...
To enable the secure access, a new tool onos-secure-ssh
has been providerprovided. This tool will secure the ONOS CLI so it is no longer accessible using the Apache Karaf client; this client is inherently insecure as it relies on a well-known private key (yes that is an oxymoron). After running the onos-secure-ssh
tool, ONOS CLI will be only accessible using direct ssh
. The tool also deletes the default users and keys, and allows the user to specify their own user/password combination as follows:
...