- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Intel AMT Configuration => SOL/IDER/KVM => Username & Password = DISABLED
But we still can logon to the MEBX with the user admin and his password.
And we still can use the user admin and his password to logon at the WEB UI and to start a KVM connection with the RealVNC Viewer.
==> So the question, which we have is, what is the result of setting Username & Password to DISABLED?
Thanks in advance for your answers.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello - I have a slight clarification after talking to some of my colleagues.
In AMT 6.0 the "Disable" optionreally has no meaning anymore. This is because "Username and Password" in previous versions was sent in the clear. By disabling them, you would enforce the use of Kerberos. But now, AMT automatically tries digest authentication first. If that fails (like maybe the password is incorrect) it will try basic authentication (but if the password is wrong, I suspect this would fail too..) - if those methods fail then it would try kerberos. If you disable username and password, it simply skips trying the basic authentication if digest authentication doesn't work.
What I was trying to accomplish with my last post was to let you know that SOL/IDER and KVM use different forms of authentication and KVM wouldn't fail by modifying your authentication method for SOL/IDER. The RFB password only applys to port 5900 and if port 5900 is not enabled, then your KVM session is using the AMT redirection ports and the RFB password is never involved.
We found that the SDK documentation was not very clear regarding this and are working on getting it up to date. I apologize for the confusion.
Gael
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The menu option for enabling/disabling username and password determines whether the redirection interface can use a username and password to authenticate a remote SOL/IDE-R session. Disable limits the redirection interface to Kerberos authentication.
Why does KVM work? If you have enabled Port 5900, it is used for interoperability with the RFB protocol (the authentication required for KVM.) Ports 16994/16995 are used to transport RFB over Intel rediection protocol and includes various authentication modes which are supported by the Intel redirection protocol. If port 5900 is not enabled then the standard redirection ports would be used and would require either username and password to be enabled, or kerberos authentication.
Gael
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello - I have a slight clarification after talking to some of my colleagues.
In AMT 6.0 the "Disable" optionreally has no meaning anymore. This is because "Username and Password" in previous versions was sent in the clear. By disabling them, you would enforce the use of Kerberos. But now, AMT automatically tries digest authentication first. If that fails (like maybe the password is incorrect) it will try basic authentication (but if the password is wrong, I suspect this would fail too..) - if those methods fail then it would try kerberos. If you disable username and password, it simply skips trying the basic authentication if digest authentication doesn't work.
What I was trying to accomplish with my last post was to let you know that SOL/IDER and KVM use different forms of authentication and KVM wouldn't fail by modifying your authentication method for SOL/IDER. The RFB password only applys to port 5900 and if port 5900 is not enabled, then your KVM session is using the AMT redirection ports and the RFB password is never involved.
We found that the SDK documentation was not very clear regarding this and are working on getting it up to date. I apologize for the confusion.
Gael
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
>>....
... In AMT 6.0 the "Disable" optionreally has no meaning anymore. ....
........<<
1. Ok that mean's, they just forgot to remove this point from the MEBx?
2. So the poinrt:
Username & Password = ENABELED | DISABLED
will be remove from the MEBx in it's next version?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Gael

- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page