By default, secure shell and remote desktop sessions open a web-based browser client to connect to target systems when you select the Login action. You can set a user preference to specify the default window size for these remote sessions to adjust to different display requirements. You can also set user preferences to specify a local client application as an alternative to the default web-based browser client. If you prefer to use a local Mac or Windows-based client for remote connections, you can select the client to use. You then have the option to download the Remote Access Kit that includes a client launcher application to your local Mac or Windows computer. The Remote Access Kit client launcher enables you to start sessions using the selected client with a downloaded RDP configuration file instead of copying and pasting a command. If you download the client launcher and trust the website detected for the current cloud server, Privileged Access Service adds the host name to a list of trusted websites for launching the local Mac or Windows-based client. You can add other host names to the list of trusted websites or remove host names from the list to ensure the arguments used to invoke the local client are only passed from the secure websites that you trust. For more information about using the Remote Access Kit client launcher and a local Mac or Windows-based client to connect to target systems, seeUsing a local Windows-based client.
Note: Downloading the Remote Access Kit is optional. The Remote Access Kit client launcher only applies if you are running a client—such as PuTTY or remote Desktop Session Host (mstsc)—on a local Windows computer. You must use the client launcher to maintain the list of host name URLs for trusted websites in the registry on the computer that hosts the local Windows-based client. Using the Remote Access Kit client launcher also ensures that activity is recorded in a log file.
The computer you use to log in to Privileged Access Service must be inside the corporate network or connected to a trusted website to use the local Mac and Windows-based client.
The following diagram illustrates an overview of using a local Windows-based client for remote sessions.
For more information about ports and protocols used between components, see Review the firewall rules.
To set user preferences for remote connections
- In the Admin Portal > Settings > Resources to display the settings available for the Privileged Access Service.
- Click User Preferences.
- Set Columns and Rows to change the size of the window for secure shell sessions when using the web-based browser client.
If you want to use a local client for SSH sessions, select Use a local client for SSH sessions on this computer, then select a client such as PuTTY.
Note: The PuTTY client must be available in the PATH folder for the service to invoke the PuTTY client.
- Select a Window Size setting to change the size of the window for remote desktop sessions.
- If you want to use a local client for RDP sessions, select Use the specified local client for RDP sessions on this computer, then select a client such as Remote Desktop Connection.
Note: The use of web client may be disabled by the administrator. If administrator disabled, the option is grayed out.
(Optional) Click Download to download the Remote Access Kit, then open the downloaded file and follow the prompts displayed.
If you trust the website for the current cloud server, click Yes.
When the installation completes, select I have installed the Remote Access Kit on this computer, then click Test.
If you do not install the Remote Access Kit and you do not select the check box saying that you did, you will see a dialog box telling you how to launch the native client yourself.
For SSH, the dialog box displays the command line for launching PuTTY.
For RDP, the dialog box prompts you to download the RDP file you want to use to launch a Windows Remote Desktop Connection.
- Click Save.
To use a native secure shell client without any interaction with the Admin Portal, see Accessing remote systems.
Mac-specific user preferences
The following user preference option is available on Mac machines distinct from Windows as follows:
- There are two SSH options for the "Use a local client for SSH sessions on this computer" option in Mac:
SSH Command Line: This option works with the built-in terminal application in Mac by allowing you to copy the command and paste it into terminal.
Connection String: This option works with SSH applications such as Putty for Mac.