Kasm Windows Service

Kasm Windows Service is a Windows service that provides additional capabilities to users that are connected to the desktop through Kasm Workspaces:

Upload files to the remote desktop
Download files from the remote desktop
See a preview screenshot of the desktop in the Kasm Workspaces dashboard
Resource monitoring (cpu/memory usage)

System Requirements

Supported Operating Systems
Windows 10 (x86_64)
Windows 11 (x86_64)
Windows 2019 (x86_64)
Windows 2022 (x86_64)

In order to run, the service application requires a valid config file to be located at C:\Program Files\Kasm\config.yaml. In case the file is missing or contains invalid settings the service will keep retrying until it succeeds. All the log messages produced during the service startup can be viewed in Windows event log.

The service also needs to have an Upload and Download folder created in the installation directory C:\Program Files\Kasm.

Installation

Kasm Windows Service can be installed using the installer which places all the necessary files in C:\Program Files\Kasm

The Kasm Windows Service uses HTTPS/SSL to communicate with the rest of the Kasm Workspace services, the required key.pem and cert.pem can be generated with the below command:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365 -nodes

In order to instruct the installer to copy an existing config file and certificates before starting the service the following options can be used:

Important

All options paths must be relative to where kasm_service_installer.exe is started from.

Note

The Kasm Windows Service listens on port 4902. The installer will open this port in the windows firewall, make sure to open this port in any other firewalls for instance on a cloud provider.

kasm_service_installer.exe /config=config.yaml /jwt=jwt.pem /key=key.pem /cert=cert.pem

In order to run the installer in silent mode, without any GUI, the /S option can be used:

kasm_service_installer.exe /S /config=config.yaml /jwt=jwt.pem /key=key.pem /cert=cert.pem

Configuration

Below is an example config with the appropriate settings for Kasm Windows Service annotated.

Important

All paths should be absolute and without slashes at the end. Backslashes should be escaped with a backslash. The referenced PEM formatted certificate files must not have Windows carriage returns.

# server HTTP(s) configuration
ssl: true
port: 4902
server_private_key: "C:\\Program Files\\Kasm\\certs\\key.pem"
server_public_key: "C:\\Program Files\\Kasm\\certs\\cert.pem"

# path to JWT's RSA certificate for token verification
jwt_public_key: "C:\\Program Files\\Kasm\\certs\\jwt.pem"

# path to upload/download folders
upload_dir: "C:\\Program Files\\Kasm\\Upload"
download_dir: "C:\\Program Files\\Kasm\\Download"

# (optional) path to the log file
log_file: "C:\\Program Files\\Kasm\\log.txt"

Settings

Name	Description
ssl	Enables SSL for the services. Kasm Workspaces only supports communications with this service over SSL.
port	The port to run the services on. Kasm Workspaces uses port `4902` for this service by default.
server_private_key	The private key used for the SSL service.
server_public_key	The public key used for the SSL service.
jwt_public_key	Kasm Workspaces signs a JWT token and attaches it to requests sent to this service. See next section for details.
upload_dir	Directory to place files uploaded by users.
download_dir	Directory to allow users to download files from.
log_file	Optionally writes logs to this file. Logs can also be viewed in Windows Event Viewer.

Warning

The Kasm Windows service is not capable of using different directories for different users for the upload and download paths. This is important to understand on systems in which you intend multiple users to use. All users of a system will have access to the files uploaded to the upload folder and files placed in the download folder.

Authentication of Service

All requests to the application must contain a JWT token parameter that will be verified against the provided JWT key. The JWT key (also referred to as the API Cert) is generated upon Kasm Workspaces installation and can be retrieved from Kasm Settings panel section.

Logging

By default, all log messages are written to Windows event log (under Applications->KasmService) but can be also redirected to a file by specifying the log_file parameter in config.yaml.