Provides rock-solid terminal emulation for computing professionals!

SecureCRT for Mac

SecureCRT for Mac

  -  Trial
SecureCRT client for Mac provides rock-solid terminal emulation tool for computing professionals, raising productivity with advanced session management and a host of ways to save time and streamline repetitive tasks. Secure CRT for macOS provides secure remote access, file transfer, and data tunneling for everyone in your organization.

Whether you are replacing Telnet or Terminal, or need a more capable secure remote access tool, Secure CRT is an application you can live in all day long. With the solid security of SSH, extensive session management, and advanced scripting, SecureCRT for Mac will help raise your productivity to the nth degree.

Color Schemes
Pre-defined color schemes, including Solarized, make it easy to change the look of your terminal workspace. Choose from a variety of light and dark color combinations with coordinated background, foreground, and ANSI colors.

Tab Groups
Tab groups allow you to compare the output of two sessions and group related sessions in the same SecureCRT window so that you can get more done in less time. You can organize sessions in tabs and switch easily between them. Or you can work in one tab while monitoring the output from a command in another tab and then go back to a single tab group when the command has finished.

Emulations
Choose from a wide range of terminal emulation including TN3270, VT100, VT102, VT220, ANSI, SCO ANSI, Wyse 50/60, Xterm, and Linux console - all with color schemes and most with ANSI color support.

Button Bar
Map buttons to commands or actions, such as sending strings, running scripts, menu functions, and protocol commands, or launching external programs like your favorite editor, cmd.exe, or regedit. You can create different button bars for specific sessions or operations and assign a color to the button icons so that they are easier to see and organize. The Button Bar Manager allows you to add, duplicate, edit, delete, rename, and rearrange button bars.

Command Window
The Command window gives you a way to compose text before sending it to the remote system. Using the command history, you can view, edit, and send previous commands. "Send Characters Immediately" mode allows you to type control characters and escape sequences in the Command window so that you can edit files, stop running commands, and do tab completion. You can be even more productive by issuing commands to all connected sessions, all visible sessions, or specific tab groups.

Features and Highlights
  • Securely access business applications on UNIX, Linux, or VMS from machines running Windows, Linux, and Mac — employ the rich emulation support for VT100/102/220, TN3270, ANSI, SCO ANSI, Wyse 50/60, Xterm, and Linux console.
  • Configure, manage, and organize all your sessions with full control over scrollback, key mappings, colors, fonts, and more — whether you have one or thousands of sessions.
  • Access your full array of network devices from one client with SSH (SSH2, SSH1), Telnet, Telnet/TLS, serial, and other protocols.
  • Leverage the high-productivity GUI with time-saving capabilities including multi-session launch, tabbed sessions, tab groups, tiled sessions, cloned sessions, a button bar for repeated commands, and mapped keys.
  • Depend on the open standard Secure Shell (SSH) protocol for encrypted logon and session data, flexible authentication options, and optional FIPS 140-2 -approved ciphers.
  • Automate repetitive tasks in Secure CRT by running scripts using VBScript, JScript, PerlScript, or Python. The script recorder builds your keystrokes into a VBScript or Python script.
  • Transfer files between network devices with SFTP, Xmodem, Ymodem, Zmodem, or Kermit. A built-in TFTP server provides additional file transfer flexibility.
  • Save steps with the close integration of the program and the SecureFX® file transfer client, which share sessions and settings that let you run SFTP, FTP, SCP, and FTP/TLS file transfer sessions without reentering passwords.
Note: 30 days trial version.

Also Available: Download SecureCRT for Windows

  • SecureCRT 9.6.1 Screenshots

    The images below have been resized. Click on them to view the screenshots in full size.

    SecureCRT 9.6.1 Screenshot 1
  • SecureCRT 9.6.1 Screenshot 2
  • SecureCRT 9.6.1 Screenshot 3
  • SecureCRT 9.6.1 Screenshot 4

What's new in this version:

SecureCRT 9.6.1
Fixed:
- SecureCRT crashed if a script launched and closed a session that used a logon script
- When authenticating with an OpenSSH Trusted Certificate, if the .pub file was specified as the public key, authentication failed
- Global SSH2 settings were not updated after being imported from an XML file
- Under certain circumstances, some global and session options were not updated after being imported from an XML file
- Windows: When importing a configuration that changed the protocol for an existing session, the icon displayed in the Session Manager indicating the session protocol was not updated
- Windows: The status text for scratchpad editors did not update in tiled mode
- Mac/Linux: The session name and status were truncated with elipses when switching from tabbed to tiled mode


SecureCRT 9.6.0
New Features:
- Specific folders and sessions can be selected and exported to an XML file
- Added the ability to include the sensitive configuration data contained in the personal data folder when doing an XML export
- Added the ability to prevent sensitive data such as passwords and usernames from being included in an XML export
- Added the ability to change the hostname (or IP address) for multiple sessions at the same time
- Added the ability to map a button, key, or command to send a string to the Command window
- Added the ability to map a button, key, or command to select the next or previous button bar
- Added the ability to set the cursor style to blinking line or steady line via an Xterm escape sequence
- Added a session option to ignore the clear scrollback escape sequence (33[3J)
- Added a "%C" substitution parameter, which can be mapped to a folder on the Windows, macOS, or Linux, and used in the X/Y/Zmodem upload or download directories or in the log file path
- Added the ability to accept OpenSSH trusted certificates as host keys
- Added support for SSH private keys encrypted with the AES-256-CBC cipher
- Windows/Mac: Added support for Python version 3.12 and 3.13

Changed:
- Python 3.8 scripts are no longer supported
- The Hostname can now be modified when editing multiple sessions
- The Manage Agent Keys dialog now supports multi-selection and bulk removal of keys
- For new installations, a session's scrollback buffer can now be set to a value up to 1,024,000
- The inactive window transparency lower limit has been changed to 1
- When a session is waiting for the string specified by the prompt delay option, the status bar now displays a message to indicate that the session is waiting
- Session and editor tabs in the Active Sessions Manager can be closed via the context menu or with the Delete key
- The session status is displayed as text in the titlebar for tiled sessions
- In the Session Options dialog, the local shell pre-connect command option is grayed out when it is not valid for the terminal protocol
- For XML exports of sessions, button bars, commands and host keys no longer have to be included
- For XML exports, the hostkey database is only included by default when "Global Options" is selected
- Public-key information is now stored in the personal data folder if it is being used
- The session logon script and its associated settings are now included in the personal data store when it is being used
- When enabling a personal data store, the personal data folder path must now be an empty directory
- When using a personal data store, the personal data folder path will update to match any changes made to the public configuration folder
- SecureCRT no longer puts quotes around the comment when generating keys
- Trace output no longer shows window-change events for session font changes
- vsh/vsftp/vcp: Added a command-line option "--license-info" that outputs the license data
- VRALib (Windows): For a Connection object, "http" can be specified as the FirewallType
- VRALib (Windows): Added the properties "IsRegistered" and "LicenseData" to the License Object

Fixed:
- When multiple sessions were connecting through the same dependent session firewall, SecureCRT could have crashed
- When SecureCRT standalone was installed, changing the protocol for a saved session resulted in a crash
- Under particular circumstances, if a remote system sent a character that was out of range for an escape sequence, SecureCRT may have stopped displaying data sent by the remote
- When personal configuration data was stored separately, creating a new Default.ini file or importing new sessions may have caused the personal data to be overwritten
- When importing sessions from an XML file, the session options not specified in the XML file did not inherit from the Default session as expected
- When opening a saved session from the SecureCRT command line, if additional command-line arguments were specified (e.g., username), those arguments were saved to the specified session
- If the Command Manager folders were manually re-ordered, the folder order reverted back to alphabetical after restarting SecureCRT
- When using TVI910 or TVI925 emulation, SecureCRT was not handling the "Erase page" or "Erase line" escape sequences
- When the prompt send delay option was configured and bracketed paste was supported by the remote system, the prompt send delay did not work as expected
- When the "Show Session Manager or Connect dialog on startup" option was enabled and there were no saved sessions, the Session Manager or Connect dialog were not shown at startup
- When both trace options and session logging were enabled, disconnect messages displayed in trace output were not logged to the session log file
- When connecting to a session with public-key authentication enabled, no key file specified, and the "Display logon prompts in terminal window" option set, an unexpected warning message regarding the private key was displayed in the terminal view
- When the license data copied to the clipboard stripped the newlines (i.e., license data was on a single line), the License wizard was not able to parse the data
- When prompted with certain SSH1/SSH2 host key acceptance dialogs, the text on the dialog may have been malformatted
- When using the New Session wizard to create a session, the firewall dropdown listed each configured firewall twice
- If a new credential was added when adding a Credentials button, the new button did not appear on the button bar until after SecureCRT was restarted


SecureCRT 9.5.2
Fixed:
- When attempting to use a private key that was generated by Remote Desktop Manager, SecureCRT crashed
- If the license support eligibility date had passed, the "Check At Startup" automatic update option was no longer available
- Windows: If DLLs from an older version of the application were left in place after an upgrade, the updated version may have loaded those DLLs and crashed
- Windows: When connecting to an RDP session after the SecureCRT window had been maximized, the RDP session view may not have filled the available space
- Mac/Linux: When SecureCRT was opened from the command line with both connection parameters and a script to run, the script unexpectedly ran prior to the connection being established
- Mac: When SecureCRT was moved to an external monitor or a virtual desktop space, the Button Bar selection dropdown menu may have appeared on the wrong display


SecureCRT 9.5.0
Fixed:
- Windows: Closing an RDP session tab could have caused SecureCRT to hang


SecureCRT 9.4.3
Fixed:
- SSH2: For some algorithms, an attacker can manipulate the packets sent during key exchange to cause some packets to be removed, which compromises channel integrity.  A "Strict KEX" extension was implemented to address this vulnerability (CVE-2023-48795).
In order to use the "Strict KEX" extension, the extension must be supported by both the client and the server.


SecureCRT 9.4.2
Fixed:
- When zooming the session font, the top rows of the view may have been hidden
- Windows: If a connection error occurred during the early stages of key exchange, SecureCRT could have crashed
- Windows: If the "Hide Session ANSI Color Page" global INI-file-only option was disabled, opening the Session Options dialog resulted in a crash
- Windows: When opening the Session Manager, performance may have been impacted due to the protocol specific session icons. A "Use Old Session Manager Icons" global INI-file-only option has been added to allow the use of the old generic icons.


SecureCRT 9.4.1
Vulnerability:
- Updated the included OpenSSL library to version 3.0.9, which addresses a relatively low-risk vulnerability related to processing X.509 certificates. The library update also addresses an issue where Windows 11 Defender reported libcrypto-3-x64.dll as vulnerable.

Fixed:
- When using the Button Bar Manager to duplicate or rename an existing button bar, the buttons on the copied/renamed button bar may have been lost
- When zooming the session font, the top rows of the view may have been hidden
- When a connected session was configured to use the "System Color Scheme" color scheme and the system color mode was changed, the session's color scheme did not update as expected
- Windows: When the local shell arguments and/or initial folder options were set in the default local shell session, those settings were not used by new local shell sessions


SecureCRT 9.4.0
- Change log not available for this version


SecureCRT 9.3.2
Fixed:
- When using "Receive ASCII" to capture data from the remote system, the captured data may have been corrupt
- When keyword highlighting was enabled, not all phrases were highlighted as expected
- Windows: When using the JAWS screen reader, characters displayed in the terminal were sometimes not read as expected


SecureCRT 9.3.1
- When authenticating using an OpenSSH trusted RSA certificate, authentication failed with OpenSSH version 7.7p1 and earlier


SecureCRT 9.3.0
Vulnerability addressed:
- An external report claims that when using a brute-force attack, sensitive data, such as passwords, stored in the SecureCRT or SecureFX configuration without a configuration passphrase or with a weak configuration passphrase can be cracked in a relatively short amount of time. Direct access to the configuration data is required in order to exploit this vulnerability.

Changed:
- Windows: When the command-line utilities are installed with the SecureCRT standalone installer, the install path is added to the PATH environment variable


SecureCRT 9.2.2
- If a saved credential was modified while editing multiple sessions simultaneously, SecureCRT could have crashed
- When a newly generated public key was saved in OpenSSH format, the key could not be used for authentication due to an incorrect file format error
- When editing multiple sessions at once, the port field could not be changed
- When using the "Personal data folder" option, if a session option was modified, the personal data store options could have been saved to the non-personal configuration
- If multiple sessions were connected in tab groups, zooming the font in one tab group could have caused the font zoom to be reset in another tab group
- Windows: If multiple RDP sessions were connected and the "Close on disconnect" session option was enabled, closing the main window could have resulted in a crash on exit
- Windows: When the "Make SecureCRT the Default Application" button was pressed, SecureCRT was not set as the default application for SSH or Telnet URLs
- Windows: When the confirm disconnect option was enabled and an RDP session was connected, closing the application resulted in multiple confirm disconnect prompts
- Windows: When using the Microsoft Pinyin Input Method Editor to enter Chinese characters in fields that contained hint text (e.g., Session Manager filter field), the hint text was not cleared when the Chinese characters were entered


SecureCRT 9.2.1
Fixed:
- If the Button Manager dialog was launched from the Button Bar Manager dialog, changes to the buttons were not saved
- When connecting to a server that uses an X.509 certificate for the host key, even though the certificate met all requirements for automatic acceptance of the host key by the client, the application still prompted the user to manually accept and save the key
- When RDP or Local Shell sessions were exported and later imported to a different configuration, the protocol-specific options may not have been preserved as expected
- In certain cases, when moving focus from the hostname field to the port field using the tab key, the text contained within the port field was not selected


SecureCRT 9.2.0
- Change log not available for this version


SecureCRT 9.1.1
New:
- Windows: SecureCRT 9.1.1 is compatible with Windows 11

Fixed:
- When a script enabled file logging for a connection, the "Timestamp each line" logging option may have inadvertently been enabled


SecureCRT 9.1.0
- Change log not available for this version


SecureCRT 9.0.2
Change:
- Windows: The Scratchpad and Script Editor now honor the "Use ClearType to smooth edges of screen fonts" global option

Fixed:
- When connected to a host using TN3270 emulation, if the current partition was unformatted, the SETBUFFERADDRESS command was unexpectedly included in SecureCRT's response
- Windows: If a session was configured to use a firewall that prompted for credentials, and that session was configured to automatically connect at application startup, SecureCRT crashed
- Windows: Under certain circumstances, when opening the Session Manager, some folders may not have been expandable
- Windows: When authenticating with a PKCS#11 certificate with certain signature algorithms, the key may not have been added to the SSH agent
- Windows: Under certain environments, when connecting to an RDP session, the remote display would not scale to match the local desktop
- Mac/Linux: If a log file was initially created with the "Append to file" logging option enabled, Unicode characters may not have been logged correctly


SecureCRT 9.0.1
Changed:
- Restored the ability to use the SHA1-96 and MD5-96 MACs

Fixed:
- If a script that made a connection was specified on the command line, a "script is currently running" error was incorrectly reported. The script did run after the dialog was dismissed
- When performing a "Find" operation in the terminal view, if the end of the buffer was reached, the search direction could not be reversed
- Windows: When a disconnected RDP session tab was reused by a new RDP connection, the title bar text was not updated


SecureCRT 9.0.0
Fixed:
- When a script was specified on the SecureCRT command line, the error "script is currently running" was incorrectly reported. The script did run after the dialog was dismissed
- Windows: If a user was denied remote desktop access on the target system, connecting with an RDP session silently failed without reporting the system error


SecureCRT 8.7.3
Bug fixes:
- When the sample ANSI color palette was shown for a color scheme, the colors displayed did not match the descriptive text for the color (e.g., "ANSI Red" text was displayed using the green color).
- The display of certain Unicode characters (e.g., emojis) inthe terminal could have caused other characters to appear as clipped
- Text displayed on the Keyboard Interactive and View Host Key dialogs could not be selected or copied
- When enabling logging via the File menu, connecting to a session caused logging to be toggled off


SecureCRT 8.7.2
Vulnerabilities addressed:
- When certain emulation functions received a large negative number as a parameter, it could have allowed the remote system to corrupt memory in the terminal process, potentially causing the execution of arbitrary code or a crash.

Bug fixes:
- If a script was launched from a button bar button or keymap shortcut and the script file could not be located, a misleading error was reported
- Mac: Attempting to authenticate using a YubiKey smartcard with the "opensc-pkcs11.so" library specified as the PKCS#11 provider resulted in an error, because the library could not be loaded.
- Mac: If the ZModem Upload List dialog was using the List view mode, which allows a folder to be expanded to display its contents, a file within an expanded folder could not be added to the upload list. Manager was expanded via the "Connect..." toolbar item, the Session Manager would briefly open, then immediately re-hide.
- Mac/Linux: If the Command Window option "Send Characters Immediately" was enabled, minimizing and restoring SecureCRT caused the option to be disabled


SecureCRT 8.7.1
New feature:
- Windows: Added an administrative policy that disallows the TFTP
server from being run

Changes:
- The performance of keyword highlighting has been improved to be as fast as and in many cases, much faster, than version 8.5.
- SecureCRT now handles the Xterm "paste bracketing" escape sequence so that indentation is correct when indented text is pasted into an editor
- Added an optional "hide output" parameter to the Session Object Lock() method
- SSH2: When doing public-key authentication, if there is no corresponding private-key file without an extension and there is a private-key file with a .ppk extension, it will be used.

Vulnerability addressed:
- TFTP: The TFTP server is off by default. However, when the TFTP server was running, SecureCRT was vulnerable to a directory traversal attack that allowed access to arbitrary files on the local system.

Bug fixes:
- When running a version of the Midnight Commander file manager that supports extended coordinate mouse clicks, mouse operations from within SecureCRT did not work
- When multiple screens were created using the "screen" utility, the scrollback from one screen could end up in the scrollback for a different screen
- When multiple screens were created using the "screen" utility, the man page output went to the scrollback buffer
- In the Manage Agent Keys dialog, the columns expanded every time the dialog opened, which eventually caused all column headers to disappear
- If two sessions were connected and then a session was sent to a new window, if the Hex view was opened, no data was displayed in the Hex view for the session
- The items "MENU_TOGGLE_KEYWORD_HIGHLIGHTING" and "MENU_CONNECT_LOCAL_SHELL" were not recognized when they were included in a custom .MNU file
- Windows: If folders were rearranged in the Command Manager, the folder order was not remembered when SecureCRT restarted
- Windows: If the Session Manager and Command Manager were unpinned (auto hide) and the Session Manager was pinned, the Command Manager became active
- Windows: Some of the arrow buttons in the Global and Session Options dialogs did not work correctly with screen readers, such as JAWS and NVDA


SecureCRT 8.7.0
Change:
- SSH2: Keyboard-interactive authentication works with a prompt that contains "password" with any combination of upper and lower case letters (e.g., "Password" or "PASSWORD").

Bug fixes:
- When an editor (e.g., vi or vim) was used to edit a file on the remote system, the wrong line could have been deleted when the delete line command was sent
- When a session with an authentication banner reconnected, extra newlines were inserted after the banner


SecureCRT 8.5.4
Changes:
- Updated the version of Python that ships with SecureCRT to 2.7.16

Bug Fixes:
- Windows: When using both the left and right mouse buttons to simulate a middle-button click, and the "Paste on middle button" option was enabled, the paste operation would not succeed


SecureCRT 8.5.3
Change:
- Treat the [email protected] key-exchange algorithm as
- Synonymous to the curve25519-sha256 algorithm.

Bug fixes:
- Under certain circumstances, tiled session did not resize correctly after resizing the Command window.
- If the default session protocol was set to something other than TAPI and the Quick Connect protocol was changed to TAPI, attempting to configure TAPI produced an error.
- If the Screen.get2() scripting function was called, line drawing characters in the terminal window could be corrupted.
- When a large scrollback buffer was configured, the scroll bar could get stuck at the top of the scrollback.
- SecureCRT now prevents multiple Connect bars from being added to the toolbar.
- SSH2: If the public key in use was generated with the ssh-keygen Z option, SecureCRT could crash when attempting to enter the passphrase.
- When SecureCRT was maximized or full screen, if the font was zoomed in using CTRL+ or the mouse wheel, attempting to zoom out using CTRL- or the mouse wheel did not work.
- If Python 3.x was installed on the system and the PYTHONPATH variable was set, SecureCRT could fail to launch.
- When "Background colors" tab status indicators were used and enough sessions to fill the tab bar were connected, there was a significant lag when connecting new sessions or closing sessions.


SecureCRT 8.5.2
New feature:
- Added support for the curve25519-sha256 key-exchange algorithm.

Bug fixes:
- If an OpenSSH format key was manually added to the host key database, SecureCRT crashed when attempting to connect to a host that used that key.
- If the Session Manager was pinned and the active session had keyword highlighting on and it was toggled off by selecting "Keyword
- Highlighting" from the Options menu and then the Session Manager was hidden, keyword highlighting was re-enabled.
- Windows: In the Command Window, if the option "Send Characters
- Immediately" was set, pressing CTRL+A selected all the text in the
- Command Window instead of sending the CTRL+A to the session(s).
- Windows: When using the mouse wheel to scroll session output, there was a dead spot in the terminal area where scrolling stopped if the mouse cursor was positioned there.
- Windows: Attempting to display the Activator's About box caused an error message to be displayed.
- Mac/Linux: If the Session Manager was undocked and redocked, the terminal area size changed.
- Mac: SecureCRT could crash if a session had a dependent session and the wrong password had been saved for both sessions and the wrong password was entered when attempting to connect to the session.
- Mac: If CTRL+ was used to select multiple folders in the
- Session Manager or Connect dialog and then arrow keys were pressed, the selection could not be cleared.
- Linux: On Ubuntu 18.x, when running Midnight Commander, if CTRL+O was used to show and hide panels until there was no command prompt and then Midnight Commander was restarted as root and CTRL+O was used to hide panels, the command prompt was at the top of the window and new output was displayed incorrectly.


SecureCRT 8.5.1
New feature:
- Added a new script function FileSaveDialog() that allows saving to
- a file that does not exist.

Bug fixes:
- If the command line specified a saved session (/S) and overrode the local listening IP address (/LOCAL), an error was reported and the session did not connect.
- The button bar list was empty if button bars were imported when the button bar list was not displayed and then the button bar was displayed.
- Windows: On Windows Server 2008 R2, the icons in the Session Manager and Connect dialog were not drawn correctly.
- Windows: On a high-DPI monitor scaled to 125%, the 10-point Lucida
- Console font looked larger and bold compared to how that font looked in other applications.


SecureCRT 8.5
Bug fix:
- SecureCRT could crash if a new folder was created in the Session Manager or Connect dialog and there was at least one other folder under "Sessions" and then sorting was changed to manual arrangement and a session was dragged to be between the "Session" folder and the top folder