jboss security
April 27th, 2005
I had a sinking feeling my jboss instance's security this morning. After attempting to access the jmx console remotely I decided that it was time to secure my jboss instance. At the very least this involved limiting access to jboss on my network and then making sure that jmx console access required a password.
The next step on my list is once again setting up openldap and tieing it into kerberos. After that I'll need to setup jaas in jboss to auth versus openldap.
ssh security
September 17th, 2004
kasia has a nice article on setting up ssh in a reasonably secure manner. I haven't setup keys quite yet, primarily because single sign-on is already availible to me at home through kerberos (with the exception of my mac, as apple hasn't bothered to update their copy of openssh with respect to kerberos).