What’s one tool you find is irreplaceable as a Network Engineer? For me, it’s SecureCRT. I’ve relied on it for over eight years and have picked up plenty of tricks along the way. Whenever I start a new job, I always make a case for the business to invest in SecureCRT licenses. Once my colleagues see what it can do, they often decide to get their own. In this blog post, I’ll walk you through some of its key features. Hopefully, you’ll see the benefits and maybe even consider trying it out for yourself.
Why SecureCRT When You Have Other Free Tools?
But you might wonder why you should pay for SecureCRT when there are free tools available. That's a fair question. If you're on Windows, tools like PuTTY are readily available, and I believe Windows 11 even comes with its own SSH client. For those on MacOS or Linux, the native terminal app usually does the job. There are also plenty of other free tools out there, like iTerm or Tmux. I’ve tried most of them, but I still prefer SecureCRT for the following reasons.
How Much Does it Cost?
How much does SecureCRT cost? At the time of writing, the SecureCRT with three years of updates costs $199, or you can opt for a one-year update plan at $119. The license itself is perpetual, which means you can use the version you purchase indefinitely. However, once your support period expires, you won't receive any further updates.
Tab Management
The number one feature for me is tab management. As a network engineer, I work with hundreds of devices spread across various sites, including routers, switches, firewalls, or any device that supports SSH. With SecureCRT, I can add all of them into it and organize or group them using folders.
This is an incredibly handy feature, when I need to SSH into a device, I simply select it from the list, and that's it.
Credentials Management
Next is credentials management. SecureCRT allows me to safely store all my passwords and assign them to specific devices. The passwords are encrypted, which adds an extra layer of security. When setting up SecureCRT, you create a passphrase that acts like a master password. Every time you open SecureCRT, it prompts you to enter this passphrase to decrypt the device credentials. This ensures that your passwords remain secure and protected at all times.
If you change your password in the future, there's no need to update each device individually. You simply update the 'credential' once in SecureCRT, and it automatically applies the new password to all the devices linked to that credential.
Buttons
Another handy feature is the use of buttons. I'm pretty sure we've all typed show ip interface brief
countless times. With SecureCRT, I can set this command as a button so that with just a single click, I can run it. I have many such buttons for commands I use regularly, which saves me a good amount of time.
As you can see in the image, I have a button labelled 'ip interface' set up for the command show ip interfaces brief | excl down
. Maybe I'm just lazy to type, but I'll let you be the judge of that.
Logon Actions
You can automate the logon process by setting SecureCRT to recognize specific patterns and execute commands based on these matches. For example, when logging into a switch, you typically start in user EXEC mode. Normally, you'd manually type enable
to switch to privileged access mode. However, with SecureCRT, you can automate this.
Simply set it to look for the >
prompt, and once it sees this, it will automatically run the enable
command. This feature also allows you to send credentials securely, and ensures that they are not displayed on the screen.
Syntax Highlighting
Syntax highlighting is a great feature in SecureCRT that helps you quickly identify important information by colouring specific words. For example, you can set the word ‘down’ to appear in red or ‘up’ in green. This can also be extended to separate hostnames, IP addresses, and more.
- First, download the cisco.ini file from SecureCRT website
- Copy this file to the SecureCRT installation location. You can find this location by navigating to Options > Global Options > General > Configuration Paths.
- In the folder you’ve navigated to, create a new folder called Keywords and add the cisco.ini file to it.
- Now, go to Options > Configure > Default Sessions > Keyword Highlighting and select cisco.ini from the list.
- Under ‘Advanced’, apply the settings shown in the diagram provided.
You can also customize this feature by adding your own words and colours, and it even supports regular expressions for more complex patterns.
Logging
Logging is another incredibly useful feature in SecureCRT. It automatically saves everything you type into a logfile. For instance, if you're working on a configuration change and need to review the changes later, you don't have to manually copy everything; just close the terminal and refer back to the logfile. When you open the session again, it simply appends the new log to the existing file, though you also have the option to overwrite it if needed.
[Upon connect] Session Connect : %S at %H : Day (%D) Month (%M) Year (%Y)
[Upon disconnect] Session Connect : %S at %H : Day (%D) Month (%M) Year (%Y)
SecureCRT also organizes your logs neatly by day and device. This makes it easy to find exactly what you're looking for, whether you need to review a specific day's activities or check logs for a particular device. As you can see, each log is sorted into daily folders, and files are named after each device.
SFTP Session and File Transfer
Finally, SecureCRT’s SFTP session and file transfer feature is incredibly convenient. Let’s say you’re working on a Linux machine and need to transfer some files. There’s no need to juggle multiple tools. All you have to do is SSH into your machine, right-click, and select ‘Connect to SFTP Session’. From there, you can simply drag and drop files.
Closing Up
I hope you can see the benefits of using SecureCRT, but remember, this is just my personal preference. You might prefer a different app, and that's completely fine. For me, SecureCRT is a must-have tool that improve my workflow significantly.