|
Objective
With the addition of SSH protocol 1 to the list of protocols to be
turned off, it is necessary to find a replacement for Teraterm, the
Windows SSH client supported by AcIS. Additionally, the MacOS 9
client, NiftyTelnet, would also need replacement if support for this
platform were to be maintained. The Mac OS X client, OpenSSH, uses
protocol 2 by default and is therefore not a subject of this document.
Requirements
The minimal requirements for any candidate are:
- Support of SSH protocol 2
- High likelihood of vendor support
- Absence of external dependencies
Additional desirable features include:
- Simple installation
- Intuitive interface (including setting file permissions for FTP/SCP)
- ANSI printing
- Compatible with Windows Shell extensions (ssh URIs)
- FTP/SCP
- Tunneling
- Scriptability
- Color fonts
- Technical support
- Customizable installer
Evaluation
SSH Tectia
Client/F-Secure
|
Functionality |
Nicely handles color-coded output. Built-in SFTP client which can
be launched from a terminal window with the single click of a toolbar
button (so support for WinSCP would not be necessary). Should be
possible to easily add a layer to customize the installation with the
appropriate configurations for cunix & pinex and any other
global settings. Integrates nicely with the Windows printing architecture.
|
Ease of Use |
Installer straightforward. Intuitive interface. It would be preferable
to link to ssh.com (if permitted) than to provide a download for PuTTY.
|
Supportability |
SSH.com provides updates and tech support with license contract.
|
Cost |
F-Secure SSH client for Windows: license for 10,000 users with educational discount @ $20.09/license => $200,900.00.
Maintenance/Support Annually (updates, upgrades, tech support): 10,000 @ $4.28/each => $42,800.00.
Total => $243,700.00 (Plus $10 shipping).
(Later they offered a univ. site-license for ~$25,000/year depending on a 3-year contract.)
SSH.com has a 'new program for universities' for 10,000 seats at $30,000/year ($3/client).
|
Peer Deployments |
Brown, Duke, Georgetown, U Washington, Yale, Princeton, Dartmouth,
NYU, CMU. Some of these are simply pointers to SSH.com's older
version offered free to educational users.
|
SecureCRT
|
Functionality |
In general, meets functional requirements, but not as elegant as Tectia.
|
Ease of Use |
Interface better than PuTTY, but complicated installer.
|
Supportability |
|
Cost |
Under $1 per license for greater than 10,000 licenses.
|
Peer Deployments |
MIT, Stanford, U Penn, Harvard, NYU.
|
PuTTY |
Functionality |
Can come bundled with WinSCP, though only in one direction.
(Can launch PuTTY from within WinSCP, but not vice versa.)
|
Ease of Use |
Default interface is complex, but can be scripted to connect
directly to Cunix or Pinex. (AIS has done this already.)
Better UI than Kermit, but still a hard sell to users since it
is uglier than Teraterm or SSH Tectia.
|
Supportability |
Active updates since 1999 (last 3 August 2004).
|
Cost |
Free, open source.
|
Peer Deployments |
Dartmouth, NYU.
|
Kermit
|
Functionality |
Installer requires further customization.
|
Ease of Use |
Interface is geared more towards dial up users, resulting in language that
is inconsistent and confusing (eg: "dialer").
|
Supportability |
Project future is uncertain. Last update 21 January 2003.
|
Cost |
Columbia is exempt from bulk license requirement.
|
Peer Deployments |
|
TeraTerm Pro 3.13
|
Functionality |
A little different than the version used by AcIS, but still meets
functional requirements.
|
Ease of Use |
Basic interface.
|
Supportability |
Dropped from consideration.
Does not appear to have momentum or support for updates.
(Requirement #2)
|
Cost |
Free.
|
Peer Deployments |
|
JavaSSH
|
Supportability |
Dropped from consideration.
We are not prepared to support Java VM on the desktop.
(Requirement #3)
|
MindTerm
|
Supportability |
Dropped from consideration.
We are not prepared to support Java VM on the desktop.
(Requirement #3)
|
Recommendation
If sufficient funding were available, SSH Tectia would be the preferred
choice, followed by SecureCRT. In the absence of funding, PuTTY is the
recommended client.
For MacOS 7.5.1 through 9,
MacSSH
is the recommended client.
|
|