SecureCRT^®

Enhanced ANSI colorWML

New built-in ANSI color schemes, including Solarized, make it easy to change the look of your terminal workspace. Choose from a variety of light and dark color combinations, all of which have coordinated background, foreground, and ANSI color combinations.

Line rewrappingWML

When the SecureCRT window is resized, the text in the terminal area is rewrapped.

Connect bar auto completeW M L

Connect bar auto complete begins filtering as you type, making it easier to find and connect to saved sessions.

Paste confirmation dialogW M L

A paste confirmation dialog option allows you to preview the contents of the paste buffer before pasting multiple lines of text into a session. This helps prevent accidental pasting of buffer contents into a production or other critical server.

Drag and drop multiple sessionsW M L

Multiple sessions can be dragged and dropped or copied and pasted in the Session Manager and Connect dialog.

Session managementWML

Filtered searches in the Session Manager and Connect bar are faster, which is helpful when the session database is large or located on a network drive.

Larger recent sessions listW M L

Up to 16 sessions can now be included on the recent session list.

Encryption enhancementsW M L

Support has been added for the SSH2 ChaCha20/Poly1305 and AES-GCM ciphers and the UMAC-128 MAC algorithm. OpenSSH certificates can now be used for authenticating SSH2 sessions.

Scripting enhancementsW M L

Scripting enhancements include the ability to script session locking from the Session object. A global INI-file-only option to specify the script path has also been added.

Other enhancementsW M L

If a session cannot be cloned or connected using SFTP on the existing SSH transport, SecureCRT will create a new transport. The "Update Now" menu item is now also available for the Mac, which checks for a newer version of SecureCRT. New to the Mac and now on all platforms, arguments can be passed to a local application that is launched when a tunnel is established.

SSH1 and SSH2 supportW M L

Both SSH1 and SSH2 are supported in a single client, providing the maximum in flexibility when connecting to a range of remote servers.

User authenticationW M L

SecureCRT supports password, public key, Kerberos v5 (via GSSAPI), and keyboard interactive when connecting to SSH2 servers. Public key support includes RSA (up to 16,384 bits), Ed25519, ECDSA (RFC 5656), DSA, PuTTY PPK, OpenSSH certificates, and X.509 (Windows) including smart cards (PIV/CAC). For SSH1 servers, password, public key, and TIS authentications are supported.

Public Key AssistantW M L

Support for Public Key Assistant makes uploading public keys to an SSH2 server simple and safe for end users.

Support for GSSAPI secured key exchangeW M L

Mechanisms supported depend on GSSAPI provider.

SFTP in a tabW M L

Open an SFTP tab to the same SSH2 session without having to re-authenticate to perform file transfer operations using an interactive, text-based SFTP utility. Drag and drop files and folders onto the SFTP tab to start SFTP file transfers faster.

Encryption ciphers: Strong encryptionW M L

SecureCRT supports ChaCha20/Poly1305, AES-GCM, AES-128-CTR, AES-192-CTR, AES-256-CTR, AES-128, AES-192, AES-256, Twofish, Blowfish, 3DES, and RC4, when connecting to SSH2 servers. For SSH1 servers, Blowfish, DES, 3DES, and RC4 are supported.

Password and passphrase cachingW M L

SSH2 session passwords and passphrases can be cached, so that you don't have to reauthenticate to access the same server again while SecureCRT is running (also the Activator utility on Windows)

Port forwardingW M L

Tunnel common TCP/IP protocols (for example, POP3, IMAP4, HTTP, SMTP) via SecureCRT to a remote Secure Shell server using a single, secure, multiplexed connection. Port forwarding configuration has been integrated into the tree-based Session Options dialog allowing easier configuration for securing TCP/IP application data.

Dynamic port forwardingW M L

Dynamic port forwarding simplifies how TCP/IP application data is routed through the Secure Shell connection. Instead of configuring port forwarding on a per-application basis in SecureCRT, each application is configured to use a SOCKS server on a local host port. SecureCRT opens a port on the local host and acts as a SOCKS server for any SOCKS-compatible application, even those that use multiple ports, such as FTP.

InteroperabilityW M L

OpenSSH-compatible host key fingerprint support and RSA host key support enhance SecureCRT's interoperability with a variety of Secure Shell servers. Public keys can be exported in OpenSSH format and can be exported from PKCS #11.

X.509 supportW M L

Smart card-based public-key authentication using X.509-compatible certificates supports highly secure two-factor authentication. SecureCRT supports the PKCS #12 (.pfx) standard file format for X.509 certificates and private keys (Windows). PKCS #11 is also supported, allowing a cryptographic token interface to be used. X.509 host key checking automatically accepts the host key if the certificate is valid.

OpenSSH key format supportW M L

Generate keys in OpenSSH format or convert VanDyke Software format private keys to OpenSSH format so that the same keys can be used with other Secure Shell clients.

OpenSSH Agent forwardingW M L

Agent forwarding support allows transparent authentication to multiple linked servers after the first SSH server has authenticated the user.

SSH Agent supportW M L

Once you register keys with Agent, re-authentication is automatic even if SecureCRT has been closed. From 6.6 on, keys can be added and removed using Manage Agent keys on the Tools menu.

Host key managementW M L

SecureCRT allows host keys to be viewed, imported, and exported.

X11 forwardingW M L

Encrypt X11 sessions to secure remote X applications that are being displayed on the local machine.

Data compressionW M L

Improves the performance of encrypted dialup connections — variable compression levels from 1 to 9. When zlib@openssh.com compression is specified, compression starts after authentication, preventing unencrypted passwords from being cached by the zlib library.

Wide range of terminal emulationWML

VT100, VT102, VT220, ANSI, SCO ANSI, TN3270, Wyse 50/60, Xterm, and Linux console, with support for ANSI color with color schemes.

Xterm extensionsWML

Supports the Xterm extensions for changing the title bar and for sending basic mouse events to the remote host. SecureCRT also delivers 256-color Xterm support.

Character attributesW M L

Full terminal emulation support for character attributes including VT line drawing symbols, bold, underline, reverse and blink (and double-width and double-height fonts on Windows only).

Unicode supportW M L

Unicode support includes the ability to display character sets from multiple languages, including Japanese, Chinese, and Korean multi-byte character sets, and support for right-to-left reading order languages.

80/132-column supportW M L

Supports automatic switching between 80 and 132-column display. Different fonts can be configured for the 80 and 132-column modes.

National Replacement Character SetW M L

Terminal sessions display international characters using NRCS if supported by the host application.

Configurable rows and columnsW M L

SecureCRT supports a wide range of configuration from the standard 24 rows, 80 columns to as many as 32,000 columns. An "On resize" option rewraps text in the terminal area when the SecureCRT window is resized.

Raw protocol modeW M L

This option, which is helpful for troubleshooting, allows for no (or little) interpretation of data from the remote system.

Window size changeW M L

For SSH2, SSH1, or Telnet servers supporting the NAWS extension, SecureCRT informs the remote system anytime the window is resized and the rows and columns change. For applications like Vi and Emacs, this ensures that SecureCRT stays in sync with the remote system without manually adjusting the remote's settings.

Create keyboard mappings W M L

Map keyboard combinations on a per session basis. Create mappings for any key combination — not just function keys — without an external keymap file.

Flexible keyboard mappings W M L

Create customized accelerators by mapping user-specified keyboard combinations to send a user-specified string, run a script, perform a menu or scrollbar operation, send a Telnet command, or launch external programs (like your favorite editor, cmd.exe, or regedit) on the local machine.

Graphical keymap editor W

Graphical editor provides an easy mechanism for creating keymap files that can be shared between users and systems.

Named sessions W M L

Create sessions from the Session Manager to define specific preferences for different hosts or for different purposes on the same host.

Personal data folder W M L

Optionally store logon credentials separate from other session data.  This makes it safer to store sessions in the cloud or on a network drive and makes it easier to share sessions with colleagues.

Named firewalls W M L

Name different firewall configurations and use them on an individual session basis.

Color schemes W M L

Predefined terminal color schemes, including Solarized, are provided. Create and save additional color schemes with customized foreground, background, and ANSI colors.

128,000-line scrollback W M L

The scrollback buffer can be configured to save up to 128,000 lines. Being able to review the history of the current session can be a life saver. From the scrollback, both copying to the clipboard and printing are supported.

Emacs mode W M L

If you commonly use Emacs, you can configure your session to use the ALT key as the meta key.

Command window W M L

Provides a mechanism for composing a line (or more) of text before sending to the remote system. The Command window also supports history, which allows previous commands to be viewed, edited, and sent. Commands can be sent to the active session, all sessions, selected tab groups, or visible sessions. A "Send characters immediately" mode makes it possible in one or multiple sessions to stop commands using CTRL+C, edit files using an editor such as vi, send escape sequences, and do tab completion.

Use environment variables in paths W

Use environment variables like APPDATA, TEMP, and USERPROFILE in paths specified in SecureCRT global and session options, making it easier to move/copy settings to other machines and to create configurations that will work for multiple users.

Multiple session editing W M L

The Session Manager allows multiple sessions to be selected and then edited, making it easy to do things like change the passwords for a group of sessions.

Import/export tool W M L

An import/export tool makes it easier to create a backup or copy SecureCRT settings from one machine to another.

Tabbed sessions W M L

Tabbed sessions reduce desktop clutter and make it easy to switch between sessions. Launch new tabs in the current window from a URL or command line. Send an active tab to a new window, clone a tabbed session in a new window, or drag and drop sessions between windows.

Tab groups W M L

Get more done in less time using tab groups. Switch easily between sessions organized in tabs. Or create a temporary tab group so you can work in one tab while monitoring command output from another tab.

Tiling W M L

Tiled sessions make it easier to compare multiple sessions or view output when sending commands to all sessions via the Command window. Sessions can be tiled or cascaded. On Windows, a vertical or horizontal orientation can be selected.

Button bar W M L

Map buttons to just about any action: send a configuration command, run a script, use a menu function, send a protocol command, or launch an external program like your favorite editor or the system activity monitor. You can also create different button bars for specific sessions or operations. Colors can be assigned to button icons to add time-saving visual cues.

Activator tray utility W

The Activator utility allows minimizing any session window to the system tray, cutting down on desktop and taskbar clutter.

Session Manager W M L

The dockable Session Manager lets you quickly connect to sessions. The Session Manager pane can be positioned on the left, right, top, or bottom of the SecureCRT window or undocked as a modeless dialog.  The "classic" Connect dialog is still supported. The Session Manager filter bar helps locate sessions quickly in the session database.

Session customization W M L

Sessions can be organized in nested folders. Organize hundreds of named sessions using standard copy and paste or drag and drop. Folders or multiple sessions can be launched in tabs with a single click. With "Use auto session" enabled, select a single session, multiple sessions, or folders of sessions to automatically connect on startup. With "Remember and connect to sessions from last use" enabled, the sessions opened the last time SecureCRT ran will be automatically connected on start up.

Session status information W M L

Tab status indicators display connection status using icons (all platforms) or background colors (Windows only) to display whether a session is connected, disconnected, has received new input, or no new activity.

URL support W M L

Easily open URLs: select and then open, right-click, or CTRL+click for Windows and Linux, Command+click on macOS.

Simple automated logons W M L

The initial logon username and password can be configured in order to automate logons quickly without the need to learn a scripting language.

Quick Connect W M L

The Quick Connect dialog allows you to connect to a host with just a server name—no configuration required. Optionally, you can save the connection for future use.

Connect bar W M L

The Connect bar provides a text entry box to connect to a session quickly without opening a dialog. Autocomplete filters sessions in a drop down list as you type so you can find saved session faster. The Connect bar supports SecureCRT command-line options.

Clipboard copy and paste W M L

Select terminal text by row and column area. With the Auto Copy option on, text is automatically copied to clipboard after the text is selected. Quickly paste text into a session by using the option to paste on right or middle mouse click. A copy ANSI text to clipboard option preserves ANSI color and font data. To help prevent errors, a paste confirmation dialog option displays contents of the paste buffer before pasting multiple lines of text into a session.

Customize the toolbar and menu W

Modify the toolbar and menu to suit your needs by dragging and dropping toolbar and menu items.

Anti-idle W M L

SecureCRT can be configured to use protocol specific IDLE NOOP options or send a user-defined sequence after a specified interval to eliminate idle disconnections.

SOCKS v4 and v5 W M L

Support for both SOCKS v4 and v5 for use with Telnet, Telnet/TLS (Windows), SSH1, or SSH2. When using SOCKS v5, optional firewall authentication is supported.

TIS and Wingate proxy W M L

Generic proxies from the TIS firewall toolkit and Wingate are supported for use with Telnet.

HTTP proxy W M L

Telnet, Telnet/TLS (Windows), SSH1, and SSH2 connections can be configured to connect via an HTTP proxy that supports the Connect command. Proxy setup is simplified with support for unauthenticated and basic HTTP proxies.

Dependent session option W M L

Link a session to an SSH1 or SSH2 session that it depends on, which allows connection to a jump host before connecting to other sessions.

Zmodem, Xmodem, Ymodem, and Kermit W M L

Use Zmodem, Xmodem, Ymodem, and Kermit to upload and download files over any protocol.

Send, receive ASCII W M L

Send ASCII sends file contents to host as terminal input, Receive ASCII saves host output to a file.

SFTP in a tab W M L

You can open an SFTP tab to a connected SSH2 session without having to re-authenticate to perform file transfer operations using an interactive, text-based SFTP utility.

Drag and drop file transfer W M L

Start an SFTP file transfer faster by dragging and dropping files and folders onto the SFTP tab.  You can also drag files onto the session tab and choose between ASCII, Xmodem, Ymodem, Zmodem, and Kermit (ASCII and Xmodem support single file transfer; Ymodem and Zmodem support multiple file transfers. Transferring folders is not supported.)

Send Binary transfer option W M L

Transfer binary files when the remote system doesn't support Zmodem.

Built-in TFTP server W M L

Lock the built-in server via IP address to the client router for increased security as compared to running a separate TFTP server.  Automatically start the TFTP server when SecureCRT starts or when a session connects, use TFTP to deploy firmware upgrades on network equipment, and backup or revert configurations on network devices.

Multiple ActiveX scripting languages W

Use multiple scripting languages to control SecureCRT including VBScript, JScript, and PerlScript.

Python scripting W M L

Apply the widely used Python language to SecureCRT automation.

Scripting functions W M L

Scripting functions allow you to write login scripts, send text to sessions, transfer files, work with tabs, and perform other activities.

Script recorder W M L

Quickly create a script to automate routines using the script recorder, which records keystrokes, including function keys, and then generates VBScript or Python code (Windows) or a Python script (Mac, Linux).

Session log file option W M L

Session logging to a file can be toggled on and off from the menu. SecureCRT can be configured to start logging upon connecting to the remote site. Custom log data gives you the ability to specify strings to be logged upon connect, disconnect, and on each line.

Parameter substitutions W M L

Dynamic log filename generation supports substitution of date, time, session, and environment variables. If a log file path does not already exist, it will be created automatically.

Log rotation W M L

There is an option to create a new log file at midnight by setting a variable in the log file name to write log output to a new file daily.

Command-line option W M L

A command-line parameter /LOG allows a log file to be specified on the command line.

Host-based printing W M L

SecureCRT includes robust host-based printing support for applications such as Pine that allow printing to the local printer.

Basic printing W M L

Print screen, print selection, and auto print are available from both the menu and toolbar.

Session or global print settings W M L

Printing settings can be set globally or on a per-session basis. Settings include page margins, printer font, which printer to use, as well as advanced options for special host-based printing environments.

Integration with SecureFX® W M L

SecureCRT and SecureFX can share global options, session options, and the host key database so you only need to perform operations like setting application defaults, sessions settings, or accepting a server's host key once. SecureCRT and SecureFX can share passwords and passphrases while either application is running. When using either SecureCRT or SecureFX, click on the other application’s product icon in the toolbar to connect to the current active session or to specify a new connection. A combined installer is available that installs both clients and their libraries into the same folder, making it easy to install SecureCRT and SecureFX and keep them in sync.

Real-time keyword highlighting W M L

Highlight keywords in the session window to identify errors in log files or streaming output and to highlight prompts. Specifying keyword colors on an individual basis lets you color code output to make specific strings stand out.  Keyword attributes (bold, reverse video, and color) can be combined. On the Windows and Mac platforms, regular expressions can be specified as keywords, making it easier to highlight strings like IP addresses.

IPv6 W M L

SecureCRT 5.0 and newer releases support the IPv6 standard being implemented across the internet. IPv6 addresses limitations with the current IPv4 standard, such as the limited number of available IPv4 addresses.

Screen font scaling W M L

The font optionally grows or shrinks when resizing the SecureCRT window.

Call SecureCRT from web browser W M

SecureCRT can be set up to be your default Telnet application for use with most web browsers.

Launch a remote command on connecting W M L

A session option allows a remote command or application to be launched as soon as the session connects, which makes it easy to have a session dedicated to a specific task.

Execute local shell command W M L

Do port knocking or run a batch script before connecting to a session using the execute local shell command option.

Serial device support W M L

Use SecureCRT to connect to serial devices through COM ports. On Windows, the ability to access a remote system through a named pipe makes it easier to connect to virtual machines.

Hex view W M L

A hex view helps to debug serial communication. When configuring serial sessions only, valid COM ports are shown in the Session Options dialog.

TAPI support W

Create, configure, and save session options for TAPI devices including modem, country code, phone numbers, and redial.

Alpha transparency W M L

Specify the transparency level for the active and inactive windows so that you can view what's behind a SecureCRT window or easily compare the contents of two SecureCRT windows.

Delay options W M L

Configure both the number of milliseconds to pause between characters and/or between lines. A character send delay option to wait for a text prompt allows data to be sent as fast as the system can handle.

FIPS 140-2 support W

When an administrative option to run in "FIPS Mode" is set, SecureCRT uses a FIPS 140-2 validated cryptographic library and only allows FIPS-approved algorithms.

Session locking W M L

Lock sessions with a password while connected. While a session is locked, it cannot be typed in or closed.

File-based configuration W

Create a controlled SecureCRT environment by customizing toolbars, menus, and the keyboard shortcuts they contain. Create custom toolbars with buttons to open sessions, invoke scripts, and send strings. Add custom commands to the Windows system menu and contextual menus.

Multiple platform support W M L

SecureCRT is available for commonly used Windows, Mac, and Linux platforms. For a complete listing of supported platforms, see the System Requirements page.

Easy install and setup W

Automatically set up program group, desktop, and Start menu shortcuts. Install only the protocols you need. Standard uninstaller is included.

Update now WM

An "Update Now" menu item checks for a newer version of SecureCRT. If available, you can click on a button to download and install the new version.

MSI installers W

MSI support allows you to distribute the applications through your distributions server using Group Policy and to automate installs through SMS or other install programs.

Complete documentation W M L

The help system provides feature- and task-oriented topics.

Command-line options WL

Define startup behavior for SecureCRT including configuration folder, session, hostname, protocol, options, launch new sessions in tabs in the current window, and many other settings.

Common settings location W M L

All application settings are stored in a common location, allowing you to easily move settings between machines.

Try before you buy free evaluation copyWML

Official software releases can be downloaded and evaluated for 30 days without charge.

Open beta software releasesWML

Beta software releases can be downloaded and evaluated for 30 days without charge.

One-year software updatesWML

All registered users receive a year of software updates. An option with three years of updates is also available.

One-year technical supportWML

All registered users receive a year of technical support by email from VanDyke Support.

Software maintenance availableWML

Software updates and support are available after the first year for multi-computer licenses.

U.S. Rehabilitation Act Section 508 complianceW

Section 508 requires Federal agencies to make their electronic and information technology accessible to people with disabilities. SecureCRT has been registered as a compliant product with the Section 508 database. Voluntary Product Accessibility Template (VPAT) documents detailing this compliance are available in Acrobat PDF format here: view the SecureCRT VPAT.