Porteus Kiosk Server is built on top of the standard Porteus Kiosk operating system. The main purpose of the system is to allow access and performance management tasks on the kiosk clients even if they are placed behind a NAT, proxy or firewall.
Porteus Kiosk Server is different compared to the standard kiosk ISO in the following aspects:
Administration Panel is launched during system startup instead of the browser
Bottom panel is availble
For doubled security ISO customizations are not allowed
Porteus Kiosk Server variant "Premium" has automatic updates enabled by default and requires installation on writable media
Once the server and clients are up and running, an SSL tunnel is created between them to allow communication throug the SSH and VNC protocols.
The following requirements must be met for the server to work:
The server must be installed on the network in a location which is accessible by the clients
SSL tunnelling daemon listens on port 443 so incoming connections on this port must be allowed in your router/firewall configuration
If server is installed on the virtualization platform like VMware, Hyper-V, VirtualBox, QEMU then at least 512MB of RAM and 32MB of video memory should be allocated to the virtual machine. You can setup desired screen resolution in the Server wizard during installation.
Porteus Kiosk Server version "Premium" must be able to access porteus-kiosk.org domain on ports 80 and 443 in order to receive updates. Please make sure that your firewall is not blocking it.
The following requirements must be met on the client's side:
The kiosk clients must be installed with support for Porteus Kiosk Server enabled in the wizard. kiosk_server and client_id parameters must be present in the kiosk config. Client ID must be unique for each kiosk.
Download Porteus Kiosk Server installation ISO from our download page
Boot the system and follow the wizard to setup an internet connection, choose a preferred browser and select the server variant you would like to install. If you select version "Premium" then send Server ID number to firstname.lastname@example.org in order to get the server activated.
When the server is up and running, configure the kiosk clients with support for Porteus Kiosk Server. Make sure that the kiosk_server and client_id parameters are present in the kiosk config and ssh/vnc access to the client is enabled.
NOTE: if you use remote management with nested configurations enabled then kiosk_server parameter should be placed in the GLOBAL section of your remote config while client_id must be placed in the PCID sections and be unique per kiosk. Sample config can be found here.
Once all kiosk clients are booted you can update the clients list in the Administration Panel and start performing monitoring or management tasks.
Porteus Kiosk Server is offered in two versions: "Basic" and "Premium". Variant "Basic" is available for free while variant "Premium" requires a paid subscription. The Administration Panel included in the each system version supports a different number of functions depending on the version that was selected during the installation:
Number of supported clients
Monitor which kiosks are online
Display client details: browser/kernel version, IP address, hostname, other
1) Before you buy the subscription for the "Premium" version of the product you are obliged to try "Basic" version (available free of cost) and ensure that kiosk clients are able to connect to the server. If connection issues occurs please contact email@example.com so we could try to resolve them.
2) You are entitled to a 30 days free trial of the "Premium" version of the product. Please contact with firstname.lastname@example.org in order to activate the trial.
3) In order to use "Premium" version of the product you must deliver the Server ID number to our sales department at email@example.com. Server ID is displayed in the wizard during system installation.
4) You can pay the "Premium" version of the product subscription fee through the PayPal or wire transfer. Payment details are included in the invoice which we will send to you.
5) Your server will be activated in our database within 24 hours after receiving the Server ID number. During the next boot the system will upgrade automatically and receive full functionality listed in the product comparison table.
6) The server subscription is valid for 12 months. Renewal notice is sent to your email address 30 days before the subscription expires.
7) If you want to cancel the subscription and return to the "Basic" version of the product then you need to query firstname.lastname@example.org and the remaining part of the money will be returned to your account.
8) You will be reminded about the possibility of extending the subscription for another year 30 days before the subscription ceases.
9) Software and hardware related help will be provided without additional charge during the whole subscription period.
10) You have the possibility of moving the subscription from one server to another in case of e.g. hardware failure. Just send us the Server ID which should be deactivated and the new one which should be activated in our database.>
If you expercience problems with conencting clients to the Server then please do as follows:
1) Make sure that kiosk client was configured with following parameters enabled (sample values used below). These parameters are required to make connection to the Server:
2) Type Server address (value of the kiosk_server= parameter with 'https://' prefix added) in the browser URL bar of the client:
Press enter and check if you can connect to the Server. If browser returns 'Secure connection failed' message then everything is OK. Sample error message:
In the Server logs you should see following entry:
Apr 11 08:26:35 [stunnel] LOG3: SSL_accept: 140890C7: error:140890C7:SSL routines:ssl3_get_client_certificate:peer did not return a certificate
which indicates that browser did not have a valid certificate to be able to connect to the stunnel (this is expected).
If you receive 'Unable to connect' message then it's your network or firewall configuration fault. Please remember that client must be able to access the Server the same way it's accessing the homepage.
3) Press 'Refresh list' in the Administration Panel of the Server to check if client connected succesfully.
If kiosk client is in version 4.1 or above then it will automatically send its system logs in severity warning or above to the Server. This is useful for proactive support and gives you a chance to take an action before critical condition occurs.
Client logs are stored on the Server side in /var/log/remote.log file which is persistent across Server reboots but gets rotated once it reaches 1MB in size. Administration Panel allows to view full client log, filter client logs by specific string (e.g. client ID) or delete all client logs. If the 'Client Logs' tab in the Administration Panel remains empty then you can be almost sure that your kiosks work without problems.
Please do as follows to check if logging of the client events works correctly:
a) open SSH connection to the client
b) generate logging event with following command:
logger -p local2.warning Please help - im having troubles
c) check if the log you just generated got recorded in 'Client logs' tab of the Administration Panel
If you enter following command on the client side:
logger -p local2.notice Please help - i'm having troubles
then your message will get into system log of the client (/var/log/messages) but will never be transported on the Server as its severity level is below 'warning'.
Clients in version 4.1 can be configured to download its configuration file directly from Porteus Kiosk Server. This is useful if you want to avoid using 3rd party web hosting service. Please follow remote management document for more informations about this feaute.
Kiosk configurations which are stored on web hosting service must be saved in a plain text so its possible to edit them easily. This requirement may bring security concerns which is addressed by Porteus Kiosk Server. Configurations stored on our Server are encrypted by default and should be added, modified and deleted using Administration Panel only. Config files are downloaded by the clients through secure SSL/SSH tunnels so should never be captured and malformed by an attacker.
Setup procedure is very similar to remote management with configs stored on web server. Changes are bolded below:
a) boot Porteus Kiosk installation ISO on the target PC
b) setup network then select 'Launch wizard to create new configuration' on the initial wizard screen
b) enable 'Remote kiosk management' in the wizard options and provide name of the config which will be stored on the Server. Following format is required: server://config_name
NOTE: 'server://' part is a text string indicating connection type and cant be replaced with your Server IP or domain.
c) select other kiosk options as you like
d) on the final configuration page in the wizard take a copy the config and send it to your email address or save on removable media
e)add your saved config in the 'Remote Management' tab of the Administration Panel on the Server. Preserve name of the config which was provided in the wizard.
f) install kiosk and check that it's able to download the config from the Server during first boot
Configuration of additional kiosks:
a) boot Porteus Kiosk on the target PC
b) setup the network then select 'Point kiosk to existing remote configuration' on the initial wizard screen and provide name of the config which is stored already on Porteus Kiosk Server, example: server://group1.txt
Clients in version above 4.1 can be configured to download files directly from Porteus Kiosk Server. You need to add the files to the Server using Administration Panel and then configure the clients using server:// string instead of traditional http(s):// or ftp://.
Currently supported parameters are listed below:
Please mind that video file used for the 'screensaver_video=' parameter is an exception and cant be hosted on the Server.
If you get into troubles with configs or files stored on the Server then please contact email@example.com for assistance.