Comparison of SSH clients

Last updated

An SSH client is a software program which uses the secure shell protocol to connect to a remote computer. This article compares a selection of notable clients.

Contents

General

NameDeveloperInitial releasePlatformLatest release License GUI TUI/CLI
VersionDate
AbsoluteTelnet Celestial Software (Brian Pence)1996Windows11.24 [1]   OOjs UI icon edit-ltr-progressive.svg 2020-08-13 Proprietary Yes check.svgDark Red x.svg
Bitvise SSH ClientBitvise Limited2001Windows9.32 [2] [3]   OOjs UI icon edit-ltr-progressive.svg 2023-12-20 Proprietary Yes check.svgYes check.svg
ConnectBot Kenny Root
Jeffrey Sharkey		2007-11 [lower-alpha 1] Android1.9.10 [4]   OOjs UI icon edit-ltr-progressive.svg 2023-12-21 Apache-2.0  ? ?
Dropbear Matt Johnston2003-04-06AIX2024.84 [5]   OOjs UI icon edit-ltr-progressive.svg 2024-04-04 MIT Dark Red x.svgYes check.svg
BSD
Cygwin
Linux
HP-UX
iOS
Maemo
macOS
Solaris
eSSH Client Ecode Software2002-07BSD4.2.0 [6]   OOjs UI icon edit-ltr-progressive.svg 2007-01-15 Proprietary  ? ?
Linux
macOS
Solaris
Windows
lsh Niels Möller1999-05-23BSD2.1 [7]   OOjs UI icon edit-ltr-progressive.svg 2013-06-26 GPL-2.0-or-later Dark Red x.svgYes check.svg
Linux
macOS
Solaris
OpenSSH [lower-alpha 2] The OpenBSD project1999-12-01 [lower-alpha 3] AIX9.7 [8]   OOjs UI icon edit-ltr-progressive.svg 2024-03-11 BSD Dark Red x.svgYes check.svg
Android
BSD
Cygwin
Linux
HP-UX
iOS
Maemo
OpenVMS
macOS
Solaris
Windows
z/OS
PuTTY Simon Tatham 1999-01-22BSD0.81 [9]   OOjs UI icon edit-ltr-progressive.svg 2024-04-15 MIT Yes check.svgYes check.svg
Linux
macOS
Solaris
Windows
SecureCRT VanDyke Software1998-06Linux9.3.1 [10]   OOjs UI icon edit-ltr-progressive.svg 2022-12-06 Proprietary Yes check.svgDark Red x.svg
macOS9.3.1 [10]   OOjs UI icon edit-ltr-progressive.svg 2022-12-06
iOS2.4.3 [11]   OOjs UI icon edit-ltr-progressive.svg 2021-12-13
Windows9.3.1 [10]   OOjs UI icon edit-ltr-progressive.svg 2022-12-06
Tera Term TeraTerm Project2004 [lower-alpha 4] Windows5.2 [12]   OOjs UI icon edit-ltr-progressive.svg 2024-02-28 BSD-3-Clause Yes check.svgDark Red x.svg
TN3270 Plus SDI USA, Inc.2006Windows4.0.7 [13]   OOjs UI icon edit-ltr-progressive.svg 2019-02 Proprietary Yes check.svgDark Red x.svg
TtyEmulatorFCS Software2002-05Windows4.6.0.0 [14]   OOjs UI icon edit-ltr-progressive.svg 2021-03-16 Proprietary Yes check.svgYes check.svg
wolfSSH wolfSSL 2016-07-20 [lower-alpha 5] BSD1.4.15 [15]   OOjs UI icon edit-ltr-progressive.svg 2023-12-23 GPL-3.0-or-later [lower-alpha 6] Dark Red x.svgYes check.svg
Cygwin
Linux
macOS
Solaris
Windows
ZOC Terminal EmTec, Innovative Software1995-07-01macOS8.08.0 [16]   OOjs UI icon edit-ltr-progressive.svg 2024-04-08 Proprietary Yes check.svgYes check.svg
OS/24.15 [17]   OOjs UI icon edit-ltr-progressive.svg 2004-08-25
Windows8.08.0 [16]   OOjs UI icon edit-ltr-progressive.svg 2024-04-08
  1. Based on Trilead SSH-2 for Java.
  2. Also known as OpenBSD Secure Shell.
  3. Based on OSSH.
  4. Based on Tera Term Pro 2.3 (1994–1998).
  5. Based on wolfCrypt.
  6. Also available under a proprietary license.

Platform

The operating systems or virtual machines the SSH clients are designed to run on without emulation include several possibilities:

The list is not exhaustive, but rather reflects the most common platforms today.

Name macOS Windows Cygwin BSD Linux Solaris OpenVMS z/OS AIX HP-UX iOS Android Maemo Windows Phone
AbsoluteTelnet NoYesNoNoNoNoNoNoNoNoNoNoNo ?
Bitvise SSH ClientNoYesNoNoNoNoNoNoNoNoNoNoNoNo
ConnectBot NoNoNoNoNoNoNoNoNoNoNoYesNoNo
Dropbear YesNoYesYesYesYes ? ?YesYesYes [lower-alpha 1] NoYes ?
eSSH Client YesYes ?YesYesYes ? ?NoNoNoNoNo ?
lsh YesNoNoPartial [lower-alpha 2] YesYes ? ?NoNoNoNoNo ?
OpenSSH [lower-alpha 3] IncludedIncluded [lower-alpha 4] IncludedIncludedIncluded [lower-alpha 5] YesYesYesYesYesYes [lower-alpha 1] YesYes ?
PuTTY PartialYes ?YesYesYes ? ?NoNoNoNoNo Beta
SecureCRT YesYesNoNoYesNoNoNoNoNoYesNoNo ?
SmartFTP NoYesNoNoNoNoNoNoNoNoNoNoNo ?
Tera Term NoYesNoNoNoNoNoNoNoNoNoNoNo ?
TN3270 Plus NoYesNoNoNoNoNoNoNoNoNoNoNo ?
TtyEmulatorNoYesNoNoNoNoNoNoNoNoNoNoNo ?
WinSCP NoYesNoNoNoNoNoNoNoNoYes [lower-alpha 1] NoNo ?
wolfSSH YesYesYesYesYesYesNoNoNoNoNoNoNoNo
ZOC Terminal YesYesNoNoNoNoNoNoNoNoNoNoNo ?
Name macOS Windows Cygwin BSD Linux Solaris OpenVMS z/OS AIX HP-UX iOS Android Maemo Windows Phone
  1. 1 2 3 Only for jailbroken devices.
  2. lsh supports only one BSD platform officially, FreeBSD.
  3. Also known as OpenBSD Secure Shell.
  4. Included and enabled by default since windows 10 version 1803. Win32-OpenSSH can be installed as an optional component in the Windows versions before Windows 10 version 1803 to Windows 10 version 1709. Portable version can be download from Win32-OpenSSH for other versions.
  5. The majority of Linux distributions have OpenSSH as an official package, but a few do not.

Technical

NameSSH1
(insecure)		SSH2Additional protocols Port forwarding and Tunneling Session
multiplexing
[lower-alpha 1] 		Kerberos IPv6 Terminal SFTP/SCP Proxy client [lower-alpha 2]
TELNET rlogin Port
forwarding 		SOCKS
[lower-alpha 3] 		VPN
[lower-alpha 4]
AbsoluteTelnet yesYesYesNoYesYesNoYesYesYesYesYesSOCKS 4, 5; HTTP
Bitvise SSH ClientnoYesNoNoYesYesYesYesYesYesYesYesSOCKS 4, 5
Dropbear noYesNoNoYesNoNoNoNoYesYesYes ?
lsh noYesYesNoYesYesNoYesNoYesYesYes ?
OpenSSH [lower-alpha 5] no [lower-alpha 6] YesNoNoYesYesYesYesYesYesYesYesProxyCommand
PuTTY yesYesYesYesYesYesNoYesYes [lower-alpha 7] YesYesYes [lower-alpha 8] SOCKS 4, 5; HTTP; Telnet; Local
SecureCRT yesYesYesYesYesYesNoYesYesYesYesYesSOCKS 4, 5; HTTP; Telnet; Generic
SmartFTP noYesYesNoNoNoNoNoYesYesYesYesSOCKS 4, 5; HTTP
Tera Term yesYesYesNoYesNoNoNoNoYesYesSCPSOCKS 4, 5; HTTP; Telnet
TN3270 Plus yesYesYesNoNoYesNoYesNoYesYesNoSOCKS 4
TtyEmulatoryesYesYesYesYesYesNoYesNoNoYesNoSOCKS 4,4a, 5; HTTP Local
WinSCP [lower-alpha 9] no [lower-alpha 10] YesNoNolimited [lower-alpha 11] NoNoNoYesYessimpleYesSOCKS 4, 5; HTTP; Telnet; Local
wolfSSH noYesNoNoYesNoNoNoNoYessimpleYesNo
ZOC Terminal yesYesYesYesYesYesNoNoYesYesYesYes [lower-alpha 12] [lower-alpha 13] SOCKS 4; 5; HTTP; Jumpserver
NameSSH1
(insecure)		SSH2Additional protocols Tunneling Session
multiplexing
[lower-alpha 1] 		Kerberos IPv6 Terminal SFTP/SCP Proxy client [lower-alpha 2]
TELNET rlogin Port
forwarding 		SOCKS
[lower-alpha 3] 		VPN
[lower-alpha 4]
  1. 1 2 Accelerating OpenSSH connections with ControlMaster.
  2. 1 2 Can the SSH client connect itself through a proxy? This is distinct from offering a SOCKS proxy or port forwarding.
  3. 1 2 The ability for the SSH client to perform dynamic port forwarding by acting as a local SOCKS proxy.
  4. 1 2 The ability for the SSH client to establish a VPN, e.g. using TUN/TAP.
  5. Also known as OpenBSD Secure Shell.
  6. OpenSSH deleted SSH protocol version 1 support in version 7.6 (2017-10-03)
  7. The version 0.63 supports GSSAPI. Successfully tested on Win 8 using Active Directory
  8. The PuTTY developers provide SCP and SFTP functionality as binaries for separate download.
  9. WinSCP bundles a number of software components including PuTTY. .
  10. WinSCP Version history.
  11. WinSCP connection tunneling.
  12. SCP and SFTP through terminal.
  13. SCP and SFTP according to ZOC features page.

Features

NameKeyboard mapping Session tabs ZMODEM transfersFind text in bufferMouse input support [lower-alpha 1] Unicode supportURL hyperlinking Public key authentication Smart card supportHardware encryption FIPS 140-2 validationScriptingShared DatabaseAuto-reconnectCA Certificates
AbsoluteTelnet fullYesYesYesYesYesYesYesYes ?YesYes ? ? ?
Bitvise SSH Client ?NoNoNoYesYesNoYesNo ?PartialYesNoYesNo
OpenSSH [lower-alpha 2]  ?NoNo ?Yes [lower-alpha 3] Yesnot native [lower-alpha 4] YesYesYesPartial [lower-alpha 5] NoNo ?Yes [lower-alpha 6]
PuTTY NoNo [lower-alpha 7] NoNoYesYesNo [lower-alpha 8] YesNoYesNoNoNoNoNo [lower-alpha 9]
SecureCRT YesYesYesYesYesYesYesYesYesNoYesYesNo ? ?
SmartFTP PartialYesNoYesYesYesYesYesYes AES-NI YesNo ? ? ?
Tera Term YesYesYesNoYesYesYesYesNoNoNoYesNo ? ?
TN3270 Plus YesYesNoNoNoNoYesYesNoNoNoYes ? ? ?
TtyEmulatorNoNoNoYesYesNoYesYesNoNoNoYes ? ? ?
wolfSSH NoNoNoNoNoYesNoYesNoYesYesNoNoNoYes
ZOC Terminal fullYesYesYesYesYesYesYesYesNoNoYes ? ? ?
  1. The ability to transmit mouse input to text mode applications such as Midnight Commander
  2. Also known as OpenBSD Secure Shell.
  3. Only when the terminal itself supports mouse input. Most graphical ones do, e.g. xterm.
  4. No native URL highlighting; however most graphical consoles support URL highlighting.
  5. Validated when running OpenSSH 2.1 on Red Hat Enterprise Linux 6.2 in FIPS mode or when running OpenSSH 1.1 on Red Hat Enterprise Linux 5 in FIPS mode
  6. OpenSSH supports the minimal certificate format since v5.4. "OpenSSH Release Notes: 5.4". OpenBSD Project. 2010-03-08. Retrieved 2021-08-30.
  7. PuTTY does not support tabs directly, but many wrappers are available that do.
  8. Putty v71.0 does not support OpenSSH certificates. See Ben Harris' 2016-04-21 wish. [18] [19]

Authentication key algorithms

This table lists standard authentication key algorithms implemented by SSH clients. Some SSH implementations include both server and client implementations and support custom non-standard authentication algorithms not listed in this table.

Namessh-dss [lower-alpha 1] ssh-rsa RSA with SHA-2 ECDSA with SHA-2 EdDSA Security keys
rsa-sha2-256rsa-sha2-512ecdsa-sha2-nistp256ecdsa-sha2-nistp384ecdsa-sha2-nistp521ssh-ed25519ssh-ed448sk-ecdsa-sha2-nistp256sk-ssh-ed25519
AbsoluteTelnet YesYesYesYesYesYesYesYesNoNoNo
Bitvise SSH Client ? ? ? ? ? ? ? ? ?
Dropbear YesYesYesNoYesYesYesYes ?
lsh  ? ? ? ? ? ? ? ? ?
OpenSSH [lower-alpha 2] Yes [lower-alpha 3] YesYesYesYesYesYesYesNoYesYes
PuTTY YesYesYesYesYesYesYesYesYesNo [lower-alpha 4] No [lower-alpha 4]
SecureCRT YesYesYesYesYesYesYesYes ?
SmartFTP YesYesYesYesYesYesYesYesNoNoNo
Tera Term  ? ? ? ? ? ? ? ? ?
TN3270 Plus  ? ? ? ? ? ? ? ? ?
TtyEmulator ? ? ? ? ? ? ? ? ?
WinSCP NoYesYesYesYesYesYes ? ?
wolfSSH NoYesYesYesYesYesYesNoNoNoNo
ZOC Terminal [lower-alpha 5] YesYesYesYesYesYesYesYesNo
Namessh-dssssh-rsarsa-sha2-256rsa-sha2-512ecdsa-sha2-nistp256ecdsa-sha2-nistp384ecdsa-sha2-nistp521ssh-ed25519ssh-ed448sk-ecdsa-sha2-nistp256sk-ssh-ed25519
RSA with SHA-2 ECDSA with SHA-2 EdDSA Security keys
  1. ssh-dss is based on Digital Signature Algorithm which is sensitive to entropy, secrecy, and uniqueness of its random signature value.
  2. Also known as OpenBSD Secure Shell.
  3. By default, disabled at run-time since OpenSSH 7.0 released in 2015.
  4. 1 2 PuTTY does not support security keys / FIDO tokens, but is supported in PuTTY-CAC
  5. ZOC' SSH is based on OpenSSH and supports the same encryptions.

See also

Related Research Articles

The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.

Telnet is a client/server application protocol that provides access to virtual terminals of remote systems on local area networks or the Internet. It is a protocol for bidirectional 8-bit communications. Its main goal was to connect terminal devices and terminal-oriented processes.

rsync File synchronization protocol and software

rsync is a utility for transferring and synchronizing files between a computer and a storage drive and across networked computers by comparing the modification times and sizes of files. It is commonly found on Unix-like operating systems and is under the GPL-3.0-or-later license.

In computing, the SSH File Transfer Protocol is a network protocol that provides file access, file transfer, and file management over any reliable data stream. It was designed by the Internet Engineering Task Force (IETF) as an extension of the Secure Shell protocol (SSH) version 2.0 to provide secure file transfer capabilities, and is seen as a replacement of File Transfer Protocol (FTP) due to superior security. The IETF Internet Draft states that, even though this protocol is described in the context of the SSH-2 protocol, it could be used in a number of different applications, such as secure file transfer over Transport Layer Security (TLS) and transfer of management information in VPN applications.

cURL is a computer software project providing a library (libcurl) and command-line tool (curl) for transferring data using various network protocols. The name stands for "Client for URL".

Secure copy protocol (SCP) is a means of securely transferring computer files between a local host and a remote host or between two remote hosts. It is based on the Secure Shell (SSH) protocol. "SCP" commonly refers to both the Secure Copy Protocol and the program itself.

<span class="mw-page-title-main">PuTTY</span> Free and open-source terminal emulator, serial console and network file transfer application

PuTTY is a free and open-source terminal emulator, serial console and network file transfer application. It supports several network protocols, including SCP, SSH, Telnet, rlogin, and raw socket connection. It can also connect to a serial port. The name "PuTTY" has no official meaning.

<span class="mw-page-title-main">Far Manager</span> File and archive manager for Microsoft Windows

Far Manager is an orthodox file manager for Microsoft Windows and is a clone of Norton Commander. Far Manager uses the Win32 console and has a keyboard-oriented user interface.

sftp is a command-line interface client program to transfer files using the SSH File Transfer Protocol (SFTP), which runs inside the encrypted Secure Shell connection.

<span class="mw-page-title-main">WinSCP</span> File transfer software for Windows

WinSCP is a free and open-source file manager, SSH File Transfer Protocol (SFTP), File Transfer Protocol (FTP), WebDAV, Amazon S3, and secure copy protocol (SCP) client for Microsoft Windows.

<span class="mw-page-title-main">Xming</span>

Xming is an X11 display server for Microsoft Windows operating systems, including Windows XP and later.

<span class="mw-page-title-main">SSHFS</span>

In computing, SSHFS is a filesystem client to mount and interact with directories and files located on a remote server or workstation over a normal ssh connection. The client interacts with the remote file system via the SSH File Transfer Protocol (SFTP), a network protocol providing file access, file transfer, and file management functionality over any reliable data stream that was designed as an extension of the Secure Shell protocol (SSH) version 2.0.

eSSH Client is a multi task client that supports many different protocols, such as SSH, SFTP, FTP, FTPS, SCP, and RExec. It also supports FTP over SSL. eSSH Client has a rich GUI design that allows multiple access channels at the same time, and has an internal window design that allows all the connections to be viewed from within a main window. It also has a tabbed Secure Shell window with named sessions.

Dropbear is a software package written by Matt Johnston that provides a Secure Shell-compatible server and client. It is designed as a replacement for standard OpenSSH for environments with low memory and processor resources, such as embedded systems. It is a core component of OpenWrt and other router distributions.

AbsoluteTelnet is a software terminal client for Windows that implements Telnet, SSH 1 and 2, SFTP, TAPI Dialup and direct COM port connections. It is commercial software, originally released in 1999 and is still in regular development by Brian Pence of Celestial Software.

<span class="mw-page-title-main">ZOC (software)</span>

ZOC is a popular computer-based terminal emulator and Telnet software client for the Microsoft Windows and Apple Macintosh macOS operating systems that supports telnet, modem, SSH 1 and 2, ISDN, serial, TAPI, Rlogin and other means of communication. Its terminal emulator supports Xterm emulation with full colors, meta-keys and local printing, VT102, VT220 and several types of ANSI as well as Wyse, TVI, TN3270, and Sun's CDE. It supports full keyboard remapping, scripting in REXX and other languages, and support for named pipes.

<span class="mw-page-title-main">SecureCRT</span>

SecureCRT is a commercial SSH and Telnet client and terminal emulator by VanDyke Software. Originally a Windows product, VanDyke later added a Mac OS X version in 2010 with release v6.6 and a Linux version in 2011 with release v6.7.

An SSH server is a software program which uses the Secure Shell protocol to accept connections from remote computers. SFTP/SCP file transfers and remote terminal connections are popular use cases for an SSH server.

<span class="mw-page-title-main">OpenSSH</span> Set of computer programs providing encrypted communication sessions

OpenSSH is a suite of secure networking utilities based on the Secure Shell (SSH) protocol, which provides a secure channel over an unsecured network in a client–server architecture.

Bitvise is a proprietary secure remote access software developed for Windows and available as a client and server. The software is based on the Secure Shell (SSH) protocol, which provides a secure channel over an insecure network in a client-server architecture.

References

  1. "AbsoluteTelnet/SSH Version History".
  2. "Bitvise SSH Client Version History". 20 December 2023.
  3. "Bitvise SSH Server Version History". 20 December 2023.
  4. "Release 1.9.10". 21 December 2023. Retrieved 19 January 2024.
  5. Error: Unable to display the reference properly. See the documentation for details.
  6. "Ecode Software Inc". Archived from the original on 31 October 2013.
  7. "LSH-2.1 release". 26 June 2013.
  8. "release-9.7".
  9. Simon Tatham (15 April 2024). "PuTTY 0.81 is released" . Retrieved 15 April 2024.
  10. 1 2 3 "SecureCRT 9.3.1". 6 December 2022.
  11. "SecureCRT on the App Store" . Retrieved 30 January 2023.
  12. "Release 5.2". 28 February 2024. Retrieved 25 March 2024.
  13. "TN3270 Plus Version History". February 2019.
  14. "What's new - TTY Emulator". 16 March 2021.
  15. "Release 1.4.15". 23 December 2023. Retrieved 19 January 2024.
  16. 1 2 "ZOC Terminal – SSH/Telnet-Client and Terminal Emulator – Version History". 8 April 2024.
  17. "ZOC V4.15". 25 August 2004.
  18. "ssh2-openssh-certkeys.html".
  19. "ssh2-openssh-certkeys".
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.