Showing posts from August, 2015

SSH - Home directory permission must be 755 or 700 for ssh key-based authentication to work

If you are facing the following symptom

1. Your root or some users are able to SSH with key-based authentication to remote machine
2. Some other random users are unable to SSH with key-based authentication to remote machine

You should check the permission of your home directory. Key-based authentication only work with permissions of 755 or 700

SSH is very picky on this restriction. The reason being is, SSH wants to prevent .ssh folder contents such as authorized_keys, known_hosts, etc being modified by someone other than the owner. If anyone else could modify the .ssh folder content, it potentially means that anyone could impersonate the owner.

JMS - Setting Up And Accessing A Remote Glassfish 4 and OpenMQ JMS Queue via ORB

This is a complete guide to setup JMS queue with Glassfish 4 and the setting required to access the JMS queue with a remote standalone client.

Download Glassfish
1. Download latest Glassfish at

2. Follow the instruction at the download page to install Glassfish 4. (Mainly unzip the package and run ./asadmin start-domain). To stop Glassfish server, you can run ./asadmin stop-domain

3. You may want to enable remote admin. Simply run ./asadmin enable-secure-admin

4. After installation, you can access the admin webpage with http://hostname:4848

Check ORB Configuration
Since we are using ORB (Object Request Broker) for remote JMS connectivity, we will take a look at the ORB setup in Glassfish 4.

1. Go to Configurations -> server-config -> ORB -> IIOP Listeners -> orb-listener-1

2. From the above screenshot, you can see that the default listening port is 3700 and we will need this port number for later configuration with JNDI properties.