Accessing remote Fuse/Karaf console using SSH

Question

I have a Fuse ESB standalone server running in a RHEL box. I want to connect to the Karaf console remotely to manage the bundles.

If I close my current session, How I go back to my karaf console again ? I have my Fuse ESB configured to 8101 port for SSH. Will I be able to connect it directly through my SSH client(Putty) Or Do I need another fuse esb instance locally to access the remote Fuse instance ? Either ways I am not able to connect, It says access denied. Is there any other easier way to connect to remote fuse/karaf instance ?

Even I tried using Client.sh from bin directory, it says authentication failure. But I have created a JAAS user with Admin role.

By the way, Is just a user is enough to do this ? Or does it need Public/Private key configuration also ?

What is the usual approach for managing the remote Fuse/Karaf instance ?

Answer 1

You can find many details in the JBoss Fuse documentation (eg successor to Fuse ESB) at

• https://access.redhat.com/site/documentation/en-US/JBoss_Fuse/

And there is a chapter on remote connecting to containers here

• https://access.redhat.com/site/documentation/en-US/JBoss_Fuse/6.0/html-single/Configuring_and_Running_JBoss_Fuse/index.html#ESBRuntimeRemote

You need to pass in credentials for a user on the container that is valid and is in the admin role.

The karaf shell also has a jaas command, which allows you to list the users and their roles etc. And as well add new users, etc. You can also do some user management form the FMC web console that is part of Fuse ESB.

Answer 2

You might also want to check your IPtables http://ask.xmodulo.com/open-port-firewall-centos-rhel.html.

 - $ sudo iptables -I INPUT -p tcp -m tcp --dport 8101 -j ACCEPT
 - $ sudo service iptables save
 - $ service iptables restart

From another karaf instance you can run this command

JBossFuse:karaf@root> ssh -l username -P password -p port hostname

e.g

 - JBossFuse:karaf@root> ssh -l smx-P smx -p 8101 10.234.12.12

Answer 3

You have to make sure that the ssh role name that is defined in etc/org.apache.karaf.shell.cfg

# shRole defines the role required to access the console through ssh
#
sshRole = ssh

matches the one in etc/user.properties

#
# This file contains the users, groups, and roles.
# Each line has to be of the format:
#
# USER=PASSWORD,ROLE1,ROLE2,...
# USER=PASSWORD,_g_:GROUP,...
# _g_\:GROUP=ROLE1,ROLE2,...
#
# All users, grousp, and roles entered in this file are available after Karaf startup
# and modifiable via the JAAS command group. These users reside in a JAAS domain
# with the name "karaf".
#
karaf = karaf,_g_:admingroup
_g_\:admingroup = group,admin,manager,viewer,ssh