Filter
Top Products
Single port PS2 KVM over IP
Figure 5.8: Security settings
Parameter Description
Force HTTPS If this option is enabled access to the web front-end is only possible using
an HTTPS connection. PS/2 KVM over IP switch won’t listen on the
HTTP port for incoming connections. In case you want to create your own
SSL certificate that is used to identify this PS/2 KVM over IP switch refer
to Section 5.4.1.1.
KVM encryption This option controls the encryption of the RFB protocol, the protocol used
by the Remote Console to transmit the screen data to the administrator
machine and keyboard and mouse data back to the host.
If set to ‘Off’ no encryption will be used.
If set to ‘Try’ the applet tries to make an encrypted connection. In case
connection establishment fails for any reason an unencrypted connection
will be used.
If set to ‘Force’ the applet tries to make an encrypted connection. An error
will be reported in case connection establishment fails.
Table 5.3: Security parameters
5.4.1.1 SSL Certificate Management
PS/2 KVM over IP switch uses the SSL protocol for any encrypted network traffic between itself
and a connected client. During connection establishment, PS/2 KVM over IP switch has to
expose its identity to a client using a cryptographic certificate. Upon delivery, this certificate is the
same for all PS/2 KVM over IP switches ever produced and certainly won’t match the network
configurations that will be applied to the devices by its user. The certificate’s underlying secrete
(private) key is also used for securing the SSL handshake. Hence, this is a security risk (but far
better than no encryption at all).
However, it is possible to generate and install a new certificate that is unique for a particular
device. In order to do that, PS/2 KVM over IP switch is able to generate a new cryptographic key
and the associated so called Certificate Signing Request that needs to be certified by a so called
certification authority (CA). A certification authority verifies that you are who you claim you are
and signs and issues a SSL certificate to you.
The following steps are necessary to create and install a PS/2 KVM over IP switch SSL
certificate:
1. Create a SSL Certificate Signing Request using the panel shown in Figure 5.9 (Security
Settings -> SSL Settings -> Create your own SSL certificate). You need to fill out a number of
fields that are explained above. Once this is done, click ‘Create CSR’ which will initiate the