11.4 Displaying Security Status

11.4.1 How to Display Security Status for a Sun Ray Client
11.4.2 How to Display Security Status for All Sessions

This section shows how to display the current security status for Sun Ray Clients.

11.4.1 How to Display Security Status for a Sun Ray Client

Once a connection has been successfully established between a client and a server, you can display a client's security status by pressing Stop-N or Ctrl-Pause-N to display a security status icon and the Sun Ray Client's MAC.

For a description of OSD icons and their respective codes, see Chapter 16, Troubleshooting Icons.

11.4.2 How to Display Security Status for All Sessions

To display the security status for all sessions on a Sun Ray server, type the following command:

# utsession -p

Output similar to the following example will be displayed.

Token ID Registered Name Unix ID Disp State
Payflex.0000074500000202 ??? ??? 2 IEA
Micropayflex.000003540004545 ??? ??? 3 D

The State column displays the encrypted/authenticated state of the session, as shown in Table 11.2, “utsession State Descriptions”

Table 11.2 utsession State Descriptions

State Column Value



Encrypted session


Server is authenticated


Authenticated client with confirmed identity, including software clients with automatically confirmed keys


Authenticated clients with unconfirmed identity. Such connections might not have regular session access if the current policy requires a confirmed identity.


Clients that have successfully authenticated with an unconfirmed key, but that key is in conflict with other equally unconfirmed keys that have been used with the same client ID. Clients that have a conflicting key will not be granted session access and you need to confirm one of the known keys as authentic in order to admit the affected clients again.

For more information, see the utsession man page.


A multihead group might have clients at different firmware levels. The utsession output shows the lowest security level across the set of all clients participating in the multihead group. For example, if at least one of the clients does not support encryption or authentication, the session will be marked as not encrypted or not authenticated.