Resources
Scripting
Articles & Tips
White Papers
|
VanDyke ClientPack for Windows and UNIX
The VanDyke ClientPack is a suite of tools for automating file transfer, shell, and public-key administration tasks. VRALib, a key component of the ClientPack, is a Windows COM API that enables custom scripting of SSH2 connections.
New in VanDyke ClientPack 7.0
|
 |
| VRALib KexMethods |
The "Connection" object has a "KexMethods" property that can be used to get or set the key-exchange algorithms. |
| VRALib Version/Revision |
Added "Version" and "Revision" properties to the "License" object. |
| VRALib keyboard-interactive authentication |
Added support for keyboard-interactive authentication to the "AuthenticationMethods" property. The new "AddChallengeResponse" method can be used for more complex challenge-response systems. |
| VRALib IBinaryStream |
Added "IBinaryStream" object that supports streaming binary files. |
| Generate OpenSSH format keys |
The vkeygen utility now supports a "-O" command-line option which specifies that the key should be generated in the OpenSSH format. |
| vcp/vsftp enhancement |
Added support for the user@domain@host syntax for authentication. |
Security |
|
| Authentication methods |
All the VanDyke ClientPack applications support password, public-key
(RSA, DSA, and smart cards* using X.509), Kerberos v5 (via GSSAPI),
and keyboard-interactive when connecting to SSH2 servers. vsh
supports connections to SSH1 servers using password, public-key,
and TIS authentications.
* Windows only
|
| Encryption ciphers |
The VanDyke ClientPack applications support AES-128, AES-192,
AES-256, Twofish, Blowfish, 3DES, and RC4 ciphers when connecting
to SSH2 servers. The maximum 2048-bit length of DSA keys under
SSH2 provides more secure encryption. For SSH1 servers, Blowfish,
DES, 3DES, and RC4 and are supported. Microsoft CAPI encryption is supported in vkeygen during key generation and passphrase change operations. |
| SFTP protocol support |
vcp and vsftp support SFTP through version 6.
|
| FIPS 140-2 (Windows only) |
The VanDyke ClientPack for Windows has an administrative option to
run in "FIPS
Mode". When this option is set, the VanDyke ClientPack applications
use a FIPS
140-2 validated cryptographic library and only allow FIPS-approved
algorithms.
|
| SSH Agent support |
Agent forwarding support allows transparent authentication to multiple
linked servers after the first SSH server has authenticated the user.
|
| Port forwarding |
vsh allows you to tunnel common TCP/IP protocols (for example, POP3,
IMAP4, HTTP, SMTP) to a remote Secure Shell server using a single, secure,
multiplexed connection.
|
| Dynamic port forwarding |
vsh provides dynamic port forwarding which simplifies how TCP/IP application
data is routed through the Secure Shell connection. Instead of configuring
port forwarding on a per-application basis in vsh, each application is
configured to use a SOCKS server on a local host port. vsh opens a port
on the local host and acts as a SOCKS server for any SOCKS-compatible application,
even those that use multiple
ports, such as FTP. |
| X11 forwarding |
vsh allows you to encrypt X11 Windows sessions to secure remote X applications
that are being displayed on the local PC. |
| Remote execution |
Like rsh, vsh can be used to execute commands on a remote system. But
unlike rsh, vsh provides secure encrypted communications over a nonsecure
network. |
| SSH1 support |
Both SSH1 and SSH2 are supported in vsh, providing the maximum in flexibility
when connecting to a range of remote servers. |
| Create public/private keys |
vkeygen is a program that generates public and private keys with options
to set the key length (in bits) and passphrase associated with the key
pair. Microsoft CAPI encryption is also supported during key generation and passphrase change. |
| Upload and manage keys |
vpka is a public-key assistant program which allows a user with no public
key file on the server to upload a public key for use in authentication.
vpka can also be used to define parameters for keys and to remove keys
from the server. |
| Firewall |
Support for SOCKS v4 and v5 and unauthenticated HTTP proxies. |
| Create directories |
vsftp can be used to create new directories locally and
on the remote host.
|
| Rename files |
vsftp can be used to rename files locally and on the remote host. |
| Set permissions |
vsftp can be used to change read/write/execute permissions as allowed
by logon. It can be used to specify file permissions for uploaded files. |
| List files |
vsftp can be used to display the remote directory listing of either
the path or of the current directory if the path is not specified. If
the -l flag is set,
vsftp displays permission and ownership information. This command, if
used with a / (i.e., ls /), lists the roots when connecting to a server
such as VShell that allows multiple roots. |
| Recursive operations |
Both vsftp and vcp commands can be recursively applied to all subdirectories
in a target directory. |
| Move files |
Moving files is supported in vcp and vsftp using -- move. In vsftp, --move can be specified as an argument to get and put. Moving local files is also supported. |
| Wildcard matching |
Both vsftp and vcp commands can specify a path that contains the
wildcard characters * and ?. vsftp will expand these wildcard characters.
Multiple
wildcard
characters are permitted in a path (e.g., "*.*" or "*.?").
vsftp also supports file "globbing". The sequence [...] will
match any one of the characters enclosed. Within [...], a pair of characters
separated by a quotation mark (") matches any character lexically
between the two. The backslash can be used to turn off wildcard characters
(e.g., \* or \[). |
| ASCII/Binary file transfers |
vsftp supports both ASCII and binary file transfers. Text format files
can be sent as raw text rather than in binary format for more compatible
transfers of files like HTML and server logs between different operating
systems. |
| Progress indicator |
Both vsftp and vcp illustrate the status of a file transfer operation
with a text-based progress indicator. |
| Remote to remote |
Copies between two remote hosts can be accomplished using vcp. File
sources and destinations may contain a user, host, and port specification
to indicate that the file is to be copied to or from that host. |
VRALib API for scripting SSH2 sessions
(Windows only) |
The VRALib API allows scripting of SSH2 connections through a Windows COM interface. Supported operations include full control over SSH2 connections, sending a command to an SSH2 server and getting the output produced by the command, tunneling/port forwarding, file transfers using SFTP, remote file management, adding host keys to a host key database, and adding keys to the SSH2 authentication agent. |
| Firewall support |
The VanDyke ClientPack applications support both SOCKS
v4 and v5 for use with SSH1 or SSH2. When using SOCKS v5, optional firewall
authentication
is
supported. |
| Windows and UNIX support |
The VanDyke ClientPack is available for Windows 8, Windows 7, Windows Server 2008/R2, Windows Server 2003/R2, Windows Vista, and Windows XP for x86 and x64, and Ubuntu Linux 12.04, 11.x, and 10.x, Red Hat Enterprise 6.0 and 5.5, Solaris 10 (SPARC), FreeBSD 8.1 and 7.0, Mac OS X 10.8, 10.7, and 10.6. |
| IPv6 |
The VanDyke ClientPack applications support the IPv6
standard being implemented across the internet. IPv6 addresses limitations
with
the
current IPv4 standard, such as the limited number of available IPv4 addresses.
It also adds many improvements to IPv4 in areas such as routing and network
autoconfiguration. |
| Free evaluation copy |
Official software releases can be downloaded and evaluated for 30 days without charge. |
| Open beta software releases |
Beta software releases can be downloaded and evaluated for 30 days without charge. |
| One-year software updates |
All registered users receive a year of software updates. An option with three years of updates is also available. |
| One-year technical support |
All registered users receive a year of technical support by e-mail from VanDyke Support. An option with three years of technical support is also available. |
| Software maintenance available |
Software updates and support are available after the first year for multi-computer licenses. |
Back
to Top |
|
