The Security dialog allows you to choose the authorization method — i.e. specify how exactly you are going to log in to this Host from the Viewer. You can also change other security options, such as Ask user permission, IP filtering, etc.
To open the Security window:
- Right-click the Host icon in the system tray and select Settings for Host:
- Click Settings for host and select Security from the menu:
- The Security dialog will open:
Remote Utilities offers three authorization methods:
- Remote Utilities security. This is Remote Utilities own authorization system enabled by default. It consists of two subsystems which can work simultaneously (i.e. you can connect in to the same Host using either way):
- Single-password authorization. A single (master) password is used to authorize on the Host.
- Users and access control. A "username/password" pair is used to authorize on the Host. Different accounts with different access permissions can be created.
- Windows security. This is Windows authorization/authentication scheme. You can use Windows credentials to authorize on the remote Host.
- Custom server security. This method requires using a self-hosted server for authorization.
See below how to set up each authorization method.
Remote Utilities Security
The simplest authorization system used in Remote Utilities is single password security. You set one master password for a given Host with which to connect in to this Host. You do not have to use a login or username, just the password.
You are asked to create a master password during Host installation:
If you didn't create the master password during Host installation you can set or change it later:
- In the Security window click Change password:
- Set a new password and click OK:
For security reasons, there is no technical, blank or default master password. If you have Remote Utilities security selected as your authorization method but you neither set a master password nor created a user account in Users and Access Control (see below), you will NOT be able to connect to this Host. Make sure that you set your master password either when prompted during installation, or immediately after the installation.
Users and access control
Use this security subsystem if you want different people to connect in to this Host and you still don't want to use Windows authentication scheme. Each user will have their own login and password and an associated set of permissions.
To create a user:
- In the Security window, click Users and access control link:
- Click Add and enter a user name and password.
- (Optional) Enable the Ask user permission option for this user if necessary.
- Click OK. The newly-created user will appear in the user list:
- Set access permissions for the selected user. In this example the user "John" is allowed to connect to this Host using the View Only and File Transfer connection modes. Other modes will not be available for this user.
A connection mode must also be allowed in the global permission settings on the Modes tab.
- Click OK to save the settings.
Instead of using the Remote Utilities default authorization method, you can utilize existing Windows and/or Active Directory accounts to authorize on this Host.
- In the main security settings window, select the WinNT security radio button and click Permissions:
- Click Add...
- Select Windows accounts which you want to grant or deny access to the Host and click OK.
- Select an account in the list and set permissions for this account below.
- Click OK to save the settings.
Custom Server Security
For a comprehensive guide on how to set up Custom Server Security please refer to this article.
Click the Advanced button to access additional security settings.
Use the Confirmation tab to enable the Ask user permission option.
Restrict access to this Host for a specific IP address or IP address range.
- Allow everyone, except – add an IP address or range to the white list
- Deny everyone, except – add an IP address or range to the black list
- Edit – click to specify an IP address or a range
Host authority tab
In the Host authority tab you can set a shared secret that provides the means of verifying identity of the Host.
A shared secret is an alphanumeric code that you can generate on the Host and then add to the corresponding Viewer connection properties. Every time a remote session is about to start, Remote Utilities will check the shared secrets on both ends. If they are not identical, the connection will be refused.
Use the Modes tab to globally allow or deny specific connection modes when connecting to this Host.
Custom server security tab
- Use custom server security – select to enable Custom Server Security authorization method on this Host
- Servers... – add and select a server through which to authorize
- User access... – set user access permissions
Learn more about using a self-hosted server for authorization and setting up custom server security in this article.