RPort
Search…
Connecting Clients
Connect client for remote management

Using the pairing service

The fastest and easiest way to connect a new client with your RPort server instance is using the pairing service.
  1. 1.
    Click on the gears icon in the top-right corner.
  2. 2.
    Click on Client Access.
  3. 3.
    Select one of the credentials and on that row click on Install Client.
  4. 4.
    Copy the command snippet of the clients' operating system to the clipboard and paste it to a bash or PowerShell console of the machine you want to connect.
  5. 5.
    Click the refresh icon on top of the client list.

Connect a Windows machine to the RPort server πŸ“½οΈ

Learn how to connect a Windows machine

Connect a Linux Machine to the RPort Server πŸ“½οΈ

Learn how to connect a Linux Client

Creating and using client credentials

How many credentials to create

By default, a fresh server installation comes with one randomly created pair of authentication id (aka username) and a password. This is good for securely connect the first client.
The client credentials can be used multiple times. Technically, it's possible to connect all client – even hundreds – with the same credentials. From a security perspective, this is not advised.
The communication is one-way. The server talks to the clients. Clients cannot dispatch any command or action to the server. And clients cannot communication with each other. If you lose a device with the RPort client installed, a potential wrongdoer can read the client credentials, but he/she cannot really harm the server or other clients.
But a deny of service attack is possible by connecting thousands of new clients until the server runs out of memory. If credentials have fallen into the wrong hands, you should delete them immediately on the server. The more clients are using the deleted credentials, the more work you have to reconnect them with new credentials.
As a rule of thumb, you should create individual credentials for all desktops pcs and laptops and systems that are used by many users. For servers that are accessible only by a small team of system administrators, you can use credentials multiple times. Bear in mind, a system administrator might leave the company and take the credentials with him.

Credentials explained: What are all these ids?

Client credentials consist of an authentication id and a password. The id acts as the username to authenticate the client on connection. You can create numbered ids, or you can use meaningful names. Any string is suitable. The authentication id is not used for the later identification of the client. The client installer script will take the unique system identifier of the operating system and inserts it into the rport.conf file. Changing the client credentials will not change the client id. On the dashboard, the authentication id does not appear because it's not relevant for the identification of a client.
Client IDs and authentifcation IDs are different. Both can be changed idependently.
The client id can be changed at any time by editing the rport.conf file. If possible, you should avoid changing the client id. Data related to the clients, for example vault data or monitoring measurements, are tied to the client id. This data gets orphaned on changing a client id.
client vs. authentication id

How is the pairing working?

cloudradar GmbH - the creators of RPort - offers a free pairing service for any RPort server instance. Using the UI, you can click on "Install Client" on the "Client Access" menu. You will get a pop-up like this with a download URL starting with https://pairing.rport.io and ending with a random string.
The web-based user interface (not the server) takes the client credentials and uploads them over an encrypted HTTPS connection to the pairing service. A unique short random token is generated. Accessing the displayed pairing URL will generate an installer script that installs and configures the client with the credentials previously uploaded. This way, new clients can be installed in less than a minute.
Is it secure? πŸ’¬
Yes. The uploaded credentials are not stored to disk on the pairing server. They remain in memory for 10 minutes. No backups are performed.

Advanced pairing options

The pairing scripts accept command line parameters to modify the installation and the later execution of the rport client.
After downloading the pairing script but before executing it type in
sudo sh rport-installer.sh -h on Linux, to display the current help message
1
Usage rport-installer.sh [OPTION(s)]
2
​
3
Options:
4
-h print this help message
5
-f force, overwriting existing files and configurations
6
-v print version
7
-t use the latest unstable version (DANGEROUS!)
8
-u uninstall the rport client and all configurations and logs
9
-x enable unrestricted command execution in rport.conf
10
-s create sudo rules to grant full root access to the rport user
11
-a Use a different user account than 'rport'. Will be created if not present.
12
​
Copied!
On Windows, type in Get-Help .\install.ps1 -full to read the help message. If you are asked if you want to update the entire PowerShell help database, answer "no".
1
PS C:\Users\Administrator\Documents> Get-Help .\install.ps1 -full
2
​
3
NAME
4
C:\Users\Administrator\Documents\install.ps1
5
​
6
SYNOPSIS
7
Installs the rport clients and connects it to the server
8
​
9
​
10
SYNTAX
11
C:\Users\Administrator\Documents\install.ps1 [-x] [-t] [<CommonParameters>]
12
​
13
​
14
DESCRIPTION
15
This script will download the latest version of the rport client,
16
create the configuration and connect to the server.
17
You can change the configuration by editing C:\Program Files\rport\rport.conf
18
Rport runs as a service with a local system account.
19
​
20
​
21
PARAMETERS
22
-x [<SwitchParameter>]
23
Enable the execution of scripts via rport.
24
​
25
Required? false
26
Position? named
27
Default value False
28
Accept pipeline input? false
29
Accept wildcard characters? false
30
​
31
-t [<SwitchParameter>]
32
Use the latest unstable development release. Dangerous!
33
​
34
Required? false
35
Position? named
36
Default value False
37
Accept pipeline input? false
38
Accept wildcard characters? false
39
​
40
<CommonParameters>
41
This cmdlet supports the common parameters: Verbose, Debug,
42
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
43
OutBuffer, PipelineVariable, and OutVariable. For more information, see
44
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
45
​
46
INPUTS
47
None. You cannot pipe objects.
48
​
49
​
50
OUTPUTS
51
System.String. Add-Extension returns success banner or a failure message.
52
​
53
​
54
-------------------------- EXAMPLE 1 --------------------------
55
​
56
PS>powershell -ExecutionPolicy Bypass -File .\rport-installer.ps1 -x
57
​
58
Install and connext with script execution enabled.
59
​
60
​
61
​
62
​
63
-------------------------- EXAMPLE 2 --------------------------
64
​
65
PS>powershell -ExecutionPolicy Bypass -File .\rport-installer.ps1
66
​
67
Install and connect with script execution disabled.
68
​
69
​
70
​
71
​
72
​
73
RELATED LINKS
74
Online help: https://kb.rport.io/connecting-clients#advanced-pairing-options
75
Copied!
Last modified 1mo ago