JConsole over ssh local port forwarding

There's an even nicer way to do this using an SSH socks tunnel, since JConsole supports SOCKS:

Create the SSH socks proxy locally on some free port (e.g. 7777):

ssh -fN -D 7777 user@firewalled-host
Run JConsole by specifying the SOCKS proxy (e.g. localhost:7777) and the address for the JMX server (e.g. localhost:2147)

jconsole -J-DsocksProxyHost=localhost -J-DsocksProxyPort=7777 service:jmx:rmi:///jndi/rmi://localhost:2147/jmxrmi -J-DsocksNonProxyHosts=

As mentioned in one of the answers below, from JDK 8u60+ you also need to have the -J-DsocksNonProxyHosts= option in order to get it working.

With almost all current JDK versions (7u25 or later) it's now possible to use JConsole and Visual JVM over SSH quite easily (because now you can bind JMX to single port).

I use the following JVM parameters

-Dcom.sun.management.jmxremote.port=8090
-Dcom.sun.management.jmxremote.rmi.port=8090
-Djava.rmi.server.hostname=127.0.0.1
-Dcom.sun.management.jmxremote.authenticate=false
-Dcom.sun.management.jmxremote.ssl=false

Then I launch SSH connection

ssh my.javaserver.domain -L 8090:127.0.0.1:8090

After I can connect from JConsole

Remote Process: -> localhost:8090

And Java Visual VM

Right Click on Local -> Add JMX Connection -> localhost:8090

JConsole over ssh local port forwarding

Tags:

Java

Ssh

Jmx

Related

Recent Posts