GDC and SSH prerequisites

This topic covers prerequisites and SSH connection options.

Things you should know about your system

In order to determine how to proceed, you will need the following information about your environment:

  • Is there a server-side firewall between the server and the client?
  • Is there a client-side firewall between the server and the client?
  • Is encryption needed for all your data?
  • Are you using a VPN (Virtual Private Network) or NAT (Network Address Translation)?
  • Will you need protection from inactive sessions timing out?
  • Do you have more than one server to access from outside the firewall?
  • Do you have more than one client accessing servers outside the firewall?

We recommend reading about SSH and how to configure it. We will not cover this topic in this document.

How do I make sure data is encrypted?

To ensure that your data is encrypted, select SSH or SSH2. Both offer data compression and port forwarding; the difference is SSH2 has different implementation code and a more advanced encryption algorithm than SSH.

If you are using the shortcut buttons in the Genero Desktop Client, two connections are established between the client and the server. The first connection is established from the client to the server, in order to log in and start the application. The second connection is made from the server's application to the client, in order to display the graphical data.

Use the Table 1 to determine which settings you will need.

Table 1. Data encryption selection matrix
Type of connection Command encrypted GUI encrypted
telnet NO NO
ssh X NO
ssh port forwarding X X
ssh2 X NO
ssh2 port forwarding X X

What connection method should I use?

Knowledge of your configuration will be necessary to make Genero work properly, as discussed at the start of this topic. Use Table 2 to determine which connection methods will support what you are trying to do. Currently the SSH or SSH2 with Port Forwarding provides the most flexible connectivity.

Table 2 uses the following legend:

  • 1 - Requires configuring the server side firewall router to open or forward the port used by sshd.
  • 2 - Requires configuring the client side firewall router to open or forward the port(s) used by the GDC.
  • 3 - May require changes to firewall connection timers if firewalls are involved.
  • X - Indicates full functionality with no changes.
  • NO - Not supported
Table 2. Connection method support matrix
telnet SSH SSH + Port Forwarding SSH2 SSH2 + Port Forwarding
Firewall or NAT on Server Side 1 1 1 1 1
Firewall or NAT on Client Side 2 2 X 2 X
Firewall or NAT on Both Sides 1,2 1,2 1 1,2 1
Private Network X X X X X
VPN (Same as Private Network) X X X X X
Encryption of all Data NO NO X NO X
Password/login Encrypted NO X X X X
Keep Alive NO NO X, 3 NO X, 3