Thank you Conrad for your characteristic rapid and comprehensive response!
I now see that MY logic does not match the program logic - I appreciate the explanation. Having said that, it seems rather backwards to me. I can think of all kinds of bad things happening if a rogue viewer (controller) connects to a given host, but I have a hard time picturing the same type of concern that I've connected to the wrong host.
I do understand that requiring the viewer to essentially be authenticated by the host would impact the convenience of firing up a viewer wherever the tech happened to be - but only such that the tech would need to enter the shared secret in the viewer as a default upon initial setup.
Perhaps I could add this 'shared secret VIEWER verification' option as a feature request. This way I could honestly tell clients/customers that no other RUT viewer can get to their computer. That their host would speak to ONLY MY viewer. The current implementation (and the certificate based scheme in the beta version) does not offer that assurance.
2FA brings it's own hassles into the picture and IMHO is not the great panacea that it's cracked up to be. It is, however a good OPTION to have.
Viewer 184.108.40.206 (portable) on Win7 Pro 32 SP1 Host 220.127.116.11 on Win8.1 32 and also Win7 Home Premium 32 SP1
I use the online MSI configurator to create an install file. I choose to preconfig the host. I set a password and set shared secret and set for RUT to ask permission and auto-deny. I set it to email me with info.
I get the email, I add the connection using the code and connect to my host. I verify the shared secret on both the host and the viewer (for that particular connection properties). The viewer shared secret is blank/not configured, the host has the preconfigured shared secret. It appears that the shared secret is being ignored by the host (or I'm doing something wrong).
I've repeated this using the configurator to create an Agent file and to create a One-click file. I've changed the shared secret on the host with no apparent effects. I've rebooted the host multiple times.
This is a bit of a security concern for me as I believe the purpose of the shared secret is for the host to verify it is talking to the proper (and only the proper) viewer.