There is a Client32u.ini (or Client32.ini for pre-v12.50 Clients) setting to activate a higher level of encryption for the Client security key. This method uses DES encryption to protect the key and has been added as a security weakness within the Client32 file was discovered.
The setting for the higher level of security is manual and cannot be set using the NetSupport Configurator. Once this new setting is added, the security key needs to be reset before the higher level of encryption is used.
This change only affects the Client and no changes are required at the Control/Tutor to connect to a Client using the higher level of encryption as the Control/Tutor uses a different algorithm to encrypt the security key.
To apply the higher level of encryption
- Open the client32u.ini file located in your NetSupport installation folder and set the security key mode:
- You will now have to re-checksum the Client32u.ini file using the utility CKSINI.EXE – For more information on how to do this, please click here.
- Open the NetSupport Client/Student Configurator and edit the existing security key or add a new key.
- In the client32u.ini, you will see the security key has been added:
To edit the security key when using a higher level of encryption
Once the Client has a higher level of encryption set, the NetSupport Configurator can be used to set or change the Client security key. All values will be stored in the Client32u.ini file using DES encryption.
Resetting the Client to use the default encryption for the security key
- In the Client32u.ini set skmode = 0, this means all keys entered in the Configurator will use the old encryption.
- Remove SecurityKey2=dgAABuDwSi)Am(Kxt4RRXj(7)twA
- Reapply the checksum with CKSINI.exe.
- Set the security key within the Configurator.