SecureCRT combines rock-solid terminal emulation with the strong encryption, data integrity, and authentication options of the Secure Shell protocol. SecureCRT provides secure remote access, file transfer, and data tunneling for everyone in your organization.
• Provide strong, multi-protocol security for data in transit
• Set up and configure easily
• Monitor and log events with automation support
Enhanced ANSI color
New built-in ANSI color schemes, including Solarized, make it easy to change the look of your terminal workspace. Choose from a variety of light and dark color combinations, all of which have coordinated background, foreground, and ANSI color combinations.
When the SecureCRT window is resized, the text in the terminal area is rewrapped.
Connect bar auto complete
Connect bar auto complete begins filtering as you type, making it easier to find and connect to saved sessions.
Paste confirmation dialog
A paste confirmation dialog option allows you to preview the contents of the paste buffer before pasting multiple lines of text into a session. This helps prevent accidental pasting of buffer contents into a production or other critical server.
Drag and drop multiple sessions
Multiple sessions can be dragged and dropped or copied and pasted in the Session Manager and Connect dialog.
Filtered searches in the Session Manager and Connect bar are faster, which is helpful when the session database is large or located on a network drive.
Larger recent sessions list
Up to 16 sessions can now be included on the recent session list.
Support has been added for the SSH2 ChaCha20/Poly1305 and AES-GCM ciphers and the UMAC-128 MAC algorithm. OpenSSH certificates can now be used for authenticating SSH2 sessions.
Scripting enhancements include the ability to script session locking from the Session object. A global INI-file-only option to specify the script path has also been added.
If a session cannot be cloned or connected using SFTP on the existing SSH transport, SecureCRT will create a new transport. The “Update Now” menu item is now also available for the Mac, which checks for a newer version of SecureCRT. New to the Mac and now on all platforms, arguments can be passed to a local application that is launched when a tunnel is established.
SSH1 and SSH2 support
Both SSH1 and SSH2 are supported in a single client, providing the maximum in flexibility when connecting to a range of remote servers.
SecureCRT supports password, public key, Kerberos v5 (via GSSAPI), and keyboard interactive when connecting to SSH2 servers. Public key support includes RSA (up to 16,384 bits), Ed25519, ECDSA (RFC 5656), DSA, PuTTY PPK, OpenSSH certificates, and X.509 (Windows) including smart cards (PIV/CAC). For SSH1 servers, password, public key, and TIS authentications are supported.
Public Key Assistant
Support for Public Key Assistant makes uploading public keys to an SSH2 server simple and safe for end users.
Support for GSSAPI secured key exchange
Mechanisms supported depend on GSSAPI provider.
SFTP in a tab
Open an SFTP tab to the same SSH2 session without having to re-authenticate to perform file transfer operations using an interactive, text-based SFTP utility. Drag and drop files and folders onto the SFTP tab to start SFTP file transfers faster.
Encryption ciphers: Strong encryption
SecureCRT supports ChaCha20/Poly1305, AES-GCM, AES-128-CTR, AES-192-CTR, AES-256-CTR, AES-128, AES-192, AES-256, Twofish, Blowfish, 3DES, and RC4, when connecting to SSH2 servers. For SSH1 servers, Blowfish, DES, 3DES, and RC4 are supported.
Password and passphrase caching
SSH2 session passwords and passphrases can be cached, so that you don’t have to reauthenticate to access the same server again while SecureCRT is running (also the Activator utility on Windows)
Tunnel common TCP/IP protocols (for example, POP3, IMAP4, HTTP, SMTP) via SecureCRT to a remote Secure Shell server using a single, secure, multiplexed connection. Port forwarding configuration has been integrated into the tree-based Session Options dialog allowing easier configuration for securing TCP/IP application data.
Dynamic port forwarding
Dynamic port forwarding simplifies how TCP/IP application data is routed through the Secure Shell connection. Instead of configuring port forwarding on a per-application basis in SecureCRT, each application is configured to use a SOCKS server on a local host port. SecureCRT opens a port on the local host and acts as a SOCKS server for any SOCKS-compatible application, even those that use multiple ports, such as FTP.
OpenSSH-compatible host key fingerprint support and RSA host key support enhance SecureCRT’s interoperability with a variety of Secure Shell servers. Public keys can be exported in OpenSSH format and can be exported from PKCS #11.
Smart card-based public-key authentication using X.509-compatible certificates supports highly secure two-factor authentication. SecureCRT supports the PKCS #12 (.pfx) standard file format for X.509 certificates and private keys (Windows). PKCS #11 is also supported, allowing a cryptographic token interface to be used. X.509 host key checking automatically accepts the host key if the certificate is valid.
OpenSSH key format support
Generate keys in OpenSSH format or convert VanDyke Software format private keys to OpenSSH format so that the same keys can be used with other Secure Shell clients.
OpenSSH Agent forwarding
Agent forwarding support allows transparent authentication to multiple linked servers after the first SSH server has authenticated the user.
SSH Agent support
Once you register keys with Agent, re-authentication is automatic even if SecureCRT has been closed. From 6.6 on, keys can be added and removed using Manage Agent keys on the Tools menu.
Host key management
SecureCRT allows host keys to be viewed, imported, and exported.
Encrypt X11 sessions to secure remote X applications that are being displayed on the local machine.
Improves the performance of encrypted dialup connections — variable compression levels from 1 to 9. When firstname.lastname@example.org compression is specified, compression starts after authentication, preventing unencrypted passwords from being cached by the zlib library.
Wide range of terminal emulation
VT100, VT102, VT220, ANSI, SCO ANSI, TN3270, Wyse 50/60, Xterm, and Linux console, with support for ANSI color with color schemes.
Supports the Xterm extensions for changing the title bar and for sending basic mouse events to the remote host. SecureCRT also delivers 256-color Xterm support.
Full terminal emulation support for character attributes including VT line drawing symbols, bold, underline, reverse and blink (and double-width and double-height fonts on Windows only).
Unicode support includes the ability to display character sets from multiple languages, including Japanese, Chinese, and Korean multi-byte character sets, and support for right-to-left reading order languages.
Supports automatic switching between 80 and 132-column display. Different fonts can be configured for the 80 and 132-column modes.
National Replacement Character Set
Terminal sessions display international characters using NRCS if supported by the host application.
Configurable rows and columns
SecureCRT supports a wide range of configuration from the standard 24 rows, 80 columns to as many as 32,000 columns. An “On resize” option rewraps text in the terminal area when the SecureCRT window is resized.
Raw protocol mode
This option, which is helpful for troubleshooting, allows for no (or little) interpretation of data from the remote system.
Window size change
For SSH2, SSH1, or Telnet servers supporting the NAWS extension, SecureCRT informs the remote system anytime the window is resized and the rows and columns change. For applications like Vi and Emacs, this ensures that SecureCRT stays in sync with the remote system without manually adjusting the remote’s settings.