VanDyke ClientPack for Windows and UNIX
The VanDyke ClientPack is a suite of tools for automating file transfer, shell, and public-key administration tasks. VRALib, a key component of the ClientPack, is a Windows COM API that enables custom scripting of SSH2 connections.
New in VanDyke ClientPack 8.5
vsh, vsftp, and vcp now have support for the firstname.lastname@example.org and email@example.com MACs.
All the VanDyke ClientPack applications support password, public-key, Kerberos v5 (via GSSAPI), and keyboard-interactive when connecting to SSH2 servers. Public key support includes RSA (up to 16,384 bits), Ed25519, ECDSA (RFC 5656), DSA, PuTTY PPK, and OpenSSH certificates. vsh supports connections to SSH1 servers using password, public-key, and TIS authentications. Keys up to 16,384 bits can be generated and can be stored in agent, improving security. The limit for Red Hat Enterprise Linux 6.0 32-bit is 4,096.
The VanDyke ClientPack applications support ChaCha20/Poly1305, AES-GCM, AES-128-CTR, AES-192-CTR, AES-256-CTR, AES-128, AES-192, AES-256, Twofish, Blowfish, 3DES, and RC4 ciphers when connecting to SSH2 servers. The maximum 2048 bits length of DSA keys under SSH2 provides more secure encryption. For SSH1 servers, Blowfish, DES, 3DES, and RC4 and are supported. Microsoft CAPI encryption is supported in vkeygen during key generation and passphrase change operations.
SFTP protocol support
vcp and vsftp support SFTP through version 6.
FIPS 140-2 (Windows only)
The VanDyke ClientPack for Windows has an administrative option to run in “FIPS Mode”. When this option is set, the VanDyke ClientPack applications use a FIPS 140-2 validated cryptographic library and only allow FIPS-approved algorithms.
SSH Agent support
Agent forwarding support allows transparent authentication to multiple linked servers after the first SSH server has authenticated the user.
vsh allows you to tunnel common TCP/IP protocols (for example, POP3, IMAP4, HTTP, SMTP) to a remote Secure Shell server using a single, secure, multiplexed connection.
Dynamic port forwarding
vsh provides dynamic port forwarding which simplifies how TCP/IP application data is routed through the Secure Shell connection. Instead of configuring port forwarding on a per-application basis in vsh, each application is configured to use a SOCKS server on a local host port. vsh opens a port on the local host and acts as a SOCKS server for any SOCKS-compatible application, even those that use multiple ports, such as FTP.
vsh allows you to encrypt X11 Windows sessions to secure remote X applications that are being displayed on the local PC.
Like rsh, vsh can be used to execute commands on a remote system. But unlike rsh, vsh provides secure encrypted communications over a nonsecure network.
Both SSH1 and SSH2 are supported in vsh, providing the maximum in flexibility when connecting to a range of remote servers.
Create public/private keys
vkeygen is a program that generates public and private keys with options to set the key length (in bits) and passphrase associated with the key pair. Microsoft CAPI encryption is also supported during key generation and passphrase change.
Upload and manage keys
vpka is a public-key assistant program which allows a user with no public key file on the server to upload a public key for use in authentication. vpka can also be used to define parameters for keys and to remove keys from the server.
Support for SOCKS v4 and v5 and unauthenticated HTTP proxies.