Close Window
 

NEWS YOU CAN USE FROM VANDYKE SOFTWARE®

A Monthly Newsletter – May 2004

We have heard many positive responses to the April piece about SecureCRT® Activator, and to January's tip on how to run SecureCRT from a USB drive. We love to hear comments like "The idea of 'installing' SSH on a key chain drive inspired me to buy [one] and install a bunch of software there". Yes! VShell™ 2.3 server is now official with the May 6th release. In this issue we'll acquaint you with the latest version, especially the advances in precision control over access and authentication. This month's tip outlines using PAM (Pluggable Authentication Module) authentication with VShell. On reading, a subject never far from our hearts, we list some recent favorite staff books for your edification.

-------------
Contents
-------------

1. Feature – VShell 2.3 - Authenticate Better, Limit File Access
2. Web Update – VShell 2.3 Enhancements Punch Up vandyke.com
3. Tip – Configuring VShell 2.3 For PAM Authentication
4. High Time to Vote For 2004 SIA People's Choice Awards
5. Books – The Staff Short List
6. New Releases
7. Current Releases


-----------------------------------------------------------------
1. Feature – VShell 2.3 - Authenticate Better, Limit File Access
-----------------------------------------------------------------

Administrators and network managers will find important milestones for the VShell server and Secure Shell in the version 2.3 official release. This version focuses on extending control of the Secure Shell environment in authentication and file transfer. Here are some of the capabilities that deserve a closer look:

      • Keyboard-interactive/PAM authentication
      • Allow/require authentication list
      • SFTP virtual directories
      • Download triggers
      • vsftp interactive command-line client

VShell addresses several bugaboos in managing Secure Shell authentication, providing the opportunity to increase network security with realistic, enforceable policies. First there is support for more standard enterprise authentication methods: keyboard-interactive/PAM support in VShell 2.3 for UNIX joins the existing Kerberos v5 and Secure Shell public key methods. Keyboard interactive/PAM is an open authentication architecture that allows you to use widely available modules such as PAM SecurID and PAM Password to enforce password expiration policies and standardize authentication
across many applications. See the tip in Section 3 below for more on this subject.

To augment the extensive set of authentication methods supported, VShell 2.3 for Windows configuration now provides for an allow/require authentication list. This lets the sysadmin define from the server what authentication methods can be used, or require a higher level of authentication like Secure Shell public key.

For UNIX versions VShell 2.3 adds the ability to define file transfer privileges with the same degree of control offered on the Windows platform. SFTP virtual root directories allow administrators to provide access to a specific set of folders on the server for each user or group. VShell SFTP file transfer gives any server the ability to act as a focal point for information sharing.

Continuing in the area of file transfer, increased monitoring is enabled with a VShell download "trigger", providing execution of commands such as shell scripts and e-mail notification on file transfer operations. An interactive command-line file transfer utility, vsftp, adds to the administrator's toolkit a much-requested component for automating everyday tasks.

As you can see, core management and security capabilities are more available across both the Windows and UNIX platforms, allowing consistent enterprise-wide implementation of Secure Shell at a higher level of security.

To learn more about VShell 2.3 server, go to:

  http://www.vandyke.com/products/vshell/index.html

To download a copy of VShell 2.3 server, please visit the VanDyke web site:

  http://www.vandyke.com/download/vshell/download.html

-----------------------------------------------------------------------------------------
2. Web Update – VShell 2.3 Enhancements Punch Up vandyke.com
-----------------------------------------------------------------------------------------

Along with the newfound capabilities of the VShell 2.3 server, there has been a major extension of the product information at www.vandyke.com. Here's one of the best. Are you looking at OpenSSH or have a manager who wants to use the "free" solution? Check out the questionnaire "Is OpenSSH or VShell best for you?" on the VShell Product Information page:

  http://www.vandyke.com/products/vshell/product_info.html

Here are some other new web pages you can visit:

VShell Home:
  http://www.vandyke.com/products/vshell/index.html
New Features:
  http://www.vandyke.com/products/vshell/features.html
Technical Resources:
  http://www.vandyke.com/products/vshell/tech_resources.html
Solutions Guide:
  http://www.vandyke.com/products/vshell/docs/guide/index.html
Focus - Authentication:
  http://www.vandyke.com/products/vshell/authentication.html

As always, we are interested in your feedback on this and other web material – that's why every page has a comment link.

----------------------------------------------------------------
3. Tip – Configuring VShell 2.3 For Keyboard Authentication/PAM
----------------------------------------------------------------

Warning: The following contains Volative Technical Material (VTM) and uses potentially dangerous three-letter acronyms (TLAs). Enter at your own risk.

Our tip this month is aimed at network administrators who are considering the use of Pluggable Authentication Module (PAM) authentication systems with the VShell server on UNIX and Linux.

First some basic definitions to get us started:

Keyboard-interactive authentication is a mechanism defined by the Secure Shell (SSH2) protocol that allows for a generic, interactive exchange of messages between an SSH2 server and the SSH2 client that it is attempting to authenticate. As the name of the mechanism implies, the messages exchanged are expected to be textual data entered with a keyboard.

"PAM, or Pluggable Authentication Module, is a UNIX program interface that enables third-party security methods to be used. By using PAM, multiple authentication technologies, such as RSA, DCE, Kerberos, smart card, and S/Key can be added without changing any of the login services, thereby preserving existing system environments." – Webopedia.com

Using VShell 2.3 keyboard-interactive support on UNIX and Linux platforms to provide authentication using PAM requires configuration of VShell and the PAM components provided by the operating system. This overview describes the interaction between VShell and the PAM system, and lays out the core configuration issues for both VShell and PAM. To fully configure PAM-based authentication with VShell, you will want to consult the PAM man pages and other documentation mentioned at the end of the article.

To read the complete tip, please visit this Vandyke Software web page:

  http://www.vandyke.com/support/tips/configpam.html

--------------------------------------------------------------------------
4. It's High Time To Vote For 2004 SIA People's Choice
--------------------------------------------------------------------------

Do you have a favorite independent software application that you think is under appreciated? Now you have a chance to make your voice heard by voting in the 2004 Shareware Industry Association People's Choice Awards.

Security software generally has not been a major part of the SIA awards, but you the readers and voters can change this. You can vote for up to seven programs before May 31st. The month is already half gone, so don't delay. Also consider forwarding this link to several friends. To receive a link to vote by e-mail, visit the SIA Foundation web site:

  http://www.siafvoting.com/pca/index.asp?Source=SIAF

These awards are announced at the Shareware Industry Conference July 15-17, 2004 in Rochester, New York. For more information on the People's Choice Awards and the Shareware Industry Conference, visit:

  http://www.sic.org/peopleschoice.asp

-----------------------------------------
5. Books – The Staff Short List
-----------------------------------------

This "top three" list comes from a survey of VanDyke Software staff's favorite reading. The usual subjects from this crew of lifelong learners, including personal productivity, business success, and self-improvement.

"The Power of Focus: How to Hit Your Business, Personal and Financial Targets with Absolute Certainty", by Canfield, Hansen, & Hewitt. ISBN: 1558747524. From the writers of "Chicken Soup for the Soul", the ten "focusing strategies" they used to build their own success.

"More Balls Than Hands: Juggling Your Way to Success by Learning to Love Your Mistakes", by Michael Gelb. ISBN: 0735203377. The author of "How to Think Like Leonardo DaVinci" and onetime professional juggler advises us to create a "mistake positive" culture and promotes five "Keys to High Performance Learning."

"Power Reading: The Best, Fastest, Easiest, Most Effective Course on Speedreading and Comprehension Ever Developed!" by Rick Ostrov. ISBN: 0960170618. The audacious title says it all: improved reading speed and comprehension can be yours in 30 days. One of our staff plugs the book with, "My reading speed went from 274 wpm to 502 wpm by using the techniques described in this book. I wish I had learned this before I went to college."

-----------------------
5. New Releases
-----------------------

The official release for VShell 2.3 is now available, introducing SFTP virtual directories, allow/require authentication list, download triggers, and the vsftp client, an interactive SFTP command-line utility for secure file transfers.

No maintenance updates were made in May 2004.

You can download new and previous releases at:

  http://www.vandyke.com/download/latestreleases.html

---------------------------
5. Current Releases
---------------------------

The following lists the latest official product releases:

SecureCRT 4.1.4
SecureFX® 2.2.4
Entunnel™ 1.1.1
CRT™ 4.1.4
AbsoluteFTP® 2.2.4
VShell 2.2.6 Server for Windows
VShell 2.2.6 Server for UNIX
    Red Hat Linux 7.x
    Red Hat Linux 8.x
    Red Hat Linux 9.x
    Red Hat Enterprise v2.1/v3
    Solaris 8
    FreeBSD 4.8
    HP-UX 11
    Mac OS X 10.2
    AIX 4.3/5.2

To download any of our current releases, go to:

  http://www.vandyke.com/download/latestreleases.html

All VanDyke Software products may be downloaded and evaluated free for 30 days. Licenses include one year of free upgrades and unlimited access to our expert technical support.


Pass it along! If you find this monthly newsletter helpful and informative, forward it to co-workers or friends, or tell them where to sign up.

     http://www.vandyke.com/support/newsletter.html


Subscription Information
----------------------------------

The above e-mail is intended for people who have opted to receive VanDyke Software News from VanDyke Software. If you prefer not to receive e-mail like this from us you can unsubscribe or change your e-mail address at:

  http://www.vandyke.com/support/newsletter.html


Mailing Address
----------------------

  VanDyke Software, Inc.
  4848 Tramway Ridge Drive, NE
  Suite 101
  Albuquerque, NM 87111 USA


---

VanDyke Software, AbsoluteFTP, CRT, Entunnel, SecureCRT, SecureFX, and VShell are trademarks or registered trademarks of VanDyke Software, Inc.

All other products and services mentioned are trademarks or registered trademarks of their respective companies.

Close Window