| Read this topic to... |
|---|
|
In minimal Tarantella installations, information is not encrypted when transmitted between a client device and Tarantella server. Passwords are encoded to deter casual eavesdroppers. These connections are called standard connections.
Where higher security is required (for example, if you want to access Tarantella from outside a firewall) we recommend you use the Tarantella Security Pack. A Tarantella server with the Tarantella Security Pack installed can provide secure connections (which are based on SSL, the Secure Sockets Layer), in addition to standard connections. Secure connections have these benefits:
| Benefit | Description |
|---|---|
| No eavesdropping | SSL encrypts all information before transmission. |
| No tampering | SSL can check that a message hasn't changed between the client device and the Tarantella server. |
| No message forgery | SSL requires that the server prove its identity to client devices before communication can take place, and also guards against replay attacks. |
You install the Tarantella Security Pack after installing Tarantella on a host. The Tarantella Security Pack is licensed separately. You can install the Tarantella Security Pack on all array members, or a subset.
We also recommend that you use a secure (HTTPS) web server on all Tarantella hosts. This ensures all web pages that users see are encrypted. Using a secure web server does not encrypt Tarantella-related information, such as key presses or display updates.
For best results, you should use both a secure web server and the Tarantella Security Pack.