Temporarily Disabling RDP Key Logging
The RDP Session Key-Logger logs all key motions in clear text. Critical information like passwords is recorded when users enter them. Admins can configure two properties from the System Configuration Manager page to define a shortcut keyboard button and the number of keys not to be logged. To obscure certain data, follow these steps:
- Navigate to Administration > System Config Man.
- Set the nsso.remote.desktop.key.logger.hidden.key.limit parameter with the required key limit
- Set the nsso.remote.desktop.key.logger.key.hiding parameter with the key to be used to obscure certain data
When users press the defined key twice in 500 milliseconds, keys pressed after that are not logged up to the defined hidden key limit. The number of pressed keys that will not be logged is defined with the nsso.remote.desktop.key.logger.hidden.key.limit property. The shortcut button for users can be configured with the nsso.remote.desktop.key.logger.key.hiding property. The parameter set with this property can be used to activate keylogging in RDP connections.
The default shortcut key is ESC. Potential keys that can be set up in System Config Man.:
[Alt] | [F10] | [F8] | [Print] |
---|---|---|---|
[Begin] | [F11] | [F9] | [Right] |
[Break] | [F12] | [Home] | [Scroll_Lock] |
[Ctrl] | [F2] | [Insert] | [Shift] |
[Delete] | [F3] | [Left] | [Shift_Lock] |
[Down] | [F4] | [Num_Lock] | [Tab] |
[End] | [F5] | [Page_Down] | [Up] |
[Escape] | [F6] | [Page_Up] | |
[F1] | [F7] | [Pause] | |
If nsso.remote.desktop.key.logger.hidden.key.limit is not defined manually in the System Config Man., the default hidden key limit is 15 keys.
When key logging is disabled for a certain time in an RDP session, it shows in the logs as illustrated in this figure:
To disable the key log hiding feature on certain user groups:
- Navigate to Policy Control > Portal Functions.
- Open the Function Group Definition tab.
- Enter the Function Group Name then select the Function as “single.connect.rdp.disallow.hiding.keys”.
- Click Save.
- Open the Realm Definition tab.
- Configure the realm for the user group, as well as the disallow hiding key function.