Security

The Security dialog allows you to choose the authorization method — i.e. specify how exactly you are going to log in to this Host from the Viewer. You can also change other security options, such as Ask user permission, IP filtering, etc.

To open the Security window:

  1. Right-click the Host icon in the system tray and select Settings for Host: Host context menu
  2. Click Settings for host and select Security from the menu: Security menu
  3. The Security dialog will open: Select authorization method for the Host

Authorization methods

Remote Utilities offers three authorization methods:

  • Remote Utilities security. This is Remote Utilities own authorization system enabled by default. It consists of two subsystems which can work simultaneously (i.e. you can connect in to the same Host using either way):
    • Single-password authorization. A single (master) password is used to authorize on the Host.
    • Users and access control. A "username/password" pair is used to authorize on the Host. Different accounts with different access permissions can be created.
  • Windows security. This is Windows authorization/authentication scheme. You can use Windows credentials to authorize on the remote Host.
  • Custom server security. This method requires using a self-hosted server for authorization.

See below how to set up each authorization method.

Remote Utilities Security

Single password

The simplest authorization system used in Remote Utilities is single password security. You set one master password for a given Host with which to connect in to this Host. You do not have to use a login or username, just the password.

You are asked to create a master password during Host installation:

Host installation

If you didn't create the master password during Host installation you can set or change it later:

  1. In the Security window click Change password: Change password
  2. Set a new password and click OK: Change password

Important!

For security reasons, there is no technical, blank or default master password. If you have Remote Utilities security selected as your authorization method but you neither set a master password nor created a user account in Users and Access Control (see below), you will NOT be able to connect to this Host. Make sure that you set your master password either when prompted during installation, or immediately after the installation.

Users and access control

Use this security subsystem if you want different people to connect in to this Host and you still don't want to use Windows authentication scheme. Each user will have their own login and password and an associated set of permissions.

To create a user:

  1. In the Security window, click Users and access control link: Users and access control link
  2. Click Add and enter a user name and password. Adding new user
  3. (Optional) Enable the Ask user permission option for this user if necessary.
  4. Click OK. The newly-created user will appear in the user list: Setting permissions for new user
  5. Set access permissions for the selected user. In this example the user "John" is allowed to connect to this Host using the View Only and File Transfer connection modes. Other modes will not be available for this user.

    Important!

    A connection mode must also be allowed in the global permission settings on the Modes tab.

  6. Click OK to save the settings.

Windows Security

Instead of using the Remote Utilities default authorization method, you can utilize existing Windows and/or Active Directory accounts to authorize on this Host.

  1. In the main security settings window, select the WinNT security radio button and click Permissions: WinNT Security permissions button
  2. Click Add... Permissions for Remote Utilities
  3. Select Windows accounts which you want to grant or deny access to the Host and click OK. Select users or groups
  4. Select an account in the list and set permissions for this account below. Select an account and set permissions
  5. Click OK to save the settings.

Custom Server Security

For a comprehensive guide on how to set up Custom Server Security please refer to this article.

Advanced settings

Click the Advanced button to access additional security settings.

Advanced button

Confirmation tab

Confirmation tab

Use the Confirmation tab to enable the Ask user permission option.

IP-Filter tab

IP Filter tab

Restrict access to this Host for a specific IP address or IP address range.

  • Allow everyone, except – add an IP address or range to the white list
  • Deny everyone, except – add an IP address or range to the black list
  • Edit – click to specify an IP address or a range

Host authority tab

Host authority tab

In the Host authority tab you can set a shared secret that provides the means of verifying identity of the Host.

A shared secret is an alphanumeric code that you can generate on the Host and then add to the corresponding Viewer connection properties. Every time a remote session is about to start, Remote Utilities will check the shared secrets on both ends. If they are not identical, the connection will be refused.

Modes tab

Modes tab

Use the Modes tab to globally allow or deny specific connection modes when connecting to this Host.

Custom server security tab

CSS tab
  • Use custom server security – select to enable Custom Server Security authorization method on this Host
  • Servers... – add and select a server through which to authorize
  • User access... – set user access permissions

Learn more about using a self-hosted server for authorization and setting up custom server security in this article.