Thanks for your clear explanation.
So in fact I need to distribute the keys to whichever account in need of accessing the Karaf console.
To this end I just created a new set of keys named karaf_openhab_id.rsa and karaf_openhab_id.rsa.pub which are only used for logging into Karaf:
- from the
openhabianuser account (the regularopenhab-cli consoleaccess which now always requires a password), and - from the
openhabuser account (useful e.g. for restarting bindings in case of problems).
As long as I explicitly provide the name of the private key in either case, it now works.
For what it’s worth, I couldn’t find any override in /usr/bin/openhab-cli nor in the scripts it runs:
/etc/profile.d/openhab2.sh/etc/default/openhab2
(NOTES:- I have the impression that
EXTRA_JAVA_OPTSwas reset to the default value (EXTRA_JAVA_OPTS="-Xms250m -Xmx350m") after upgrading from 2.5 M4 to 2.5 M5 so I had to re-add the JSR223/Jython specific extra options for my Jython rules to work again)
- I have the impression that
/etc/openhab-cli/command-overrides.sh