NEWS YOU CAN USE FROM VANDYKE SOFTWARE®
We have heard many positive responses to the April piece about SecureCRT® Activator, and to January's tip on how to run SecureCRT from a USB drive. We love to hear comments like "The idea of 'installing' SSH on a key chain drive inspired me to buy [one] and install a bunch of software there". Yes! VShell 2.3 server is now official with the May 6th release. In this issue we'll acquaint you with the latest version, especially the advances in precision control over access and authentication. This month's tip outlines using PAM (Pluggable Authentication Module) authentication with VShell. On reading, a subject never far from our hearts, we list some recent favorite staff books for your edification.
1. Feature – VShell 2.3 - Authenticate Better, Limit File Access
Administrators and network managers will find important milestones for the VShell server and Secure Shell in the version 2.3 official release. This version focuses on extending control of the Secure Shell environment in authentication and file transfer. Here are some of the capabilities that deserve a closer look:
VShell addresses several bugaboos in managing Secure Shell authentication,
providing the opportunity to increase network security with realistic,
enforceable policies. First there is support for more standard enterprise
authentication methods: keyboard-interactive/PAM support in VShell 2.3
for UNIX joins the existing Kerberos v5 and Secure Shell public key methods.
Keyboard interactive/PAM is an open authentication architecture that allows
you to use widely available modules such as PAM SecurID and PAM Password
to enforce password expiration policies and standardize authentication
To augment the extensive set of authentication methods supported, VShell 2.3 for Windows configuration now provides for an allow/require authentication list. This lets the sysadmin define from the server what authentication methods can be used, or require a higher level of authentication like Secure Shell public key.
For UNIX versions VShell 2.3 adds the ability to define file transfer privileges with the same degree of control offered on the Windows platform. SFTP virtual root directories allow administrators to provide access to a specific set of folders on the server for each user or group. VShell SFTP file transfer gives any server the ability to act as a focal point for information sharing.
Continuing in the area of file transfer, increased monitoring is enabled with a VShell download "trigger", providing execution of commands such as shell scripts and e-mail notification on file transfer operations. An interactive command-line file transfer utility, vsftp, adds to the administrator's toolkit a much-requested component for automating everyday tasks.
As you can see, core management and security capabilities are more available across both the Windows and UNIX platforms, allowing consistent enterprise-wide implementation of Secure Shell at a higher level of security.
To learn more about VShell 2.3 server, go to:
To download a copy of VShell 2.3 server, please visit the VanDyke web site:
Along with the newfound capabilities of the VShell 2.3 server, there has been a major extension of the product information at www.vandyke.com. Here's one of the best. Are you looking at OpenSSH or have a manager who wants to use the "free" solution? Check out the questionnaire "Is OpenSSH or VShell best for you?" on the VShell Product Information page:
Here are some other new web pages you can visit:
As always, we are interested in your feedback on this and other web material – that's why every page has a comment link.
Warning: The following contains Volative Technical Material (VTM) and uses potentially dangerous three-letter acronyms (TLAs). Enter at your own risk.
Our tip this month is aimed at network administrators who are considering the use of Pluggable Authentication Module (PAM) authentication systems with the VShell server on UNIX and Linux.
First some basic definitions to get us started:
Keyboard-interactive authentication is a mechanism defined by the Secure
Shell (SSH2) protocol that allows for a generic, interactive exchange
of messages between an SSH2 server and the SSH2 client that it is attempting
to authenticate. As the name of the mechanism implies, the messages exchanged
are expected to be textual data entered with a keyboard.
Using VShell 2.3 keyboard-interactive support on UNIX and Linux platforms to provide authentication using PAM requires configuration of VShell and the PAM components provided by the operating system. This overview describes the interaction between VShell and the PAM system, and lays out the core configuration issues for both VShell and PAM. To fully configure PAM-based authentication with VShell, you will want to consult the PAM man pages and other documentation mentioned at the end of the article.
To read the complete tip, please visit this Vandyke Software web page:
Do you have a favorite independent software application that you think is under appreciated? Now you have a chance to make your voice heard by voting in the 2004 Shareware Industry Association People's Choice Awards.
Security software generally has not been a major part of the SIA awards, but you the readers and voters can change this. You can vote for up to seven programs before May 31st. The month is already half gone, so don't delay. Also consider forwarding this link to several friends. To receive a link to vote by e-mail, visit the SIA Foundation web site:
These awards are announced at the Shareware Industry Conference July 15-17, 2004 in Rochester, New York. For more information on the People's Choice Awards and the Shareware Industry Conference, visit:
This "top three" list comes from a survey of VanDyke Software staff's favorite reading. The usual subjects from this crew of lifelong learners, including personal productivity, business success, and self-improvement.
"The Power of Focus: How to Hit Your Business, Personal and Financial Targets with Absolute Certainty", by Canfield, Hansen, & Hewitt. ISBN: 1558747524. From the writers of "Chicken Soup for the Soul", the ten "focusing strategies" they used to build their own success.
"More Balls Than Hands: Juggling Your Way to Success by Learning to Love Your Mistakes", by Michael Gelb. ISBN: 0735203377. The author of "How to Think Like Leonardo DaVinci" and onetime professional juggler advises us to create a "mistake positive" culture and promotes five "Keys to High Performance Learning."
"Power Reading: The Best, Fastest, Easiest, Most Effective Course on Speedreading and Comprehension Ever Developed!" by Rick Ostrov. ISBN: 0960170618. The audacious title says it all: improved reading speed and comprehension can be yours in 30 days. One of our staff plugs the book with, "My reading speed went from 274 wpm to 502 wpm by using the techniques described in this book. I wish I had learned this before I went to college."
The official release for VShell 2.3 is now available, introducing SFTP
virtual directories, allow/require authentication list, download triggers,
and the vsftp client, an interactive SFTP command-line utility for secure
You can download new and previous releases at:
The following lists the latest official product releases:
To download any of our current releases, go to:
All VanDyke Software products may be downloaded and evaluated free for 30 days. Licenses include one year of free upgrades and unlimited access to our expert technical support.
The above e-mail is intended for people who have opted to receive VanDyke Software News from VanDyke Software. If you prefer not to receive e-mail like this from us you can unsubscribe or change your e-mail address at:
VanDyke Software, Inc.
VanDyke Software, AbsoluteFTP, CRT, Entunnel, SecureCRT, SecureFX, and VShell are trademarks or registered trademarks of VanDyke Software, Inc.
All other products and services mentioned are trademarks or registered trademarks of their respective companies.