Encrypting Observe and Control Network Data
Although Remote Desktop sends authentication information, keystrokes, and
management commands encrypted by default, you may want additional security. You
can choose to encrypt all Observe and Control traffic, at a certain performance cost.
Encryption is done using an SSH tunnel between the participating computers. In order
to use encryption for Observe and Control tasks, the target computers must have SSH
enabled (“Remote Login” in the computer’s Sharing Preference pane). Additionally,
firewalls between the participating computers must be configured to pass traffic on
TCP port 22 (SSH well known port).
If the you are trying to control a VNC server which is not Remote Desktop, it will not
support Remote Desktop keystroke encryption. If you try to control that VNC server,
you will get a warning that the keystrokes aren’t encrypted which you will have to
acknowledge before you can control the VNC server. If you chose to encrypt all
network data, then you will not be able to control the VNC server because Remote
Desktop is not able to open the necessary SSH tunnel to the VNC server.
84
Chapter 6
Setting Up the Network and Maintaining Security
To enable Observe and Control transport encryption:
1
Choose Remote Desktop > Preferences.
2
Click the Security button.
3
In the “Controlling computers” section, select “Encrypt all network data.”