 |  |  |  |  |
| | | | |
 |  |
When you start the FUSE ESB runtime in its default mode or in server mode, it enables a remote console that can be accessed from any other FUSE ESB console. The remote console provides all of the functionality of the local console and allows a remote user complete control over the container and the services running inside of it.
![[Note]](imagesdb/note.gif) | Note |
|---|---|
When run in client mode the FUSE ESB runtime disables the remote console. |
By default, the remote console is configured to use minimal security. When you attempt to connect to a remote FUSE ESB runtime, it will ask you for a username and a password. It does not, however, authenticate the values provided.
You can configure the remote console to use more stringent security. You can also configure the console to use a different port and SSL if required.
There are two basic ways of managing of remote instances of the FUSE ESB runtime.
create them as children of a parent runtime and mange the children using the admin shell
deploy them as separate installations and access each instance using the remote shell
If you are running multiple instances of the FUSE ESB runtime on the same host or if you want to use SSL to access the remote console, you will need to change the address at which the runtime exposes its remote console. You control the address using the remoteShellLocation property. This property is stored in the InstallDir/etc/org.apache.servicemix.shell.cfg configuration file.
Example 2.1 shows a sample configuration that changes the port used to 8102.
Te easiest way to secure the remote console is to force it to use a secure communication channel over SSL. To do this you can change the remote console's address to use the ssl:// URL prefix to specify the address as shown in Example 2.2.
The remote console uses the RshServer realm for authenticating users. The default implementation is a dummy that should be overridden by supplying a JAAS configuration file similar to the one shown in Example 2.3.
Example 2.3. Configuring the Remote Console's Security Realm
<jaas:config id="RshServer" xmlns:jaas="http://servicemix.apache.org/jaas">
<jaas:module className="org.foo.SimpleLoginModule" flags="required">
property1=joe
property2=fred
</jaas:module>
</jaas:config>For more information on configuring security realms see ....
You can also supply your own keystores and truststores by adding the following to the InstallDir/etc/org.apache.servicemix.shell.cfg configuration file.
Example 2.4. Keystore and Truststore Properties
clientKeyAlias=servicemixAliasclientKeystore=RshKeystoreclientTruststore=RshTruststoreserverKeyAlias=servicemixAliasserverKeystore=RshKeystoreserverTruststore=RshTruststore
| |  | |
 |
