SecureCRT^®

Keyword highlighting enhancementWML

Keyword highlighting is more versatile with the ability to match phrases and substrings for literal strings and regular expressions.

Command Manager (Windows only)W

Streamline repetitive tasks with the dockable Command Manager, which makes it easy to organize commands into named folders, filter commands by name, and launch them with a double click or by pressing Enter. Commands and command folders can also be shared with the button bar and vice versa.

Local shell session (Windows)WML

On Windows 10 and Windows Server 2019 or later, you can open a local shell session within SecureCRT. A tabbed CMD or PowerShell session makes it easy to work on the local system without having to leave SecureCRT. Local shell was already supported on macOS and Linux.

True Color supportWML

Xterm 24-bit color (True Color) is now supported.

Session folder filterWML

Include top-level folders in the Session Manager or Connect Dialog filtered sessions by adding a forward slash to the end of the search text in the session filter box. Folders that match and the sessions in those folders are included in the filtered sessions. Partial matches are supported, making it even faster to find the session you’re looking for.

Dark Mode supportM

Dark Mode support has been added for macOS 10.14 and later.

Horizontal and vertical tiling (Mac and Linux)WML

Tile session windows in both horizontal and vertical layouts on all platforms.

Hide output for locked sessionsWML

An option was added to hide all output when a session is locked, adding an extra layer of security.

Improved Hex View interfaceWML

The Hex View now shows hex data independently for each connected session, making it easier to work with multiple Serial sessions. A selection made on the hexadecimal pane or the ASCII pane is reflected in the other pane and the ASCII pane can also be hidden. The performance of the Hex View has been improved when the window contains thousands of lines.

New algorithm supportWML

SecureCRT now supports x509v3-ecdsa-sha2 algorithms per RFC 6187 for PKCS #11 as well as SSH2 support for the diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, and diffie-hellman-group18-sha512 key-exchange algorithms.

Local proxy commandWML

A new firewall type, "Proxy command", allows a local proxy command to be run when connecting to a remote server.

Audio bellWML

The audio bell can be configured to play a sound file.

Command window optionWML

A new global option allows "Send Characters Immediately" to be enabled by default for the Command window.

Import/export button barsW M L

You can now import and export just the button bars.

Log all dataW M L

A "Log Screen" INI-file-only session option allows all data displayed in the terminal to be logged to a file.

Command-line key exchangeW M L

A new /KEX flag allows the key-exchange algorithm(s) to be specified on the command line.

TFTP server enhancementsW M L

New TFTP server enhancements include honoring the block size set by the TFTP client as specified in RFC 2347 and a global option "Allow overwrite of existing files" that allows TFTP transfers to overwrite existing files. Also new is status bar display of the running TFTP server listen address and port, and the ability to use templated paths for TFTP upload, download, and log file paths, which get modified to an appropriate path on each platform.

Scripting enhancementsW M L

The script functions WaitForCursor, WaitForKey, WaitForString, and WaitForStrings allow the wait time to be specified in milliseconds. Also, global configuration options can be retrieved and set from a script.

Platform supportM L

Support for Ubuntu 19.x and macOS 10.15 Catalina has been added.

SSH1 and SSH2 supportW M L

Both SSH1 and SSH2 are supported in a single client, providing the maximum in flexibility when connecting to a range of remote servers.

User authenticationW M L

SecureCRT supports password, public key, Kerberos v5 (via GSSAPI), and keyboard interactive when connecting to SSH2 servers. Public key support includes RSA (up to 16,384 bits), Ed25519, ECDSA (RFC 5656), DSA, PuTTY PPK, OpenSSH certificates, and X.509 including smart cards (PIV/CAC). For SSH1 servers, password, public key, and TIS authentications are supported.

Public Key AssistantW M L

Support for Public Key Assistant makes uploading public keys to an SSH2 server simple and safe for end users.

Support for GSSAPI secured key exchangeW M L

Mechanisms supported depend on GSSAPI provider.

SFTP in a tabW M L

Open an SFTP tab to the same SSH2 session without having to re-authenticate to perform file transfer operations using an interactive, text-based SFTP utility. Drag and drop files and folders onto the SFTP tab to start SFTP file transfers faster.

Encryption ciphers: Strong encryptionW M L

SecureCRT supports ChaCha20/Poly1305, AES-GCM, AES-128-CTR, AES-192-CTR, AES-256-CTR, AES-128, AES-192, AES-256, Twofish, Blowfish, 3DES, and RC4, when connecting to SSH2 servers. For SSH1 servers, Blowfish, DES, 3DES, and RC4 are supported.

Password and passphrase cachingW M L

SSH2 session passwords and passphrases can be cached, so that you don't have to reauthenticate to access the same server again while SecureCRT is running.

Port forwardingW M L

Tunnel common TCP/IP protocols (for example, POP3, IMAP4, HTTP, SMTP) via SecureCRT to a remote Secure Shell server using a single, secure, multiplexed connection.

Dynamic port forwardingW M L

Dynamic port forwarding simplifies how TCP/IP application data is routed through the Secure Shell connection. Instead of configuring port forwarding on a per-application basis in SecureCRT, each application is configured to use a SOCKS server on a local host port. SecureCRT opens a port on the local host and acts as a SOCKS server for any SOCKS-compatible application, even those that use multiple ports, such as FTP.

InteroperabilityW M L

OpenSSH-compatible host key fingerprint support and RSA host key support enhance SecureCRT's interoperability with a variety of Secure Shell servers. Public keys can be exported in OpenSSH format and can be exported from PKCS #11.

X.509 supportW M L

Smart card-based public-key authentication using X.509-compatible certificates supports highly secure two-factor authentication. SecureCRT supports the PKCS #12 (.pfx) standard file format for X.509 certificates and private keys (Windows). PKCS #11 is also supported, allowing a cryptographic token interface to be used. X.509 host key checking automatically accepts the host key if the certificate is valid.

OpenSSH key format supportW M L

Generate keys in OpenSSH format or convert VanDyke Software format private keys to OpenSSH format so that the same keys can be used with other Secure Shell clients.

OpenSSH Agent forwardingW M L

Agent forwarding support allows transparent authentication to multiple linked servers after the first SSH server has authenticated the user.

SSH Agent supportW M L

Once you register keys with Agent, re-authentication is automatic even if SecureCRT has been closed. Keys can be added and removed using Manage Agent keys on the Tools menu.

Host key managementW M L

SecureCRT allows host keys to be viewed, imported, and exported.

X11 forwardingW M L

Encrypt X11 sessions to secure remote X applications that are being displayed on the local machine.

Data compressionW M L

Variable compression levels from 1 to 9 are supported. When zlib@openssh.com compression is specified, compression starts after authentication, preventing unencrypted passwords from being cached by the zlib library.

Wide range of terminal emulationWML

VT100, VT102, VT220, VT320, ANSI, SCO ANSI, TN3270, TVI910, TVI925, Wyse 50/60, Xterm, and Linux console, with support for ANSI color with color schemes.

Xterm extensionsWML

Xterm extensions for changing the title bar and for sending basic mouse events to the remote host are supported. SecureCRT also delivers 256-color and 24-bit color (True Color) Xterm support.

Character attributesW M L

Full terminal emulation support for character attributes including VT line drawing symbols, bold, underline, reverse and blink (and double-width and double-height fonts on Windows only).

Unicode supportW M L

Unicode support includes the ability to display character sets from multiple languages, including Japanese, Chinese, and Korean multi-byte character sets, and support for right-to-left reading order languages.

80/132-column supportW M L

Supports automatic switching between 80 and 132-column display. Different fonts can be configured for the 80 and 132-column modes.

National Replacement Character SetW M L

Terminal sessions display international characters using NRCS if supported by the host application.

Configurable rows and columnsW M L

SecureCRT supports a wide range of configuration from the standard 24 rows, 80 columns to as many as 32,000 columns. An "On resize" option rewraps text in the terminal area when the SecureCRT window is resized.

Raw protocol modeW M L

This option, which is helpful for troubleshooting, allows for no (or little) interpretation of data from the remote system.

Window size changeW M L

For SSH2, SSH1, or Telnet servers supporting the NAWS extension, SecureCRT informs the remote system anytime the window is resized and the rows and columns change. For applications like Vi and Emacs, this ensures that SecureCRT stays in sync with the remote system without manually adjusting the remote's settings.

Create keyboard mappings W M L

Map keyboard combinations on a per session basis. Create mappings for any key combination — not just function keys — without an external keymap file.

Flexible keyboard mappings W M L

Create customized accelerators by mapping user-specified keyboard combinations to send a user-specified string, run a script, perform a menu or scrollbar operation, send a Telnet command, or launch external programs (like your favorite editor, cmd.exe, or regedit) on the local machine.

Graphical keymap editor W

A graphical editor provides an easy mechanism for creating keymap files that can be shared between users and systems.

Personal data folder W M L

Optionally store logon credentials separate from other session data. This makes it safer to store sessions in the cloud or on a network drive and makes it easier to share sessions with colleagues.

Named firewalls W M L

Name different firewall configurations and use them on an individual session basis.

Color schemes W M L

Predefined terminal color schemes, including Solarized, are provided. Create and save additional color schemes with customized foreground, background, and ANSI colors.

128,000-line scrollback W M L

The scrollback buffer can be configured to save up to 128,000 lines. Being able to review the history of the current session can be a life saver. From the scrollback, both copying to the clipboard and printing are supported.

Emacs mode W M L

If you commonly use Emacs, you can configure your session to use the ALT key as the meta key.

Command window W M L

Provides a mechanism for composing a line (or more) of text before sending to the remote system. The Command window also supports history, which allows previous commands to be viewed, edited, and sent. Commands can be sent to the active session, all sessions, selected tab groups, or visible sessions. A "Send characters immediately" mode makes it possible in one or multiple sessions to stop commands using CTRL+C, edit files using an editor such as vi, send escape sequences, and do tab completion.

Use environment variables in paths W

Use environment variables like APPDATA, TEMP, and USERPROFILE in paths specified in SecureCRT global and session options, making it easier to move/copy settings to other machines and to create configurations that will work for multiple users.

Multiple session editing W M L

The Session Manager allows multiple sessions to be selected and then edited, making it easy to do things like change the passwords for a group of sessions.

Import/export tool W M L

An import/export tool makes it easier to create a backup or copy SecureCRT settings from one machine to another. Optionally, just the button bars can be imported and exported.

Tabbed sessions W M L

Tabbed sessions reduce desktop clutter and make it easy to switch between sessions. Launch new tabs in the current window from a URL or command line. Send an active tab to a new window, clone a tabbed session in a new window, or drag and drop sessions between windows.

Tab groups W M L

Get more done in less time using tab groups. Switch easily between sessions organized in tabs. Or create a temporary tab group so you can work in one tab while monitoring command output from another tab.

Tiling W M L

Tiled sessions make it easier to compare multiple sessions or view output when sending commands to all sessions via the Command window. Sessions can be tiled or cascaded. A vertical or horizontal orientation can be selected.

Session Manager W M L

The dockable Session Manager lets you quickly connect to sessions. The Session Manager pane can be positioned on the left, right, top, or bottom of the SecureCRT window or undocked as a modeless dialog.  The "classic" Connect dialog is still supported. The Session Manager filter bar helps locate sessions quickly in the session database.

Session customization W M L

Sessions can be organized in nested folders. Organize hundreds of named sessions using standard copy and paste or drag and drop. Folders or multiple sessions can be launched in tabs with a single click. With "Use auto session" enabled, select a single session, multiple sessions, or folders of sessions to automatically connect on startup. With "Remember and connect to sessions from last use" enabled, the sessions opened the last time SecureCRT ran will be automatically connected on start up.

Button bar W M L

Map buttons to just about any action: send a configuration command, run a script, use a menu function, send a protocol command, or launch an external program like your favorite editor or the system activity monitor. You can also create different button bars for specific sessions or operations. Colors can be assigned to button icons to add time-saving visual cues.

Command Manager W

Streamline repetitive tasks with the dockable Command Manager, which makes it easy to organize commands into named folders, filter commands by name, and launch them with a double click or by pressing Enter. Commands and command folders can also be shared with the button bar and vice versa.

Session status information W M L

Tab status indicators display connection status using icons (all platforms) or background colors (Windows only) to display whether a session is connected, disconnected, has received new input, or no new activity, and when the tab is locked. A script status indicator shows you when a script is running in tabbed and tiled sessions.

URL support W M L

Easily open URLs: select and then open, right-click, or CTRL+click for Windows and Linux, Command+click on macOS.

Simple automated logons W M L

The initial logon username and password can be configured in order to automate logons quickly without the need to learn a scripting language.

Quick Connect W M L

The Quick Connect dialog allows you to connect to a host with just a server name—no configuration required.

Connect bar W M L

The Connect bar provides a text entry box to connect to a session quickly without opening a dialog. Autocomplete filters sessions in a drop down list as you type so you can find saved session faster. The Connect bar supports SecureCRT command-line options.

Clipboard copy and paste W M L

Select terminal text by row and column area. With the Auto Copy option on, text is automatically copied to clipboard after the text is selected. Quickly paste text into a session by using the option to paste on right or middle mouse click. A copy ANSI text to clipboard option preserves ANSI color and font data.

Multi-line paste dialog W M L

To help prevent errors, a paste confirmation dialog option displays contents of the paste buffer, which can be edited before pasting multiple lines of text into a session. The confirmation dialog can also be resized.

Customize the toolbar and menu W

Modify the toolbar and menu to suit your needs by dragging and dropping toolbar and menu items.

Anti-idle W M L

SecureCRT can be configured to use protocol specific IDLE NOOP options or send a user-defined sequence after a specified interval to eliminate idle disconnections.

SOCKS v4 and v5 W M L

Support for both SOCKS v4 and v5 for use with Telnet, Telnet/TLS (Windows), SSH1, or SSH2. When using SOCKS v5, optional firewall authentication is supported.

TIS and Wingate proxy W M L

Generic proxies from the TIS firewall toolkit and Wingate are supported for use with Telnet.

HTTP proxy W M L

Telnet, Telnet/TLS (Windows), SSH1, and SSH2 connections can be configured to connect via an HTTP proxy that supports the Connect command. Proxy setup is simplified with support for unauthenticated and basic HTTP proxies.

Local proxy command W M L

The "Proxy command" firewall type allows a local proxy command to be run when connecting to a remote server.

Dependent session option W M L

Link a session to an SSH1 or SSH2 session that it depends on, which allows connection to a jump host before connecting to other sessions.

Zmodem, Xmodem, Ymodem, and Kermit W M L

Use Zmodem, Xmodem, Ymodem, and Kermit to upload and download files over any protocol.

Send, receive ASCII W M L

Send ASCII sends file contents to host as terminal input, Receive ASCII saves host output to a file.

SFTP in a tab W M L

You can open an SFTP tab to a connected SSH2 session without having to re-authenticate to perform file transfer operations using an interactive, text-based SFTP utility.

Drag and drop file transfer W M L

Start an SFTP file transfer faster by dragging and dropping files and folders onto the SFTP tab.  You can also drag files onto the session tab and choose between ASCII, Xmodem, Ymodem, Zmodem, and Kermit (ASCII and Xmodem support single file transfer; Ymodem and Zmodem support multiple file transfers. Transferring folders is not supported.)

Send Binary transfer option W M L

Transfer binary files when the remote system doesn't support Zmodem.

Built-in TFTP server W M L

Lock the built-in server via IP address to the client router for increased security as compared to running a separate TFTP server.  Automatically start the TFTP server when SecureCRT starts or when a session connects, use TFTP to deploy firmware upgrades on network equipment, and backup or revert configurations on network devices.

Multiple ActiveX scripting languages W

Use multiple scripting languages to control SecureCRT including VBScript, JScript, and PerlScript.

Python scripting W M L

Apply the widely used Python language to SecureCRT automation.

Scripting functions W M L

Scripting functions allow you to write login scripts, send text to sessions, transfer files, work with tabs, and perform other activities.

Script recorder W M L

Quickly create a script to automate routines using the script recorder, which records keystrokes, including function keys, and then generates VBScript or Python code (Windows) or a Python script (Mac, Linux).

Session log file option W M L

Session logging to a file can be toggled on and off from the menu. SecureCRT can be configured to start logging upon connecting to the remote site. Custom log data gives you the ability to specify strings to be logged upon connect, disconnect, and on each line.

Parameter substitutions W M L

Dynamic log filename generation supports substitution of date, time, session, and environment variables. If a log file path does not already exist, it will be created automatically.

Log rotation W M L

There is an option to create a new log file at midnight by setting a variable in the log file name to write log output to a new file daily.

Command-line option W M L

A command-line parameter /LOG allows a log file to be specified on the command line.

Host-based printing W M L

SecureCRT includes robust host-based printing support for applications such as Pine that allow printing to the local printer.

Basic printing W M L

Print screen, print selection, and auto print are available from both the menu and toolbar.

Session or global print settings W M L

Printing settings can be set globally or on a per-session basis. Settings include page margins, printer font, which printer to use, as well as advanced options for special host-based printing environments.

Real-time keyword highlighting W M L

Highlight keywords in the session window to identify errors in log files or streaming output and to highlight prompts. Specifying keyword colors on an individual basis lets you color code output to make specific strings stand out. Keyword attributes (bold, reverse video, and color) can be combined. Regular expressions can be specified as keywords, making it easier to highlight strings like IP addresses. Also, substrings and phrases can be matched.

IPv6 support W M L

IPv6 addresses can be specified as session hostnames.

Screen font scaling W M L

The font optionally grows or shrinks when resizing the SecureCRT window.

Call SecureCRT from web browser W M

SecureCRT can be set up to be your default Telnet application for use with most web browsers.

Launch a remote command on connecting W M L

A session option allows a remote command or application to be launched as soon as the session connects, which makes it easy to have a session dedicated to a specific task.

Local shell session WM L

On Windows 10 and Windows Server 2019 or later, you can open a local shell session within SecureCRT. A tabbed CMD or PowerShell session makes it easy to work on the local system without having to leave SecureCRT. Local shell was already supported on macOS and Linux.

Execute local shell command W M L

Do port knocking or run a batch script before connecting to a session using the execute local shell command option.

Serial device support W M L

Use SecureCRT to connect to serial devices through COM ports. When configuring serial sessions only, valid COM ports are shown in the Session Options dialog. On Windows, the ability to access a remote system through a named pipe makes it easier to connect to virtual machines.

Hex view W M L

A hex view helps to debug serial communication. The Hex View window shows hex data independently for each connected session, making it easier to work with multiple Serial sessions. A selection made on the hexadecimal pane or the ASCII pane is reflected in the other pane and the ASCII pane can also be hidden.

TAPI support W

Create, configure, and save session options for TAPI devices including modem, country code, phone numbers, and redial.

Alpha transparency W M L

Specify the transparency level for the active and inactive windows so that you can view what's behind a SecureCRT window or easily compare the contents of two SecureCRT windows.

Delay options W M L

Configure both the number of milliseconds to pause between characters and/or between lines. A character send delay option to wait for a text prompt allows data to be sent as fast as the system can handle.

FIPS 140-2 support W

When an administrative option to run in "FIPS Mode" is set, SecureCRT uses a FIPS 140-2 validated cryptographic library and only allows FIPS-approved algorithms.

Session locking W M L

Lock sessions with a password while connected. While a session is locked, it cannot be typed in or closed. Optionally, the session output can be hidden.

File-based configuration W

Create a controlled SecureCRT environment by customizing toolbars, menus, and the keyboard shortcuts they contain. Create custom toolbars with buttons to open sessions, invoke scripts, and send strings. Add custom commands to the Windows system menu and contextual menus.

Multiple platform support W M L

SecureCRT is available for commonly used Windows, macOS, and Linux platforms. For a complete listing of supported platforms, see the System Requirements page.

Easy install and setup W

Automatically set up program group, desktop, and Start menu shortcuts. Install only the protocols you need. Standard uninstaller is included.

Update now WM

Check for a newer version of SecureCRT by selecting the "Update Now" menu item. If an update is available, you can click a button to download and install the new version.

MSI installers W

MSI support allows you to distribute the applications through your distributions server using Group Policy and to automate installs through SMS or other install programs.

Command-line options WL

Define startup behavior for SecureCRT including configuration folder, session, hostname, protocol, options, launch new sessions in tabs in the current window, and many other settings.

Integration with SecureFX® W M L

When both clients are installed together using the bundle installer, SecureFX and SecureCRT can share global options, session options, and the host key database so you only need to perform operations like setting application defaults, connection settings, or accepting a server's host key once. SecureFX and SecureCRT can share passwords and passphrases while either application is running. Click on a toolbar button to launch the other application and connect to the current active session.

Try before you buy free evaluation copyWML

Official software releases can be downloaded and evaluated for 30 days without charge.

Open beta software releasesWML

Beta software releases can be downloaded and evaluated for 30 days without charge.

One-year software updatesWML

All registered users receive a year of software updates. An option with three years of updates is also available.

One-year technical supportWML

All registered users receive a year of technical support by email from VanDyke Support. An option with three years of technical support is also available.

Software maintenance availableWML

Software updates and support are available after the first year for multi-computer licenses.

U.S. Rehabilitation Act Section 508 complianceW

Section 508 requires Federal agencies to make their electronic and information technology accessible to people with disabilities. SecureCRT has been registered as a compliant product with the Section 508 database. Voluntary Product Accessibility Template (VPAT) documents detailing this compliance are available in Acrobat PDF format here: view the SecureCRT VPAT.