System parameters - Remote Session
- 7 minutes to read
- Print
- DarkLight
- PDF
System parameters - Remote Session
- 7 minutes to read
- Print
- DarkLight
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
This document contains detailed information about the System parameters page, where you can configure the features from your remote session (proxy).
Info
Because it is a screen with several controls of various functionalities, we'll list here only the controls that reflect the proxy.
Warning
Some features in older versions of senhasegura are no longer present in this document. We suggest that you avoid changing parameters that are not in this document.
Path to access
- On senhasegura, in the upper left corner, click Grid Menu, represented by the nine squares icon, and then select Settings.
- In the side menu, select System parameters > System parameters.
Warning
All fields are set with a default value, as recommended by senhasegura. However, you can customize your session according to your needs.
Remote session tab
General section
Important
The Enable file transfer parameter underwent a beta update and was divided into two parameters: Enable file transfer for download and Enable file transfer for upload. Currently, If you select Yes for either of these parameters, both download and upload functions will be enabled. To completely deactivate file transfer, select No for both parameters.
| Item | Description |
|---|---|
| Enable file transfer for download?* | Enables file transfers between the target device and source workstation. Default option: Yes. |
| Enable file transfer for upload?* | Enables file transfers between the source workstation and the target device. Default option: Yes. |
| Enable Ctrl+Alt+Del?* | Allows the operator user to access the device's advanced controls in graphical RDP sessions by using the crtl+alt+del key combination. Default option: Yes. |
| Enable copy and paste?* | Enables the permission to copy and paste from the clipboard to the target device and vice versa. Default option: Yes. |
| Enable use of personal credentials?* | Enables the user to start remote sessions using personal credentials. Default option: No. |
| Enable triggers for files transfers?* | Enables the permission to have an evaluation by external plugins in file transfer. The demand for these plugins should be forwarded to our Commercial team. Default option: No. |
| Convert /r/n to /n on SSH sessions when using the browser?* | Determines whether the standard Microsoft®Windows end-of-line characters (\r\n) will be replaced for Unix format (\r) when copying and pasting text in senhasegura Web Proxy sessions with SSH protocol. Default option: No. |
| Enable download for local access?* | Determines if the RDP file extension or the BAT file running PuTTY1 can be generated by senhasegura and downloaded by user operators facilitating access to a credential. Default option: No. |
| PuTTY installation path* | The path where the PuTTY binary will be found in operators' workstations. |
| Users can change PuTTY installation directory?* | Allows user operators to change the binary location directory when downloading. Users can choose a new location from the user preferences menu if enabled. Default option: No. |
| senhasegura server IPv6 interface* | senhasegura Server IPv6 network interface name. Default option: eth0. |
| Color depth | Allows the user to choose a color depth between 8 and 32 bits range for VNC HTTP sessions, according to the desired performance. Default option: 16 bits. |
| RDP drive letter* | A letter that represents the created remote disk unit. Users can chose among the D and Z letters range. Default option: G. |
| Connection banner | A message presented to the user when starting a proxy session. |
At SSH Proxy section
| Item | Description |
|---|---|
| Enable SUDO automation in Linux sessions?* | Enables the use of the SUDO command by the user to automate the process of privilege elevation. Default option: Yes. |
| SSH terminal type* | Indicates the terminal type that will be used in SSH and Telnet sessions. Default option: Linux. |
At RDP Proxy section
| Item | Description |
|---|---|
| Ignore certificate errors?* | Indicates whether invalid certificates on RDP connections should be ignored. Default option: Yes. |
| Enable RAIL over RDP?* | Enables the Rails over RDP Microsoft® technology. If enabled, the RemoteApp connection will improve the usability. Default option: No. |
| Enable wallpaper in RDP sessions?* | Determines whether the RDP session wallpaper will be presented during the session. Default option: No. |
| Include hostname in local login in RDP sessions?* | The system includes the machine’s hostname to log in. Default option: No. |
At Record section
| Item | Description |
|---|---|
| Indexing session texts?* | Indicates whether session texts should be indexed. This parameter should be used with the following two others. Default option: No. |
| Enable input text index import?* | Determines if the operator user's input texts should be indexed. Therefore, it regulates whether any written material, including text placed into mask fields, is allowed. Default option: No. |
| Enable output text index import?* | Determines whether output texts presented on screen to the user should be indexed. It’s worth remembering that the text typed by the user will also be recorded if it’s an output. Default option: No. |
| Enable user input recording?* | This attribute, unlike the text indexing settings, indicates whether the entries will be recorded separately in the session and will not be visible in the report that aggregates all the texts from all the sessions. Default option: Yes. |
| Enable session recording?* | Determines whether the session video will be recorded. This video is an optimized binary copy of the protocol that has been carried over. Make sure to distinguish with the exported MP4 file. Default option: Yes. |
| Enable RemoteApp in session?* | Enables recording sessions that use RemoteApp. Default option: Yes. |
| Enable session purge?* | Determines whether the platform should automatically discard videos of sessions that have reached a specific expiration date. Default option: No. |
| Days for purge* | Indicates how many days the video should be kept. Can be 0 until 1000 days. Default option: 90 days. |
| Number of simultaneous user sessions (zero indicates unlimited)* | Indicates how many simultaneous proxy sessions a user can execute. Can be 0 until 99. Default option: 0 (unlimited). |
| Web session image quality* | Indicates the quality level of the image for web sessions. Can be 10 until 100. Default option: 100. |
| Number of video frames (fps)* | Indicates the frame video amount and set the fps for video record in sessions. Can be 2 to 24 fps. Default option: 15 fps. |
| Keyboard Layout* | Indicates which keyboard layout will be used during the session. Choose among one of the 21 available options. |
| Web session image type* | Indicates the image type in the web session. It’s possible to choose between PNG or JPEG. Default option: PNG. |
| Enable livestream in real time?* | Allows the administrator to do livestream monitoring on the proxy session. Default option: Yes. |
| Session text language (OCR)* | Indicates which language will be used during the session. Choose among one of the 15 available options. |
| Enable approval for session videos?* | Indicates if it's necessary an approval process for session videos before access. Default option: No. |
| Enable the download of the session video?* | Only users with the proper permissions can request the video session download if this parameter is enabled. Default option: No. |
Security tab
| Item | Description |
|---|---|
| Force multi-factor authentication to view password?* | Forces the multifactor authentication to view a password. Default option: No. |
| Time between token requirement for custody (minutes) | Defines the time interval in which tokens must be requested for password display. It can be 0 until 60 minutes. Default option: 5 minutes. |
| Ignore the 'Trust this computer' option to view password?* | Indicates if the checkbox displayed when logging into the senhasegura environment should be disregarded for examining passwords. Default option: No. |
| Force multi-factor authentication to start a session?* | Forces the user to use the 2FA token to start proxy sessions. Default option: No. |
| Time between token requirement for sessions (minutes) | Defines the time interval in which tokens must be requested to perform a session. Choose from 0 to 60 minutes. Default option: 5 minutes. |
| Ignore the 'Trust this computer' option to start a session?* | Indicates whether the checkbox displayed when logging into the senhasegura environment should be disregarded for examining passwords. Default option: No. |
| Force secure connection (SSL) on password change executions?* | Forces the use of a secure connection during the password change. Default option: Yes. |
| Enable password change after session opening?* | Determines whether senhasegura will change the password right after the proxy session starts. Default option: No. |
| Force certificate authentication for the RDP Proxy?* | Forces a session to be authenticated by a digital certificate when connecting through RDP Proxy. Default option: No. |
| Force certificate authentication for the SSH/Telnet Proxy?* | Forces a session to be authenticated by a digital certificate when connecting through SSH/Telnet Proxy. Default option: No. |
| RDP safe mode* | Indicates the security level of target RDP connections. Can be Automatic, RDP, NLA, or TLS. By default, Automatic is set. With this setting, the client and server will determine the level of security. Since it functions as a bridge, the client in this scenario is the senhasegura platform. To adjust the security level of incoming connections to senhasegura, refer to the RDP Proxy documents. |
| Session idle time* | Defines the idle session duration that will trigger an automatic disconnection. You can select a duration between Minutes, Hours, and Days. The number can be 0 to 60. Default option: 1 day. |
| Enable IP filters with permission to start session | Enables a filter based on the IP address that controls the IP address that has permission to start proxy sessions. Default option: deactivate. |
| Allowed IPs to start session | If Enable IP filters with permission to start session is active, you can determine a list of IPs, individual or at intervals, that will be allowed to start a proxy session. Default option: empty. |
At Encryption section
Info
Note that you must select an HSM device, only if you set the Encryption mode* to HSM.
| Item | Description |
|---|---|
| Encryption mode* | Indicates if the encryption mode will be Default or HSM. Default option: Default. |
| Select an HSM | Selects the hardware device used to manage the encryption keys. |
Was this article helpful?
