Rdp security in vista

After you click OK, be sure you go back to the General tab and click Save As to save your entire profile. Otherwise, you'll have to do this whole procedure again next time. You can save it to the desktop for easy access. Now click Connect and you'll be prompted for your username and password, as shown in Figure T.

The first time you connect, you'll see the authentication warning shown in Figure U telling you that the server's certificate is not trusted yet. To rectify this situation and force it to be trusted in the future, click the View Certificate button. As you can see in Figure V , this self-signed cert generated by the Vista RDP host machine is valid for the next six months.

At this point, you'll be securely connected to the Vista RDP host, but more important, future connections to msi-p won't result in any warning signs or even password prompts. It will simply connect in a secure manner, and any warning signs must be viewed with a critical eye. If you try to connect by any name other than the one you used to originally generate the certificate in this example, it's "msi-p" , you will see a warning like the one shown in Figure AC. You'll then get another warning, like the one shown in Figure AD , that tells you there's a name mismatch and that the server name on the certificate is incorrect.

This isn't a bad thing. You can view the certificate and it will say it's for "msi-p" and that it's trusted. You're just seeing this warning because the RDP client is comparing the name on the certificate with the name of the computer you're connecting to. The sequence of steps causing this behavior is as follows:.

Answer : When a domain is not presented for the username, Remote Desktop assumes by default that a local server account will be used and the domain name is pre-filled accordingly. This was done for various reasons in Vista that are too complicated and irrelevant to go into detail here. The best workaround for this behavior is to always enter a proper domain into the credentials dialog.

From there on out, the proper domain and username will be prepopulated in the credentials dialog. Answer : This is a result of a design change. Instead of populating the credentials dialog with the last username used to connect to any server, we felt and received positive feedback that we should populate the credentials dialog with the last username used to connect to the specific server the user is connecting to. We felt this would provide a better experience.

The downside is that users connecting to various machines with the same username would now have to reenter the username once upon their first connection to a machine. From then on, the username will be pre-populated on subsequent connections.

Answer : To change the domain used in the credential dialog box show above you simply put a fully qualified domain username or UPN. To enable server authentication in a server farm, use SSL certificates that are issued by a trusted Certificate Authority and that have the farm name in the subject field. Deploy them to all servers in your farm. The SSL certificate will provide server authentication for a TS server and therefore Credential Delegation policy will allow saved credentials to be used for remote desktop connections.

Shaun Bowe. Shaun Bowe Shaun Bowe 1 1 gold badge 3 3 silver badges 9 9 bronze badges. Do you mean " Add a comment. Active Oldest Votes. I run a linux virtual machine for playing around with ruby as well as running an SSH server.

Improve this answer. Just be careful with what you "expose" to the world. As any exposure could be a security problem. You're just exposing SSH, nothing else unless there is a reason for it. Community Bot 1. Zoredache Zoredache k 39 39 gold badges silver badges bronze badges.

Too often, users of an operating system and its related services and applications go outside of the default distribution for functionality already included in the core - due to simply not knowing it exists Account lockouts annoy me 2. Auto-sign on using certificates with putty can probably be done with terminal services as well but I've never tried. All good points, but not really related to the question I was trying to answer which is 'How secure is the RDP protocol?

NOTE: I am not advocating security by obscurity!! No flames there, please. Does your linksys have any VPN capabilities you can play around with? WerkkreW WerkkreW 5, 3 3 gold badges 21 21 silver badges 31 31 bronze badges.