Well, sort of. If I open port 8787 in the server's firewall and run the standalone.sh script manually, yes, remote debugging over port 8787 works without any further authentication from the debugging client's side. However, when I start the server using the "Start the server" button in my local JBoss Tools, my custom startup options in the remote standalone.conf file get ignored, so the JBoss isn't started in debug mode.
This leaves me with two questions:
1. Which run configuration gets applied when you start a JBoss AS remotely over SSH from local JBoss Tools?
2. Is there a secured way to debug the remote server, like over SSH or HTTPS or at least protected by username and password?