SecureCRT

Changes in SecureCRT 3.0.1
--------------------------

Vulnerability Fix:

- SSH2: For some algorithms, an attacker can manipulate the packets sent during key exchange to cause some packets to be removed, which compromises channel integrity. A "Strict KEX" extension was implemented to address this vulnerability (CVE-2023-48795). In order to use the "Strict KEX" extension, the extension must be supported by both the client and the server.


Bug Fixes:

- On iOS 17, when a text selection was started in the terminal view, SecureCRT may have crashed.

- On iOS 17, if the backspace key was held down while focus was in the terminal, the key did not repeat.

- On iOS 16, when scrolling into the scrollback buffer in a session configured with a large font size, scrolling back down to the prompt may have failed.

- If the public key specified for a session contained a "." in the filename, an error that the private-key file could not be found was reported.

Changes in SecureCRT 2.5.2
--------------------------

Change:

- The keyboard function key view now includes the F11 and F12 keys.

Bug Fix:

- When scrolling through data in the scrollback, the view may have jumped to the very top or very bottom of the view.

Changes in SecureCRT 2.5.1
--------------------------

Bug Fixes:

- When importing a private key that was passphrase protected, SecureCRT could hang.

- In certain cases, importing a configuration archive file silently failed.

Changes in SecureCRT 2.5
------------------------

Vulnerability addressed:

- An external report claims that when using a brute-force attack, sensitive data, such as passwords, stored in the SecureCRT configuration without a configuration passphrase or with a weak configuration passphrase can be cracked in a relatively short amount of time. Direct access to the configuration data is required in order to exploit this vulnerability.

Bug Fixes:

- When attempting to download a file with Y/Zmodem, SecureCRT could have crashed.

- If a configuration was imported that included a hostkey database path that was not located under the main configuration directory, then hostkey acceptance may have failed immediately after the import. Restarting SecureCRT automatically fixed the problem.

- If a session that had zlib compression configured was imported, the compression could have unexpectedly changed to zlib@openssh.com.

- When the Session Options page was displayed and the device was rotated between landscape and portrait orientation, some of the option fields may have been cut off.

- When authenticating with an RSA public key, if agent forwarding was used to connect to another host, the SSH agent may have reported an "incorrect signature type" error.

- On iOS 16, the keyboard displayed a large blank space below the accessory view and the accessory view itself could have disappeared after the keyboard was hidden and restored.

Changes in SecureCRT 2.4.4
--------------------------

Bug Fixes:

- On iOS 16, SecureCRT crashed on startup.

- When copying a line that had wrapped in the view, newlines were inserted into the copied string at the point where the line wrapped.

Changes in SecureCRT 2.4.3
--------------------------

Bug Fixes:

- When using a mouse pointer (or potentially other pointer devices) within the terminal view, SecureCRT crashed.

- If the session Firewall page was displayed while the session had an invalid name specified, SecureCRT could crash.

- When prompted to import a configuration file that was placed on the device, SecureCRT could hang.

- On certain devices, when connecting to a session that did not have a hostname specified, SecureCRT could hang.

- On certain devices, when importing a private key, SecureCRT could hang.

- On certain devices, when creating a public key with a name of an existing key, SecureCRT could hang.

- On certain devices, if an email client has not been setup and the "Email Public Key" option is selected, SecureCRT could hang.

- On certain devices, when attempting to create a firewall with an invalid name, SecureCRT could hang.

- When the Session Options page was displayed and the device was rotated between landscape and portrait orientation, some of the option fields may have been cut off.

- When multiple sessions were connected and the visible session was closed due to the "Close on Disconnect" option being enabled, the text in the remaining session's view may have been hidden.

- On certain devices, when importing a private key, the passphrase field may have been obscured by a "Strong Password" label.

Changes in SecureCRT 2.4.2
--------------------------

Bug Fixes:

- On certain devices (e.g., iPhone 13 Pro), SecureCRT could hang at startup.

- On certain devices, when the "Confirm Disconnect" prompt was displayed, SecureCRT could hang.

- On certain devices, when attempting to save a session with an invalid name, SecureCRT could hang.

- When an error dialog was displayed from the configuration passphrase interface, SecureCRT could hang.

- When generating or importing a public key and the specified passphrases did not match, SecureCRT could hang.

- If the Session Firewall page was displayed while the session had an invalid name specified, SecureCRT could crash.

Changes in SecureCRT for iOS 2.4.1
----------------------------------

Bug Fix:

- On iOS 15, SecureCRT crashed when attempting to make a connection.

Changes in SecureCRT for iOS 2.4
--------------------------------

New features:

- Added support for Dark Mode.
- Added support for SSH agent and OpenSSH agent forwarding.
- Added support for TVI925 and TVI910 emulations.
- SSH2: Added support for the diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, and diffie-hellman-group18-sha512 key-exchange algorithms.

Changes:

- When single and double quotes are typed into a session, they are not converted to smart quotes.
- Added support for ANSI_SC and ANSI_RC escape sequences to Xterm emulation.
- Added support for the ECMA-48 REP (repeating character) Xterm escape sequence. This escape sequence indicates the previous character in the data stream should be repeated "n" times.
- SecureCRT now handles the Xterm "paste bracketing" escape sequence so that indentation is correct when indented text is pasted into an editor.
- If a firewall name is changed, any sessions using that firewall are updated with the new firewall name.
- When generating a new key, the default is now RSA.
- When generating a new RSA key, the default size is now 3072 bits.
- When SecureCRT is attempting to automatically reconnect a session after its connection has been lost, if the reconnect takes more than one attempt, the reconnecting message is updated in the terminal instead of being displayed again.
- When connecting to a ProFTPD mod_sftp server, SFTP version 3 is used by default.
- SSH2: Removed support for several weak ciphers (Blowfish, 3DES, RC4) and MACs (SHA1-96, MD5, and MD5-96).
- SSH2: When doing public-key authentication, if there is no corresponding private-key file without an extension and there is a private-key file with a .ppk extension, it will be used.
- SSH2: Keyboard-interactive authentication works with a prompt that contains "password" with any combination of upper and lower case letters (e.g., "Password" or "PASSWORD").

Vulnerabilities addressed:

- When certain emulation functions received a large negative number as a parameter, it could have allowed the remote system to corrupt memory in the terminal process, potentially causing the execution of arbitrary code or a crash.

Bug fixes:

- When a session was configured to use another session as a jump host, connecting to that session resulted in a crash.
- Connecting to a session using a floating virtual keyboard with the accessory view shown caused SecureCRT to crashed.
- Using an external mouse could cause SecureCRT to crash.
- When using an external mouse, selecting text in the terminal sometimes did not work as expected.
- When an external keyboard was used, the shortcut bar obscured the last line in the session.
- When multiple dashes (-) were entered, they were converted to a non-ASCII character if Smart Punctuation was on.
- When the Backspace key was pressed repeatedly to delete characters, sometimes display artifacts were left behind.
- With certain iPhone models (X, XS, XS Max, 11, 11 Pro, and 11 Pro Max), the application display area was cut off by the notch.
- On iOS devices with the notch, when two sessions were open in portrait mode and the device was rotated to landscape mode, the session was partially hidden by the notch.
- On an iPhone XS Max, when a session was in portrait orientation and there was enough data in the scrollback buffer for the scroll bar to appear, if the screen was rotated to landscape orientation, the scroll bar was not positioned in the correct location.
- When multiple lines of text were selected in a session and the session was scrolled vertically, sometimes the selection rectangle appeared in two different locations.
- The display of certain Unicode characters (i.e., emojis) in the terminal, could have caused other characters to appear as clipped.
- When attempting to connect to an ownCloud WebDav server, the initial connection and/or traversing the file system could have failed.

This version adds support for the curve25519-sha256 key-exchange algorithm and addresses a couple of display orientation bugs.

Changes in SecureCRT for iOS 2.3.1
----------------------------------

New features:

- Added support for the curve25519-sha256 key-exchange algorithm.

Bug fixes:

- When an iPad was in landscape orientation, the item labels in the Session Options were truncated.
- If a session was connected and the built-in keyboard was shown on an iPhone XS and Space was pressed to show the extended keys toolbar, rotating between portrait and landscape orientation caused the the extended keys toolbar to be hidden.

We want your feedback. Please send your feature requests and bug reports to support@vandyke.com.

This version adds the ability to configure firewalls, including SSH jump servers. This version also fixes bugs specific to iOS 12 and the iPhone 8 Plus.

Changes in SecureCRT for iOS 2.3
--------------------------------

New features:

- Added the ability to configure firewalls, including SSH jump servers.

Bug fixes:

- Text selection did not work on iOS 12.
- On an iPhone 8 Plus, only a few characters of each field were shown in the settings.

We want your feedback. Please send your feature requests and bug reports to support@vandyke.com.

This version adds support for importing sessions from the desktop version of SecureCRT using iCloud and adds the ability to automate session logon.

Changes in SecureCRT for iOS 2.2
--------------------------------

New features:

- Added the ability to use iCloud to import sessions from the desktop version of SecureCRT.
- Added the ability to automate session logon using expect and send strings.

Bug fixes:

- ECDSA keys could not be successfully imported.

We want your feedback. Please send your feature requests and bug reports to support@vandyke.com.

This version restores support for the the Redpark Lightning Console Cable (L2-RJ45V). This version also fixes several issues, including a crash when importing a private key.

Changes in SecureCRT for iOS 2.1.1
----------------------------------

Bug fixes:

- Restored support for the Redpark Lightning Console Cable (L2-RJ45V). (The L2-DB9V is not supported at this time.)
- SecureCRT crashed when importing a private key.
- ECDSA keys could not be successfully imported.
- The icon to hide the keyboard was missing in landscape orientation.
- The ANSI colors in SecureCRT iOS were different from the ANSI colors in the desktop version of SecureCRT.


We want your feedback. Please send your feature requests and bug reports to support@vandyke.com.

This version adds the ability to select a color scheme for sessions. Several new built-in color schemes, including Solarized have been added. For SSH2 sessions, the ChaCha20/Poly1305 and AES-GCM ciphers as well as the UMAC-128 MAC algorithm are supported. This version also fixes crashes on iOS 11 related to copying session text and scrolling session output.

Changes in SecureCRT for iOS 2.1
--------------------------------

New features:

- Added the ability to select a color scheme for sessions.
- Added several new built-in color schemes, including the Solarized color schemes. There is a variety of light and dark color schemes, all of which have coordinated background, foreground, and ANSI color combinations.
- Added support for pasting into the Password field.
- SSH2: Added support for the ChaCha20/Poly1305 cipher.
- SSH2: Added support for the AES-GCM cipher.
- SSH2: Added support for the UMAC-128 MAC algorithm.

Changes:

- SSH2: Modified the default authentication order to be PublicKey, Keyboard Interactive, Password, and GSSAPI. This only affects new installations.
- Added default key mappings to Xterm emulation for CTRL+HOME, CTRL+END, CTRL+SHIFT+END, CTRL+SHIFT+HOME, SHIFT+HOME, SHIFT+END, SHIFT+PGUP, and SHIFT+PGDN.
- The username used for authentication is now logged in the trace output.
- SSH2: If a session is using public-key authentication and the key file has not been specified, the user is no longer prompted to specify the file.
- SSH2: The trace output shows the SHA-2 host key fingerprint as base64 in addition to hexadecimal.
- SSH2: In the dialogs that prompt to accept the host key, the SHA-2 fingerprint is also displayed in base64.

Bug fixes:

- In iOS 11, SecureCRT could crash when attempting to select text.
- In iOS 11, SecureCRT could crash when attempting to scroll session output.
- SecureCRT crashed when attempting to connect to an imported Telnet session.
- In iOS 11, buttons on dialog boxes sometimes could not be pressed.
- The dialog displayed when adding a new folder was titled "New Session".

Known issue:

- SecureCRT does not currently work with the Redpark Lightning Console Cable (L2-RJ45V).


We want your feedback. Please send your feature requests and bug reports to support@vandyke.com.

This version address several bugs, including crashes related to creating sessions, importing settings, importing PuTTY PPK keys, and connecting and disconnecting a Redpark Lightning Serial cable (L2-DB9V).

Changes in SecureCRT for iOS 2.0.1
----------------------------------

Bug fixes:

- SecureCRT could crash if a new session was created and the session protocol was changed to Serial and then immediately changed back to SSH2.
- SecureCRT could crash when disconnecting or reconnecting the Redpark Lightning Serial cable (L2-DB9V).
- SecureCRT crashed when attempting to import a PuTTY PPK key.
- If configuration settings were imported and a session contained a lower-case protocol name, SecureCRT crashed when attempting to edit the session.
- Archive.zip files could not be imported.
- When an external keyboard was attached, the bar with the function and arrow keys was always displayed, which meant the "New" and "Global Options" actions could not be accessed.
- When SecureCRT started in landscape orientation on a 12.9" iPad Pro, the launch screen was too small.

We want your feedback. Please send your feature requests and bug reports to support@vandyke.com.

SecureCRT for iPad is now SecureCRT for iOS and works on the iPhone as well as the iPad. The following SSH2 options can be configured from the UI: key-exchange methods, ciphers, MACs, and compression settings. This version also fixes the issue where attempting to edit a session sometimes connected it.

Changes in SecureCRT for iOS 2.0
--------------------------------

New features:

- Added support for the iPhone.
- Added the ability to configure the following SSH2 options: key-exchange methods, ciphers, MACs, and compression settings.

Bug fixes:

- When trying to edit a session, sometimes the session connected instead.
- If a session's font size was changed and the session was connected, the new font size did not take effect immediately.

We want your feedback. Please send your feature requests and bug reports to support@vandyke.com

This version adds support for iOS 9, including Slide Over and Split View and support for the Redpark Lightning Ethernet cable. This version also fixes some emulation and keyboard issues.

Changes in SecureCRT for iPad 1.2
---------------------------------

New features:

- Added support for iOS 9, including support for Slide Over and Split View.
- Added support for the Redpark Lightning Ethernet cable.

Bug fixes:

- SecureCRT crashed if an external keyboard was connected, an incorrect
configuration passphrase was entered at starup, and the Enter key on the
external keyboard was used to dismiss the dialog reporting "The passphrase
that was entered is not correct".
- Switching to a Japanese keyboard caused SecureCRT to terminate.
- WYSE emulations did not send the correct sequences for the function keys.
- Xterm, VT220, and VT320 emulations did not send the correct sequences for
the F5-F10 function keys.
- Upon connecting to a sesson, if the keyboard was visible, the toolbar
with the function, modifier, and arrow keyswas not shown unless the
keyboard was hidden and displayed.
- The passphrase prompt said "Password" instead of "Passphrase".

We want your feedback. Please send your feature requests and bug reports to support@vandyke.com.

This version fixes a bug where the public-key passphrase dialog sometimes did not have focus.

Changes in SecureCRT for iPad 1.1.1
-----------------------------------

Bug fixes:

- When connecting to a session that required a passphrase to be
entered for public-key authentication, sometimes the passphrase
dialog did not have focus even though it appeared to.

We want your feedback. Please send your feature requests and bug reports to support@vandyke.com.

This version adds support for portrait orientation and the Redpark L2-RJ45V Lightning Console Cable.

Changes in SecureCRT for iPad 1.1
---------------------------------

New features:

- Added support for portrait orientation.
- Added support for the Redpark L2-RJ45V Lightning Console Cable.

Changes:

- Options changed for a session in the Session Options were not
honored if that session was connected by clicking it in the
session list.
- When an external keyboard is used and the system language is
Spanish, pressing ALT+1 types an upside down exclamation mark.

We want your feedback. Please send your feature requests and bug reports to support@vandyke.com.

This version adds support for a configuration passphrase in order to make saving sensitive data, such as passwords, more secure.

Changes in SecureCRT for iPad 1.0.5
-----------------------------------

Changes:

- Previous versions of SecureCRT for iPad supported saving passwords
and other sensitive data. In order to improve the security of
this feature, SecureCRT now requires a passphrase to be created
the first time version 1.0.5 runs. This passphrase will be used
to encrypt and decrypt sensitive data stored in the session
database.

We want your feedback. Please send your feature requests and bug reports to support@vandyke.com.

This version allows Amazon EC2 keys to be imported and addresses a hang and some minor issues.

Changes in SecureCRT for iPad 1.0.4
-----------------------------------

Changes:

- The cursor is placed in the password field when connecting to
a saved session that specifies the username.
- When focus is in the connect bar, the Enter key on the keyboard
says "Go".

Bug fixes:

- When the session manager was manually displayed or hidden,
SecureCRT could sometimes hang.
- Amazon EC2 keys could not be imported into SecureCRT.
- In iOS 8.1, the table in the archive manager was not displayed
correctly.

Fixed a bug where some passphrases did not work correctly when attempting to do public-key authentication.

Changes in SecureCRT for iPad 1.0.3
-----------------------------------

Bug fixes:

- Some passphrases did not work correctly due to truncation
when attempting to do public-key authentication.

Fixed bugs related to Bluetooth keyboards and using imported sessions.

We want your feedback. Please send your feature requests and bug reports to support@vandyke.com.

Changes in SecureCRT for iPad 1.0.2

Bug fixes:

- If an imported session had the option "Retain size and font" set,
SecureCRT crashed when attempting to connect to it.
- If an imported session was using a custom color scheme, the
foreground and background colors were set to black.
- A host key error was reported when attempting to connect to an
imported session on an iPad Air.
- Control sequences did not work with Bluetooth keyboards.
- When SecureCRT was used with a Bluetooth keyboard and the iPad
keyboard was shown and then hidden, the bottom of the session
window was not visible.
- The import mechanism failed if a path or filename in the archive
contained international characters.

Fixed bugs related to importing settings from SecureCRT for Windows, Mac, or Linux.

We want your feedback. Please send your feature requests and bug reports to support@vandyke.com.

SecureCRT for iPad 1.0.1

Bug fixes:

- If the file containing the settings exported from SecureCRT for Windows, Mac, or Linux had the default session settings last, SecureCRT for iPad could crash when the settings were imported.

- SecureCRT crashed when attempting to connect to a session imported from SecureCRT for Windows, Mac, or Linux with logging enabled.