PCoIP Software Client Security Modes¶
The PCoIP Software Client uses certificates to verify the identity of the host to which it connects. The security mode is configured by the security_mode
setting in the Teradici PCoIP Client configuration file or by setting its value in the pre-session user interface.
Three security mode options are available:
Level | Setting value | Description |
---|---|---|
High | 2 |
Full verification is required; users cannot connect unless a certificate can be verified. |
Medium | 1 |
Warn but allow (default). If the certificate cannot be verified, warn the user, but allow them to connect. |
Low | 0 |
Always allow; verification is not required. |
PCoIP sessions are always encrypted
Your PCoIP session is still encrypted and secure if you connect with security mode 0 or 1. The red padlock icon indicates that the certificate presented by the host is not signed by a trusted certificate authority in the client’s certificate store, not that the session is insecure.
Setting the Security Mode¶
To set the security mode using the pre-session interface:
-
Disconnect any active PCoIP sessions and return to the pre-session interface.
-
Click the gear icon to open the settings window:
-
Click Advanced in the left side menu, and find Security Modes in the right panel.
-
Select the desired security mode.
To set the security mode programmatically:
-
Open
~/.config/Teradici/Teradici PCoIP Client.ini
in a text editor. -
Add a line that specifies the
security_mode
and sets the level:security_mode = <value>
...where
<value>
is the integer corresponding to the desired security level (0, 1, or 2). -
Save the file and close the editor.