VShell® Server for Windows and UNIX

Whether your needs focus on remote access and administration or secure file transfer, the VShell server has a full range of capabilities.

Try Before You Buy

Every release can be evaluated free of charge for 30 days.

VShell® 4.3 Server for Windows and UNIX

Whether your needs focus on remote access and administration or secure file transfer, the VShell server has a full range of capabilities that enable you to:

  • Provide strong, multi-protocol security for data in transit
  • Control user access to features and files
  • Set up and configure easily
  • Monitor and log events with automation support
  • Tune licensing to your requirements with connection-based editions

 

New in VShell 4.3

New
WWinUUnix

LDAP server user authenticationW

Login to VShell using credentials provided by an external LDAP server.

Manage user public keysW

Easily add, remove, and view user and common public keys via the new manage-public-key interface.

Additional encryption optionsWU

Support for ChaCha20-Poly1305 authenticated encryption cipher.

UNIX virtual directory access permissionsU

Fine-grained control over virtual directory access permissions on UNIX. Specific file and folder access permissions can be set on a per user, per virtual directory basis.

UNIX virtual directory homeU

Specify which virtual directory a user will be placed in upon connecting.

Key Features

WWinUUnix

Multiple virtual root directoriesWU

The VShell virtual root capability lets you assign different root directory access points to users or groups. Allows fine-grained control over user access permissions and the ability to specify the user's home directory.

Windows account integrationW

Native integration with Windows user accounts and groups (local and domain). Control access to VShell functionality.

Access controlWU

Grant access to VShell services by authorized users or groups. On an individual or group basis, allow or deny access to VShell services such as shell, SCP, SFTP, FTPS, and port forwarding.

Authentication choicesW

Choose from a number of authentication mechanisms including public key, Kerberos, and X.509 digital certificates to create a more secure two-factor authentication strategy.

FTPS optionWU

Choose between Secure Shell SSH2 and FTP over TLS according to your network standards.

Internal user databaseW

Configure VShell-specific users and groups through the VShell Control Panel User Database page. These VShell-defined users and groups are separate from Windows System accounts. The internal accounts can be given access to all file transfer, remote shell and execute, and port forwarding services.

Secure File Transfer

WWinUUnix

SCP file transfersWU

SCP file transfers using clients operating as a secure RCP replacement that forwards a remote execution request to SCP over SSH2 (not SFTP). Honors settings for logging, ACLs, and SFTP roots.

Automated secure file transfersWU

Use vcp, vsftp, vsh, or any SFTP or SCP clients to automate and schedule unattended file transfers.

Remote Administration

WWinUUnix

Administer servers remotely and securelyWU

Securely access and administer web, mail, database, and application servers.

Accomplish common administrative tasksWU

With existing secure shell utilities, add new users to the network, check print queues, and control services. Use text-oriented editors (e.g., EDIT and vi) to edit files on the remote system.

RunAs CommandsW

Give VShell users permission to remotely execute commands as a different user without full admin privileges. The administrator controls who can remotely execute commands, which commands are executed, and what account is used.

Start unattended batch jobsWU

VShell support for remote command execution allows unattended jobs to be started with any Secure Shell (SSH2) client.

General

WWinUUnix

SSH2 supportWU

VShell SSH2 support offers cross-platform security when connecting from remote clients for shell, file transfer, or port forwarding access. Connect with Secure Shell clients including SecureCRT, SecureFX, and a wide variety of other standard tools.

Data encryptionWU

Encrypt the data using a wide selection of ciphers including AES-128-CTR, AES-192-CTR, AES-256-CTR, AES-128, AES-192, AES-256, Twofish, Blowfish, 3DES, and RC4. RSA (up to 16,384 bits) and DSA public-key authentication and X.509 (Windows) certificate authentication methods are also supported.

Data integrityWU

Message authentication codes (MACs) protect the integrity of each message sent over the network (preventing replay or insertion attacks). Support for SHA2-512, SHA2-256, SHA1, SHA1-96, MD5, MD5-96, UMAC-64 is included.

Data compressionWU

Configurable data compression helps improve transfer speeds over slower network links.

Host identity verificationWU

Unique server host key proves its identity to a client as a "known" host (preventing a man-in-the-middle attack). DSA (ssh-dss), RSA (ssh-rsa), and ECDSA (ecdsa-sha2-nistp) host key algorithms supported.

Port forwardingWU

Forward TCP/IP ports to securely access standard data traffic like POP3 and SMTP over the internet and intranets through a single, secure, multiplexed channel.

Deny Host fileWU

VShell for Windows and UNIX now tracks failed authentications by IP address. Once an IP address has been added to the Deny Hosts file, VShell will not allow future connections from that address.

Jail shellU

Two configuration options, ChrootUsers and ChrootGroups, combine to restrict users and members of groups to their home directory with any shell, SFTP, or subsystem operation.

IPv6 supportWU

Transparent support for IPv6 allows you to move to the new protocol whenever you are ready.

Command-line utilitiesWU

Automate routine tasks using command-line utilities: vsftp for an interactive SFTP command line, vsh for command-line shell access, vcp for command-line file transfer, and vkeygen to generate public/private keys.

VRALib API for scripting SSH2 sessionsW

The VRALib API allows scripting of SSH2 connections through a Windows COM interface. Supported operations include full control over SSH2 connections, sending a command to an SSH2 server and getting the output produced by the command, tunneling/port forwarding, file transfers using SFTP, remote file management, adding host keys to a host key database, and adding keys to the SSH2 authentication agent.

Mouse supportW

VShell provides mouse support for character-based applications running in a command window.

Server Configuration

WWinUUnix

General server configurationWU

Configure general server options like listening port, keepalives, idle timeout period, and command shell.

Windows Control PanelW

Configure VShell for maximum security through an easy-to-use graphical control panel.

VShellConfig utilityW

A Windows command-line utility that allows editing of virtual roots, access control lists (ACLs), file and folder access permissions, and the VShell user database. VShellConfig can import and export configurations to save time when backing up or moving VShell.

FiltersWU

Configure which hosts can connect by IP address, hostname, or netmask; configure which port forwarding requests are allowed.

Idle timeout optionWU

Allows timing out sessions after a configurable idle time.

Bandwidth throttlingWU

Server bandwidth can be configured (throttled) on a global, user/group, or location basis.

User Authentication

WWinUUnix

Secure user authenticationWU

Control access to servers and networks using existing usernames and passwords or choose other enterprise-wide authentication methods.

Authentication settingsWU

Configure authentication options by limiting the number of failed attempts, setting a timeout period for completed authentications, and setting the required authentication methods.

Allowed/required list for authentication methodsWU

Specify which authentication methods are allowed or required when users connect to the server: password, public key, GSSAPI or keyboard-interactive authentication.

Kerberos v5 authentication via GSSAPIWU

Kerberos via GSSAPI increases interoperability while enhancing the security of enterprise-wide network authentication.

Public-key-only authenticationWU

Automate unattended file transfers and batch jobs. Can also streamline logon process for users.

Keyboard interactive authenticationU

Keyboard-interactive allows you to customize authentication using PAM plugins. PAM plugins can, for example, enable password expiration enforcement policies or the use of SecurID cards.

RADIUS server support for SecurID authenticationW

VShell for Windows allows authentication through RADIUS servers using SecurID or other methods. RADIUS support is implemented through keyboard-interactive authentication.

X.509 certificate authentication methodW

Comply with organization-wide PKI policies designed to protect critical information and overcome identity theft and electronic fraud.

Logging & Monitoring

WWinUUnix

Monitor active VShell sessionsW

VShell Monitor is a real-time connection monitoring tool that allows an administrator to view active connections to the VShell server.

Server message loggingWU

Selected server messages may be logged in the VShell log file, sent to the Windows system log or a remote syslog/syslog-ng server. Message groups include errors, warnings, informational, connection, authentication, SFTP, port forward, debug, LSA, and FTPS.

Windows event logW

VShell error and warning messages as well as selected other message groups are sent to the system event log.

syslog supportWU

All log messages can be sent to a remote syslog or syslog-ng server.

W3C logging optionWU

The W3C extended log file format option allows the use of third party log tools to analyze VShell activity.

Automation triggersWU

Configurable trigger conditions allow automated responses to server events: failed authentication, login, logout, upload, and download, also file/folder create, delete, and rename. Trigger actions include commands, sending email, file copy/move, and SFTP transfers.

VShell Editions

WWinUUnix

The VShell and VShell with FTPS servers are available in editions designed to meet the needs of every size network and organization. All VShell editions offer the same capabilities but allow you to control costs by deciding how many concurrent connections you need.

VShell Administrator ServerWU

Allows two concurrent client connections, and is designed primarily for remote system administration use.

VShell Workgroup ServerWU

Allows ten concurrent connections, and is intended to serve the needs of a substantial group of users.

VShell Enterprise ServerWU

Supports an unrestricted number of concurrent connections for a large user community.

VShell Server with FTPSW

VShell with FTPS adds TLS-based file transfer encryption to provide a protocol alternative. It is also available in Administrator, Workgroup, and Enterprise editions.

VShell Custom ServerWU

VShell Custom Server allows large customers to deploy VShell with custom configuration of certain options. For more information on the VShell Custom Server please contact VanDyke Software Sales

Support

WWinUUnix

Try before you buy free evaluation copyWU

Official software releases can be downloaded and evaluated for 30 days without charge.

Open beta software releasesWU

Beta software releases can be downloaded and evaluated for 30 days without charge.

One-year software updatesWU

All registered users receive a year of software updates.

One-year technical supportWU

All registered users receive a year of technical support by email from VanDyke Support.

Software maintenance availableWU

Software updates and support are available after the first year.

Standards

WWinUUnix

FIPS 140-2 supportWU

VShell uses a FIPS 140-2 validated cryptographic library. VShell can be installed in "FIPS Mode", which allows only FIPS-approved algorithms.

U.S. Rehabilitation Act Section 508 complianceWU

Section 508 requires Federal agencies to make their electronic and information technology accessible to people with disabilities. VShell Server has been registered as a compliant product with the Section 508 database. Voluntary Product Accessibility Template (VPAT) documents detailing this compliance are available in Acrobat PDF format here: view the VShell Server VPAT.