# is located. If no file is at the defined location it will be ignored.
79#
80#hostKeyPub = ${karaf.etc}/host.key.pub
81
82#
83# Self defined key size in 1024, 2048, 3072, or 4096
84# If not set, this defaults to 2048.
85#
86# keySize = 2048
87
88#
89# Specify host key algorithm, defaults to RSA
90#
91# algorithm = RSA
92
93#
94# Specify the client log level (default is WARN)
95# 0: ERROR
96# 1: WARN
97# 2: INFO
98# 3: DEBUG
99# 4: TRACE
100#
101#logLevel = 1
102
103#
104# Specify an additional welcome banner to be displayed when a user logs into the server.
105#
106# welcomeBanner =
107
108#
109# Defines the completion mode on the Karaf shell console. The possible values are:
110# - GLOBAL: it's the same behavior as in previous Karaf releases. The completion displays all commands and all aliases
111#           ignoring if you are in a subshell or not.
112# - FIRST: the completion displays all commands and all aliases only when you are not in a subshell. When you are
113#          in a subshell, the completion displays only the commands local to the subshell.
114# - SUBSHELL: the completion displays only the subshells on the root level. When you are in a subshell, the completion
115#             displays only the commands local to the subshell.
116# This property define the default value when you use the Karaf shell console.
117# You can change the completion mode directly in the shell console, using shell:completion command.
118#
119completionMode = GLOBAL
120
121#
122# Override allowed SSH cipher algorithms.
123# Default: aes256-ctr,aes192-ctr,aes128-ctr
124#
125# ciphers = aes256-ctr,aes192-ctr,aes128-ctr
126
127#
128# Override allowed SSH HMAC algorithms.
129# Default: hmac-sha2-512,hmac-sha2-256
130#
131# macs = hmac-sha2-512,hmac-sha2-256
132
133#
134# Override allowed SSH key exchange algorithms.
135# Default: ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
136#
137# kexAlgorithms = ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
138
139#
140# Override moduli-url.
141# Default: moduli-url not specified to use the internal one from SSHD
142#
143# moduli-url = external moduli-url users wanna use
144
145
146