Versions Compared

Old Version 50

changes.mady.by.user Emily Seage

Saved on

compared with

New Version Current

changes.mady.by.user Matt Denninghoff

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

You can download the PC Command Listener and the PC Command Launcher directly by using the links below:

...

Code Block
msiexec /quiet /package pccommand-listener-setup.msi CONFIG={\"notifications\":false,\"port\":8100}

PC Command Listener Logging

By default, PC Command Listener does not log any information regarding the commands it receives. As of Launcher version 1.0.10, the Listener can be configured to log the commands received. Logging can be enabled via the Listener's System Tray context menu under "Configure...".

...

Code Block
%APPDATA%\Profound UI\pccommand-listener-log.txt

Configuring the Server for the PC Command Listener

In the latest versions of Profound UI set the configuration option, PC Command Mode, to the Listener; e.g. pui["pc command mode"] = 2;

...

With all versions, optionally pui["pc listener port"] must be set in order to use the Listener, depending on which TCP port your Profound UI instance expects the listener on. Options to configure the PC Command Listener are also provided in the Genie Administrator. If specified, these will take precedence.

...

PC Command Listener on HTTPS (SSL) Servers

To enable a Rich Display session running on HTTPS to send commands to the Listener, the configuration optionPC Command Mode must be set to the listener mode 2 (e.g. pui["pc command mode"] = 2). Genie automatically detects when the site is using HTTPS, so that option isn't necessary for Genie.

...

  • "public key"

    • "" – (default) A blank string. The Listener does not attempt to verify command signatures. Any command sent to it is run.

    • "local" – The listener attempts to find a file named "pccmd-pub.pem" in the %ALLUSERSPROFILE%\Profound UI\ or %APPDATA%\Profound UI\ directories.

      • If the file does not exist, then the Listener will reject the command.

      • The user/admin is responsible for obtaining the public key and storing it in the correct location on each end user's PC.

    • A public key in PEM form, formatted to fit in a JSON string.

      • e.g. "-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQ ... AwEAAQ==\n-----END PUBLIC KEY-----\n"

      • The key string can be distributed via the "CONFIG" parameter for the MSI installation (see section on installation above).

      A URL pointing to a file where the public key can be downloaded.

      • e.g. "http://yourServer:8080/profoundui/pccmd-pub.pem"image-20240829-191524.pngImage Added

      • Example Config:

      • Code Block
        languagejson
        {"port": "8082", "public key": "-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQ ... AwEAAQ==\n-----END PUBLIC KEY-----\n", "verify algorithm":""}

      • The key string can be distributed via the "CONFIG" parameter for the MSI installation (see section on installation above).

    • A URL pointing to a file where the public key can be downloaded.

      • e.g. "http://yourServer:8080/profoundui/pccmd-pub.pem"

        • Limitations as of PC Command Listener version 1.1.1 to be addressed in future versions:

          • responses from an HTTP server using self-signed certificates are not supported. Instead of using the URL option when the public key is on such a web server, include the public key text inside of the listener-conf.json file (or paste the PEM data inside of the dialog for the PC Command Listener Config as shown above).

          • HTTP redirect headers are not followed.

      • When it starts, the PC Command Listener downloads the key file from that URL and keeps it in memory.This is the easiest public key distribution approach.

      • The key file is not cached, allowing system administrators to generate new keys periodically if desired. (Though, note that guessing a private key using many bits, such as 4096, would take billions of years using current computing technology.)

      • The configuration value can be set via the "CONFIG" parameter for the MSI installation (see section on installation above).

  • "verify algorithm" – When public keys are used, then the this option specifies an algorithm to use as part of verifying the signature. Not only must the private and public keys match, the hashing algorithm used to verify a signature must be the same algorithm used to generate the signature. Few people will need to change the algorithm. Typically, older algorithms are less secure.

    • "" – (default) a blank string. In this case, the algorithm used is SHA-512 ("sha512").

    • Other options that can be specified: "sha512", "sha384", "sha256", "sha224", "sha1", "md5"

...