Resources
Scripting
Articles & Tips
White Papers
|
SecureCRT®
SecureCRT combines rock-solid terminal emulation with the strong encryption, data integrity, and authentication options of the Secure Shell protocol.
SecureCRT provides secure remote access, file transfer, and data tunneling for everyone in your organization.
|
 |
 |
| |
|
|
New in SecureCRT 8.0
|
WIN |
MAC |
LINUX |
|
| Tab groups (Windows only) |
Get more done in less time by grouping related sessions and using
tab groups to compare the output of two sessions. Organize
sessions in tabs so that you can switch easily between them, or
work in one tab while monitoring the output from a command in
another tab and then go back to a single tab group when the
command has finished. |
|
|
|
| UI enhancements (Windows only) |
Choose from a variety of new light or dark themes. SecureCRT looks even
better on Windows with new toolbar icons and support for high-DPI monitors. |
|
|
|
| Button bar enhancements |
Assign colors to button icons so that they are easier to see and organize
and position the button bar at the top or bottom of the SecureCRT window.
On Windows, buttons can be arranged by dragging and dropping using the ALT key. |
|
|
|
| TN3270 emulation |
SecureCRT's support for a wide range of emulations, now including
TN3270, makes it easier for you to standardize on one terminal application. |
|
|
|
| Enhanced smart card support (Windows only) |
Select a specific certificate on the smart card (PIV/CAC) to be used for public-key authentication. CAPI and PKCS #11 certificates are supported. |
|
|
|
| Encryption improvements |
ECDSA (RFC 5656) and Ed25519 keys can now be generated and used. PuTTY PPK files can be used for public-key authentication. If host key authentication with the ssh-dss algorithm fails, the connection automatically falls back to the ssh-rsa algorithm. On Windows, X.509v3 keys can be added to the SSH agent and public keys can be exported in OpenSSH format and from PKCS #11. |
|
|
|
| TFTP server enhancements |
The TFTP server can be started when SecureCRT starts, when any session connects, or manually. |
|
|
|
| Command window enhancement |
"Send characters immediately" mode allows you to send control
characters and escape sequences so you can be even more productive when sending commands to all
sessions from the Command window. You can edit files using vi or nano, stop running commands using
CTRL+C, and do tab completion. |
|
|
|
| SSH1 and SSH2 support |
Both SSH1 and SSH2 are supported in a single client, providing
the maximum in flexibility when connecting to a range of remote
servers. |
|
|
|
| User authentication |
SecureCRT supports password, public key, Kerberos v5 (via GSSAPI), and keyboard interactive
when connecting to SSH2 servers. Public key support includes RSA (up to 16,384 bits), Ed25519,
ECDSA (RFC 5656), DSA, PuTTY PPK, and X.509 (Windows) including
smart cards (PIV/CAC). For SSH1 servers, password, public key,
and TIS authentications are supported. |
|
|
|
| Public Key Assistant |
Support for Public Key Assistant makes uploading public keys to
an SSH2 server simple and safe for end users. |
|
|
|
| Support for GSSAPI secured key exchange |
Mechanisms supported depend on GSSAPI provider. |
|
|
|
| SFTP in a tab |
Open an SFTP tab to the same SSH2 session without having
to re-authenticate to perform file transfer operations using an
interactive, text-based SFTP utility. Drag and drop files and folders onto the SFTP tab to start SFTP file transfers faster. |
|
|
|
| Encryption ciphers: Strong encryption |
SecureCRT supports AES-128-CTR, AES-192-CTR, AES-256-CTR, AES-128, AES-192, AES-256, Twofish, Blowfish, 3DES,
and RC4, when connecting to SSH2 servers. For SSH1 servers, Blowfish,
DES, 3DES, and RC4 are supported. |
|
|
|
| Password and passphrase caching |
SSH2 session passwords and passphrases can be cached, so that you don't have to reauthenticate to access the same server again while SecureCRT is running (also the Activator utility on Windows) |
|
|
|
| Port forwarding |
Tunnel common TCP/IP protocols (for example, POP3, IMAP4, HTTP,
SMTP) via SecureCRT to a remote Secure Shell server using a single,
secure, multiplexed connection. Port forwarding configuration has
been integrated into the tree-based Session Options dialog allowing
easier configuration for securing TCP/IP application data. |
|
|
|
| Dynamic port forwarding |
Dynamic port forwarding simplifies how TCP/IP application data
is routed through the Secure Shell connection. Instead of configuring
port forwarding on a per-application basis in SecureCRT, each application
is configured to use a SOCKS server on a local host port. SecureCRT
opens a port on the local host and acts as a SOCKS server for any
SOCKS-compatible application, even those that use multiple ports,
such as FTP. |
|
|
|
| Interoperability |
OpenSSH-compatible host key fingerprint support and RSA host key
support enhance SecureCRT's interoperability with a variety of Secure
Shell servers. Public keys can be exported in OpenSSH format and can be exported from PKCS #11. |
|
|
|
| X.509 support |
Smart card-based public-key authentication using X.509-compatible
certificates supports highly secure two-factor authentication.
SecureCRT supports the PKCS #12 (.pfx) standard file format for
X.509 certificates and private keys. PKCS #11 is also supported,
allowing a cryptographic token interface to be used. X.509 host
key checking automatically accepts the host key if the certificate
is valid. |
|
|
|
| OpenSSH key format support |
Generate keys in OpenSSH format or convert VanDyke Software format
private keys to OpenSSH format so that the same keys can be used
with other Secure Shell clients. |
|
|
|
| OpenSSH Agent forwarding |
Agent forwarding support allows transparent authentication to multiple
linked servers after the first SSH server has authenticated the
user. |
|
|
|
| SSH Agent support |
Once you register keys with Agent, re-authentication is automatic even if
SecureCRT has been closed. From 6.6 on, keys can be
added and removed using Manage Agent keys on the Tools menu. |
|
|
|
| Host key management |
SecureCRT allows host keys to be viewed, imported, and exported. |
|
|
|
| X11 forwarding |
Encrypt X11 sessions to secure remote X applications that
are being displayed on the local machine. |
|
|
|
| Data compression |
Improves the performance of encrypted dialup connections – variable
compression levels from 1 to 9. When zlib@openssh.com compression
is specified, compression starts after authentication, preventing
unencrypted passwords from being cached by the zlib library. |
|
|
|
| Wide range of terminal emulation |
VT100, VT102, VT220, ANSI, SCO ANSI, TN3270, Wyse 50/60, Xterm, and Linux
console, with support for ANSI color with color schemes in most
emulations. |
|
|
|
| Xterm extensions |
Supports the Xterm extensions for changing the title bar and for
sending basic mouse events to the remote host. SecureCRT also delivers
256-color Xterm support. |
|
|
|
| Character attributes |
Full terminal emulation support for character attributes including
VT line drawing symbols, bold, underline, reverse and blink (and
double-width and double-height fonts on Windows only). |
|
|
|
| Unicode support |
Unicode support includes the ability to display character sets from multiple languages, including Japanese, Chinese, and Korean multi-byte character
sets, and support for right-to-left reading order languages. |
|
|
|
| 80/132-column support |
Supports automatic switching between 80 and 132-column display.
Different fonts can be configured for the 80 and 132-column modes. |
|
|
|
| National Replacement Character Set |
Terminal sessions display international characters using NRCS if
supported by the host application. |
|
|
|
| Configurable rows and columns |
SecureCRT supports a wide range of configuration from the standard
24 rows, 80 columns to as many as 32,000 columns. |
|
|
|
| Raw protocol mode |
This option, which is helpful for troubleshooting, allows for no (or little) interpretation of data from the remote system. |
|
|
|
| Window size change |
For SSH2, SSH1, or Telnet servers supporting the
NAWS extension, SecureCRT informs the remote system anytime
the window is resized and the rows and columns change. For applications
like Vi and Emacs, this ensures that SecureCRT stays in sync
with the remote system without manually adjusting the remote's settings. |
|
|
|
| Create keyboard mappings |
Map keyboard combinations on a per session basis. Create mappings
for any key combination – not just function keys – without an
external keymap file. |
|
|
|
| Flexible keyboard mappings |
Create customized accelerators by mapping user-specified keyboard
combinations to send a user-specified string, run a script, perform
a menu or scrollbar operation, send a Telnet command, or launch
external programs (like your favorite editor, cmd.exe, or regedit)
on the local machine. |
|
|
|
| Graphical keymap editor |
Graphical editor provides an easy mechanism for creating keymap
files that can be shared between users and systems. |
|
|
|
| Named sessions |
Create sessions from the Connect dialog to define specific preferences
for different hosts or for different purposes on the same host. |
|
|
|
| Personal data folder |
Optionally store logon credentials separate from other session data. This makes it safer to store sessions in the cloud or on a network drive and makes it easier to share sessions with colleagues. |
|
|
|
| Named firewalls |
Name different firewall configurations and
use them on an individual session basis. |
|
|
|
| Color schemes |
Eight predefined terminal color schemes are provided. Create and
save additional color schemes with customized foreground and background
colors. |
|
|
|
| 128,000-line scrollback |
The scrollback buffer can be configured to save up
to 128,000 lines. Being able to review the history of the current
session can be a life saver. From the scrollback, both copying to
the clipboard and printing are supported. |
|
|
|
| Emacs mode |
If you commonly use Emacs, you can configure your session to
use the ALT key as the meta key. |
|
|
|
| Command (chat) window |
Provides a mechanism for composing a line (or more) of text before
sending to the remote system. The Command (chat) window also supports history,
which allows previous commands to be viewed, edited, and sent. Commands can be sent to all open tabbed or tiled sessions at once using the "Send Commands to All Sessions" option. A "Send characters immediately" mode makes it possible in one or multiple sessions to stop commands using CTRL+C, edit files using an editor such as vi, send escape sequences, and do tab completion. |
|
|
|
| Use environment variables in paths |
Use environment variables like APPDATA, TEMP, and USERPROFILE
in paths specified in SecureCRT global and session options, making
it easier to move/copy settings to other machines and to create
configurations that will work for multiple users. |
|
|
|
| Multiple session editing |
The Connect dialog allows multiple sessions to be
selected and then edited, making it easy to do things like change
the passwords for a group of sessions. |
|
|
|
| Import/export tool |
An import/export tool makes it easier to create a backup or copy SecureCRT settings from one machine to another. |
|
|
|
| Tabbed sessions |
Tabbed sessions reduce desktop clutter and make it easy to switch
between sessions. Launch new tabs in the current window from a
URL or command line. Send an active tab to a new window,
clone a tabbed session in a new window, or drag and drop sessions
between windows. |
|
|
|
| Tab groups |
Get more done in less time by grouping related sessions and using
tab groups to compare the output of two sessions. Organize
sessions in tabs so that you can switch easily between them, or
work in one tab while monitoring the output from a command in
another tab and then go back to a single tab group when the
command has finished. |
|
|
|
| Tiling |
Tiled sessions make it easier to compare multiple sessions or view output when sending commands to all sessions via the chat window. Sessions can be tiled or cascaded. On Windows, a vertical or horizontal orientation can be selected. |
|
|
|
| Button bar |
Map buttons to just about any action: send a configuration command, run a script, use a menu function, send a protocol command, or launch an external program like your favorite editor or the system activity monitor. You can also create different button bars for
specific sessions or operations. Colors can be assigned to button icons to add time-saving visual cues. |
|
|
|
| Activator tray utility |
The Activator utility allows minimizing any session window to
the system tray, cutting down on desktop and taskbar clutter. |
|
|
|
| Session Manager |
The dockable Session Manager lets you quickly connect to sessions. The Session Manager pane can be positioned on the left, right, top, or bottom of the SecureCRT window or undocked as a modeless dialog. The "classic" Connect dialog is still supported. The Session Manager filter bar helps locate sessions quickly in the session database. |
|
|
|
| Session customization |
Sessions can be organized in nested folders. Organize hundreds
of named sessions using standard copy and paste or drag and drop.
Folders or multiple sessions can be launched in tabs with a single
click. With "Use auto session" enabled, select a single
session, multiple sessions, or folders of sessions to automatically
connect on startup. With "Remember and connect to sessions
from last use" enabled, the sessions opened the last time
SecureCRT ran will be automatically connected on start up. |
|
|
|
| Session status information |
Tab status indicators display connection status using icons (all platforms) or background colors (Windows only) to display whether a session is connected, disconnected, has received new input, or no new activity. |
|
|
|
| URL support |
Easily open URLs: select and then open, right-click, or CTRL+click for Windows and Linux, Command+click on Mac OS X. |
|
|
|
| Simple automated logons |
The initial logon username and password can be configured in order to automate logons quickly without
the need to learn a scripting language. |
|
|
|
| Quick Connect |
The Quick Connect dialog allows you to connect to a host with
just a server name – no configuration required. Optionally, you
can save the connection for future use. |
|
|
|
| Connect bar |
The Connect bar provides a text entry box to connect to a session quickly without opening a dialog. The Connect bar supports SecureCRT command-line options. |
|
|
|
| Clipboard copy and paste |
Select terminal text by row and column area. With the Auto Copy
option on, text is automatically copied to clipboard after the
text is selected. Quickly paste text into a session by using the
option to paste on right or middle mouse click. A copy ANSI text to clipboard option preserves ANSI color and font data. |
|
|
|
| Customize the toolbar and menu |
Modify the toolbar and menu to suit your
needs by dragging and dropping toolbar and menu
items. |
|
|
|
| Anti-idle |
SecureCRT can be configured to use protocol specific IDLE NOOP
options or send a user-defined sequence after a specified interval
to eliminate idle disconnections. |
|
|
|
| SOCKS v4 and v5 |
Support for both SOCKS v4 and v5 for use with Telnet, Telnet/TLS (Windows), SSH1, or SSH2. When using SOCKS v5, optional firewall authentication is supported. |
|
|
|
| TIS and Wingate proxy |
Generic proxies from the TIS firewall toolkit and Wingate are supported for use with Telnet. |
|
|
|
| HTTP proxy |
Telnet, Telnet/TLS (Windows), SSH1, and SSH2 connections can be configured to connect via an HTTP proxy that supports the Connect command. Proxy setup is simplified with support for unauthenticated and basic HTTP proxies. |
|
|
|
| Dependent session option |
Link a session to an SSH1 or SSH2 session that it depends on, which allows connection to a jump host before connecting to other sessions. |
|
|
|
| Zmodem, Xmodem, Ymodem, and Kermit |
Use Zmodem, Xmodem, Ymodem, and Kermit to upload and download
files over any protocol. |
|
|
|
| Send, receive ASCII |
Send ASCII sends file contents to host as terminal input,
Receive ASCII saves host output to a file. |
|
|
|
| SFTP in a tab |
You can open an SFTP tab to a connected SSH2 session without having
to re-authenticate to perform file transfer operations using an
interactive, text-based SFTP utility. |
|
|
|
| Drag and drop file transfer |
Start an SFTP file transfer faster by dragging and dropping files and folders onto the SFTP tab. You can also drag files onto the session tab and choose between ASCII, Xmodem, Ymodem, Zmodem, and Kermit (ASCII and Xmodem support single file transfer; Ymodem and Zmodem support multiple file transfers. Transferring folders is not supported.) |
|
|
|
| Send Binary transfer option |
Transfer binary files when the remote system doesn't support Zmodem. |
|
|
|
| Built-in TFTP server |
Lock the built-in server via IP address to the client router for increased security as compared to running a separate TFTP server. Automatically start the TFTP server when SecureCRT starts or when a session connects, use TFTP to deploy firmware upgrades on network equipment, and backup or revert configurations on network devices. |
|
|
|
| Multiple ActiveX scripting languages |
Use multiple scripting languages to control SecureCRT including
VBScript, JScript, and PerlScript. |
|
|
|
| Python scripting |
Apply the widely used Python language to SecureCRT automation. |
|
|
|
| Scripting functions |
Scripting functions allow you to write login scripts, send text
to sessions, transfer files, work with tabs, and perform other
activities. |
|
|
|
| Script recorder |
Quickly create a script to automate routines using
the script recorder, which records keystrokes, including function
keys, and then generates VBScript or Python code (Windows) or a Python script (Mac, Linux). |
|
|
|
| Session log file option |
Session logging to a file can be toggled on and off from the
menu. SecureCRT can be configured to start logging upon connecting
to the remote site. Custom log data gives you the ability to specify
strings to be logged upon connect, disconnect, and on each line. |
|
|
|
| Parameter substitutions |
Dynamic log filename generation supports substitution of date,
time, session, and environment variables. If a log file path does
not already exist, it will be created automatically. |
|
|
|
| Log rotation |
There is an option to create a new log file at midnight by setting
a variable in the log file name to write log output to a new file
daily. |
|
|
|
| Command-line option |
A command-line parameter /LOG allows a log file to be specified
on the command line. |
|
|
|
| Host-based printing |
SecureCRT includes robust host-based printing support for
applications such as Pine that allow printing to the local printer. |
|
|
|
| Basic printing |
Print screen, print selection, and auto print are available from both the menu and toolbar. |
|
|
|
| Session or global print settings |
Printing settings can be set globally or on a per-session basis. Settings include page margins, printer font, which printer to use, as well as advanced options for special host-based printing environments. |
|
|
|
| Integration with SecureFX® |
SecureCRT and SecureFX can share the global
options, session options, and the host key
database so you only need to perform operations like setting application
defaults, sessions settings, or accepting a server's host key
once. SecureCRT and SecureFX can share passwords and passphrases
while either application is running. Launch either application from a toolbar button and specify
a session to connect to. A combined installer installs both clients and their libraries into the
same folder, making it easy to install SecureCRT and SecureFX and keep them in sync. The
private key agent cache is also shared between SecureCRT and SecureFX,
eliminating the need to reenter the passphrase. |
|
|
|
| Real-time keyword highlighting |
Highlight keywords in the session window to identify errors in log files or streaming output and to highlight prompts. Specifying keyword colors on an individual basis lets you color code output to make specific strings stand out. Keyword attributes (bold, reverse video, and color) can be combined. On the Windows and Mac platforms, regular expressions can be specified as keywords, making it easier to highlight strings like IP addresses. |
|
|
|
| IPv6 |
SecureCRT 5.0 and newer releases support the IPv6 standard being implemented across
the internet. IPv6 addresses limitations with the current IPv4 standard,
such as the limited number of available IPv4 addresses. |
|
|
|
| Screen font scaling |
The font optionally grows or shrinks when resizing the SecureCRT
window. |
|
|
|
| Call SecureCRT from web browser |
SecureCRT can be set up to be your default Telnet application
for use with most web browsers. |
|
|
|
| Launch a remote command on connecting |
A session option allows a remote command or application to be
launched as soon as the session
connects, which makes it easy to have a session dedicated to a
specific task. |
|
|
|
| Execute local shell command |
Do port knocking or run a batch script before connecting to a session using the execute local shell command option. |
|
|
|
| Serial device support |
Use SecureCRT to connect to serial devices through
COM ports. On Windows, the ability to access a remote system through a named pipe makes it easier to connect to virtual machines. |
|
|
|
| TAPI support |
Create, configure, and save session options for TAPI devices including
modem, country code, phone numbers, and redial. |
|
|
|
| Alpha transparency |
Specify the transparency level for the active and inactive windows
so that you can view what's behind a SecureCRT window or easily
compare the contents of two SecureCRT windows. |
|
|
|
| Delay options |
Configure both the number of milliseconds to pause between characters
and/or between lines. A character send delay option to wait for a text prompt allows data to be sent as fast as the system can handle. |
|
|
|
| FIPS 140-2 support |
When an administrative option to run in "FIPS
Mode" is set, SecureCRT uses a FIPS 140-2 validated cryptographic
library and only allows FIPS-approved algorithms. |
|
|
|
| Session locking |
Lock sessions with a password while connected. While a session
is locked, it cannot be typed in or closed. |
|
|
|
| File-based configuration |
Create a controlled SecureCRT environment by customizing toolbars,
menus, and the keyboard shortcuts they contain. Create custom toolbars
with buttons to open sessions, invoke scripts, and send strings.
Add custom commands to the Windows system menu and contextual menus. |
|
|
|
| Multiple platform support |
SecureCRT is available for commonly used Windows (32- and 64- bit), Mac,
and Linux (32- and 64- bit) platforms. For a complete listing of supported platforms,
see the System Requirements page. |
|
|
|
| Easy install and setup |
Automatically set up program group, desktop, and Start menu shortcuts.
Install only the protocols you need. Standard uninstaller
is included. |
|
|
|
| MSI installers |
MSI support allows you to distribute the applications
through your distributions server using Group Policy and to automate
installs through SMS or other install programs. |
|
|
|
| Complete documentation |
The help system provides feature- and task-oriented topics. |
|
|
|
| Command-line options |
Define startup behavior for SecureCRT including configuration
folder, session, hostname, protocol, options, launch new sessions
in tabs in the current window, and many other settings. |
|
|
|
| Common settings location |
All application settings are stored in a common location, allowing
you to easily move settings between machines. |
|
|
|
| Free evaluation copy |
Official software releases can be downloaded and evaluated for 30 days without charge. |
|
|
|
| Open beta software releases |
Beta software releases can be downloaded and evaluated for 30 days without charge. |
|
|
|
| One-year software updates |
All registered users receive a year of software updates. An option with three years of updates is also available. |
|
|
|
| One-year technical support |
All registered users receive a year of technical support by email from VanDyke Support. An option with three years of technical support is also available. |
|
|
|
| Software maintenance available |
Software updates and support are available after the first year for multi-computer licenses. |
|
|
|
| U.S. Rehabilitation Act Section 508
compliance |
Section 508 requires Federal agencies to make
their electronic and information technology accessible to people
with disabilities. SecureCRT has been registered as a compliant product
with the Section 508
database. Voluntary Product Accessibility Template (VPAT) documents
detailing this compliance are available in Microsoft Word
format here: view the SecureCRT VPAT. |
|
|
|
Back
to Top |
|
