As a side offect of https://git.opendaylight.org/gerrit/#/c/60138,
RSA private key is stored unencrypted on disk.
Without additional countermeasures this might not be a good idea.
This patch sets DEFAULT_PRIVATE_KEY_PATH to null which disables
key pair serialization.
Change-Id: Ibbf51f702bc47d768db16d6a3f406a1b2ec906fb
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
private static final Logger LOG = LoggerFactory.getLogger(NetconfNorthboundSshServer.class);
- private static final String DEFAULT_PRIVATE_KEY_PATH = "./configuration/netconf-mdsal-nb/RSA.pk";
+ // Do not store unencrypted private key
+ private static final String DEFAULT_PRIVATE_KEY_PATH = null;
private static final String DEFAULT_ALGORITHM = "RSA";
private static final int DEFAULT_KEY_SIZE = 4096;