Community
cancel
Showing results for 
Search instead for 
Did you mean: 
mname1
Beginner
1,891 Views

how to be able to enable standard port (5900) for kvm?

Jump to solution

I'm using Manageability Commander Tool Mesh Edidion v0.1.34 ( yay for short names ), connecting to an AMT 9 machine ( HP 800 G1 ), this machine is using basic provisioning, when I connect and go to "remote desktop settings" I change "enable standard port (5900)" from disabled to enabled, but when I hit ok button this gives an error

something similar happens when I use wsmancli from a linux machine to change the same setting, it gives me an error ( now can't remember but can redo if needed )

so I'm thinking the problem is in the MEBx configuration, either I have to enable something or basic provisioning doesn't allow for this change

I can connect without problem with real vnc pro

0 Kudos
1 Solution
Dariusz_W_Intel
Employee
342 Views

Sorry - deleted my oroginal response by mistake - here is recreated answer:

Intel AMT KVM RFB Standard port (5900) requires to be protected by RFB strong password.

It is exactly 8 characters (not 7 or less neither 9 or more!).

This password has to be configured into AMT FW to allow enabling RFB Standard port (via Intel SCS, Host Based Configuration or other AMT tools).

Setting RFB Standard port password and enabling RFB Standard port requires AMT PT Administration ACL realm (AMT administrator access).

Uppon RFB Viewer app connection over RFB standard port user will be asked to provide this RFB Standard Port password -but nothing else!.

RFB Standard port access is NOT encrypted neither protected with AMT access credentials (digest /AD Kerberos) so it is not recommended to be setup/used in enterprises.

Good for POC/Small pilot but not for production environment.

rgds

darek

View solution in original post

4 Replies
mname1
Beginner
342 Views

yes the password was the problem, I was trying to write a longer one, then trying without setting a password, thinking it would use the same one as for MEB

hope there would be a AMT/vPRO for dummies

also found that vnc procotol has a 8 bytes password limit, wish I'd known that beforehand

thx for sheding light

Dariusz_W_Intel
Employee
342 Views

"hope there would be a AMT/vPRO for dummies" ...

Hmm -it is WIP - have ~50% of it ready now - have to update with Intel SCS 10 + Remote Configuration + Intel tools and ... it shall be ready before vacations (maybe middle of July).

Will post it in this community.

rgds

darek

mname1
Beginner
342 Views

looking forward to it since by then I might be starting to think about the final implementation on my organization

Dariusz_W_Intel
Employee
343 Views

Sorry - deleted my oroginal response by mistake - here is recreated answer:

Intel AMT KVM RFB Standard port (5900) requires to be protected by RFB strong password.

It is exactly 8 characters (not 7 or less neither 9 or more!).

This password has to be configured into AMT FW to allow enabling RFB Standard port (via Intel SCS, Host Based Configuration or other AMT tools).

Setting RFB Standard port password and enabling RFB Standard port requires AMT PT Administration ACL realm (AMT administrator access).

Uppon RFB Viewer app connection over RFB standard port user will be asked to provide this RFB Standard Port password -but nothing else!.

RFB Standard port access is NOT encrypted neither protected with AMT access credentials (digest /AD Kerberos) so it is not recommended to be setup/used in enterprises.

Good for POC/Small pilot but not for production environment.

rgds

darek

View solution in original post

Reply