Authentication and data transport encryption – Apple Remote Desktop User Manual

52

Chapter 2

Setting Up

To enable User Mode:

1

Make sure you are logged in as an administrator user.

2

Open Remote Desktop.

3

Choose Remote Desktop > Preferences.

4

Click the Restricted Access button.

5

Enable or disable features, as desired.

6

Close the Preference’s window.

Authentication and Data Transport Encryption

Authentication to Apple Remote Desktop clients uses an authentication method which
is based on a Diffie-Hellman Key agreement protocol that creates a shared 128-bit key.
This shared key is used to encrypt both the name and password using the Advanced
Encryption Standard (AES). The Diffie-Hellman Key agreement protocol used in ARD 2 is
very similar to the Diffie-Hellman Key agreement protocol used in personal file sharing,
with both of them using a 512-bit prime for the shared key calculation.

With Remote Desktop 2, keystrokes and mouse events are encrypted when you control
Mac OS X client computers. This information is encrypted using the Advanced
Encryption Standard (AES) with the 128-bit shared key that was derived during
authentication.

Warning:

If you are using ARD to manage computers over public networks, consider

using a virtual private network (VPN) solution to protect your information.