 |
 |
Strong Auth Index Page | Presentation Outline
|
||||||
Connecting to Remote Machines over the Network:
When do you need an encrypted connection?To comply with policy, you only strictly need an encrypted network connection when you type your Kerberos password. And to further comply with policy, you should type your Kerberos password over the network extremely rarely, if at all!
How do you verify that your connection is encrypted?
Helpful hint: look for the locked lock symbol at the bottom of your session window to ensure the connection is encrypted!
With WRQ® telnet client
WRQ ® Reflection Security Components v8.0.0 supports ticket forwarding to the remote host, so you may not need an encrypted connection ).
To enable encryption, make sure that the WRQ ® Reflection software is configured as described in section 19.8 Configuring WRQ® Reflection telnet Connections.
If you've installed WRQ® Reflection X you can opt to connect to a host directly from the X Client Manager window, but it does not provide encrypted connections. If you will need credentials on the host, go through a normal telnet connection. Do not kinit from an X window!
With MIT Kerberos and Exceed 7.0 telnet client
Exceed also supports ticket forwarding to the remote host, so you may not need an encrypted connection.
To enable encryption, configure your Kerberized Exceed 7.0 telnet connections as described in section 21.5.1 Create a new Telnet Profile for Kerberized Host at http://www.fnal.gov/docs/strongauth/html/winexceed7.html#58089, in particular steps 4b and 4c.
With ssh
This will vary depending on the ssh client. Verify your client configuration to make sure it initiates encrypted sessions.
Connecting over a CRYPTOCard ssh Session
Verify your ssh client configuration to make sure it initiates encrypted sessions. This will vary depending on the ssh client.
Connecting over a CRYPTOCard telnet Session
|
|||||
| Strong Auth Index Page | Presentation Outline | |||||
