Close Window


A Monthly Newsletter – December 2004

We hope you can shoehorn this issue into your busy holiday schedules. To make it worth your while, we tried to make things interesting and maybe a bit lighter than usual. First, an update on SecureCRT® and SecureFX® product development brings good news. Then, sysadmins looking for a better way to analyze Secure Shell log files get help with a syslog-ng tip from our VShell™ product manager. Finally, we have an interview (and a chance to win a free book) with the "other Raffi", author of "TiVo Hacks" and the Mehack blog.–


1. SecureCRT 5.0 and SecureFX 3.0: Development Steams Ahead
2. Tip – Improve Logging with syslog-ng and VShell
3. Interview – Say Hi! To Techno-Raffi
4. Heard on the Forum – VShell Roadmap Discussion
5. Scanning The Web – Current Security Issues
6. New Releases
7. Current Releases

1. SecureCRT 5.0 and SecureFX 3.0: Development Steams Ahead

Since we published a preview of major upgrade plans for the SecureCRT and SecureFX products, development and testing have gone ahead full steam.

You were hoping for a fresh face, maybe? Well, SecureCRT gets a major overhaul with a tabbed session interface, to manage screen real estate and the dangerous proliferation of windows. But if you want to use multiple windows they are still available. The big interface feature for SecureFX is the ability to run multiple instances. SecureFX can also help penetrate the workday noise by using sound file support to alert you to connection status.

Otherwise, development focus continues to be on simplifying shell and file transfer operations. Shared session configuration means that you can create a session in SecureCRT or SecureFX and then use that session in both clients. With an "Open SecureFX" tab in SecureCRT, launching a SFTP connection is just a click away. And for the ultimate in personal defense (with no concealed carry permit required), both applications now run from a USB drive (SecureCRT had this ability about a year ago).

About the end of January, the alpha forum at will evolve into its beta successor. But why not jump in before that? If you have finished your holiday shopping, we welcome your help in the ongoing alpha testing for SecureFX and CRT™. Those interested should send e-mail to . Any of you who are waiting until the products are out of alpha development to try the new features will be invited to join in the larger public testing cycle.

For more on the upgrade story, visit the VanDyke Software web site:

2. Tip - Improve Logging with syslog-ng and VShell

syslog-ng, or syslog next generation, is an open source audit trail processing tool that is an alternative to standard UNIX system logging software. Logging has never been more in the public eye, with more stringent government oversight of many industries and the use of logs in recent high-profile court cases.

This tip shows you how to configure syslog-ng for use with VShell for UNIX and gives you two filtering examples to log specific VShell log entries to unique files. With syslog-ng, you can set up filters, send log entries to both your local machine and to a centralized secure logging server (using port forwarding), log to a mysql database, or rewrite log messages into a specific format.

For the complete syslog-ng tip including a sample configuration file, please visit the VanDyke Software web site:

3. Interview - Say Hi! to Techno-Raffi

This month the News visits with a particularly interesting SecureCRT user. Raffi Krikorian is an MIT graduate student and Media Lab researcher who is involved in what most of us would call futurist projects on networks and computing. He is also a quintessential 21st century public thinker and
writer on technology, with his book, "TiVo Hacks," expanded by blogs, conference presentations, and other emanations scattered across the internet. The Internet 0 project he is involved in encompasses the possibilities and challenges of more ubiquitous IP devices, such as household objects (think light bulbs). Raffi says, though, that some of his tools for traversing cyberspace are disarmingly simple – probably not a surprise to most UNIX users.

To read the extended interview with Raffi Krikorian (and enter a drawing to win a signed copy of "TiVo Hacks", courtesy of O'Reilly Media), visit the VanDyke Software web site:

4. Heard on the Forum - VShell Roadmap Discussion

Product innovation never sleeps. We recently started a new thread in the Roadmap forum,
"VShell-->What Next?" to discuss the upcoming development of the VShell server. Ideas in the forum over the next several weeks will have a significant impact on the direction of the server. Post an idea, make a feature request, or just listen in on the discussion at:

5. Scanning The Web - Current Security Issues
---------------------------------------------------------------- has launched a new series of in-depth articles on Secure Shell, authored by Brian Hatch, a UNIX/Linux and network security consultant at Onsight, Inc. He is also author of "Hacking Linux Exposed", "Building Linux VPNs", and the "Linux Security: Tips, Tricks, and Hackery" newsletter. You can find out more about Brian and read back issues of his newsletter at:

Here are three recent articles published on

    • SSH Host Key Protection

The first in a series on SSH, this article goes over verification of standard SSH host keys, tips, and configuration options.

  • SSH User identities

A how to on using Identity/Pubkey authentication, creating keys, and configuring your account to allow them to log in.

  • SSH and ssh-agent

This article discusses how to take SSH Identity/Pubkey trust relationships to the next level, by using ssh-agent as a key master to manage a user's authentication needs automatically.

6. New Releases

A maintenance update of the official release of VShell server 2.3.3 was made December 9, 2004.

You can download new and previous releases at:

7. Current Releases

The following lists the latest official product releases:

  SecureCRT 4.1.9
  SecureFX 2.2.8
  CRT 4.1.9
  AbsoluteFTP 2.2.8
  VShell 2.3.3 Server for Windows
  VShell 2.3.3 Server for UNIX
  Red Hat Linux 7.x
  Red Hat Linux 8.x
  Red Hat Linux 9.x
  Red Hat Enterprise v2.1/v3
  Solaris 8
  FreeBSD 4.8
  HP-UX 11
  Mac OS X 10.2
  AIX 4.3/5.2

To download any of the current releases, go to:

All VanDyke Software products may be downloaded and evaluated free for 30 days. Licenses include one year of free upgrades and unlimited access to our expert technical support.

Pass it along! If you find this monthly newsletter helpful and informative, forward it to co-workers or friends, or tell them where to sign up.

You can also read this and back issues of the newsletter at:

Subscription Information

The above e-mail is intended for people who have signed up to receive VanDyke Software News from VanDyke Software. You can unsubscribe or change your e-mail address at:

Don't miss out on important product news. If your ISP or e-mail client filters incoming e-mail, please add the domain to your list of approved senders to make sure you receive the newsletters and product announcements to which you've subscribed.

Mailing Address

  VanDyke Software, Inc.
  4848 Tramway Ridge Drive, NE
  Suite 101
  Albuquerque, NM 87111 USA

Got questions, comments, or ideas? E-mail or use the web forms by clicking on "Got a question or comment?" on any page on our web site, as you'll see on our What's New page at


VanDyke Software, AbsoluteFTP, CRT, Entunnel, SecureCRT, SecureFX, and VShell are trademarks or registered trademarks of VanDyke Software, Inc.

All other products and services mentioned are trademarks or registered trademarks of their respective companies.

Close Window