Intel AMT / vPro KVM without proprietary RealVNC Viewer Plus

Note: be sure your PC is behind an external hardware firewall before making these changes! This is not for directly internet-connected remote PCs.

Note: if you already have PCs in the field without these changes, you can change the settings remotely–but as always, exercise great care, as a wrong checkbox hit can necessitate a physical field trip to the PC to correct!

  1. Download the free, open-source Intel Open Manageability Toolkit to your local (home office) PC and install it on your home office PC
  2. Open the “Manageability Commander Tool” and click File > Add > Add Intel AMT computer and type the IP address and vPro username (typically “admin”) and password (you will have had to have set this up previously)
  3. Click the little plus sign by Network and click on your AMT PC’s name–then in the Connection tab, click Connect. This will take about 5-10 seconds to connect–if UNsuccessful, the button will fall back to saying Connect. If successful, the button will change to say Disconnect.
  4. Go to the Remote Control tab and wait about 10 seconds for the “remote desktop” items to change from “unknown” to the actual state. If Remote Desktop Settings is “Disabled”, click the little box to its right to open a new window. Change the settings to look as follows–note, for Strong Password, it must be exactly 8 characters, including at least one number, one symbol, and one capital letter. (actually that’s a pretty weak password, but it’s Intel’s program.)
  5. Click OK and then go back to the Connection tab and click Disconnect. Don’t mess around with any of the other settings unless you know exactly what you’re doing and are willing to drive out to the remote PC to fix it if you mess something up!  Close the Manageability Commander program.
  6. Now you should be able to connect using a standard VNC program. You’ll notice I used “localhost” since I SSH into the remote PC first–DO NOT expose this VNC port 5900 to the internet or you are likely to get hacked!
Intel AMT configuration screen
Intel AMT configuration screen.

If you use a Windows PC to connect, note that you can use Cygwin at one or both ends to create an SSH server and/or client necessary for secure port forwarding. Please use SSH public key authentication as it is much more secure than keyboard passwords.

Tags:

Categories:

Updated:

Leave a Comment