VOICE Home Page: http://www.os2voice.org
[Newsletter Index]
[Previous Page] [Next Page]
[Features Index]

May 2000
editor@os2voice.org

MindTerm SSH Client

Reviewed by Alex Taylor ©May 2000

MindTerm version 1.2, by MindBright Technology
        Program source: http://www.onlineitdegree.net/mindterm/
        Company website: http://www.mindbright.com

Introduction

Although OS/2 functions very well as an Internet client, when it comes to the more esoteric applications, finding software can be quite difficult. In particular, I had for some time been searching for a secure shell (SSH) client.

SSH clients are readily available for most Unix-based platforms. There are also a few (mostly shareware) clients available for Windows, such as VanDyke Software's SecureCRT (which I happen to use at work). Unfortunately, OS/2 falls short in this area.

SSH is a "secure" replacement for the telnet and RSH protocols. The problem with these older protocols is that, while the remote machines to which they connect may have superb password security, they themselves transmit all of the user's keystrokes -- including passwords -- in clear text across the network, where any moderately competent snooper may record them. On a closed LAN, this could well be cause for concern; when transmitting across the public Internet, it is a major security hole.

SSH attempts to solve this problem by implementing key-based strong encryption, not just on the password authentication, but on the entire host-client connection. This means that any ambitious eavesdroppers will find themselves capturing lots of encrypted gibberish. Most SSH implementations are also designed so as to be able to function as a "drop-in" replacement for telnet under most circumstances, without the users having to be more than peripherally aware of the change.

There are currently a couple of efforts underway to port the Unix command-line SSH implementations to OS/2; these are still under development, are cryptic to use, quite difficult to configure, and are really not ready for prime-time use. I was beginning to despair of finding a comfortably-usable SSH client for OS/2, until I happened to stumble across MindTerm.

MindTerm, by MindBright Technology, is a complete SSH (version 1) client which is implemented in pure Java. It is a graphical program, written with the Java 1.1 AWT, and runs smoothly and stably under the OS/2 Java 1.1.8 runtime environment.
 

Looking at MindTerm

MindTerm is distributed as a zipped JAR file with text documentation. Installation is as per any Java application for the platform being used; see the appendix for OS/2-specific details.

On starting MindTerm, the user is faced with a simple GUI-mode terminal window, with a menu-bar across the top, a few lines of program information, and a connection prompt. Here's an example of the starting screen:

What MindTerm looks like  on startup

MindTerm takes care of most of the necessary security configuration automatically. When you connect to a new remote host, MindTerm asks for your permission to add its key information and terminal configuration to the 'mindterm/' directory (which it creates under whichever directory is indicated by the environment variable HOME).

Configuration of terminal settings is also quite easy. Menus across the top allow for the setting of emulation mode, font size, colours, and such tweaks as: Backspace/Delete behaviour, visible or silent bell, backscroll buffer size, scrollbar position, resize gravity, local echo, text wrapping, newline/linefeed characters, substituting ASCII for ANSI linedraw characters, and many others.

The initial prompt allows you to connect to a remote host by typing in its hostname or IP address. If you prefer not to type the name in directly, there is a "Connect" dialog available under the "File" menu, which maintains a list of hosts where you can select the one you want. Or, for the power user, it is also possible to specify a host on the command line when running MindTerm. (MindTerm supports a number of command-line options; although, given the verbose syntax already required for starting a Java program, this reviewer has made little use of the feature so far.)

Once connected, there are some other nice features available through the "File" menu. These include "Clone Terminal", which will create a duplicate window connected to the same host as the original window, authenticating you automatically; "New Terminal", which creates another window where you can connect to another host of your choice; and what I have found to be one of MindTerm's best features, the "SCP File Transfer" dialog.

SCP is a secure replacement for RCP (the remote copy protocol) in the same way that SSH replaces telnet. Like RCP, and unlike the more powerful FTP, it does not allow for remote browsing of files: you are expected to supply remote and local filenames before the connection is opened.  SCP is a standard part of most SSH distributions.

I've always found trying to use SCP over a command-line SSH connection to be a cryptic and frustrating experience, because it requires rather confusing syntax, and I've never figured out how to use it from behind a firewall. Using SCP in MindTerm, however, is simplicity itself.

Choosing "SCP File Transfer" under the "File" menu (while connected to a remote host) brings up a simple dialog. One text field prompts for the local file (on your own computer), with a browse button that allows you to locate the file visually through a system Open File dialog. A second text field indicates the filename on the remote host, and a button between the two fields controls the direction of transfer - local to remote (the default), or remote to local.

Two checkboxes provide additional options: "low priority", which did not yield significant results during my brief experiments; and "recursive copy", which appears to be for copying directories.

The SCP dialog

Once you've selected the local and remote filenames, just hit "Start copy", and the file transfer takes place.

Taking a look at performance, MindTerm is a Java application, albeit a fairly lightweight one. That said, it is written using the Java 1.1 AWT toolkit, and has relatively low overhead as Java programs go. To test it a bit, I tried running MindTerm on a 486 DX/2-66 with 32 Mb RAM (running Warp 3 and JDK 1.1.8). It was certainly slow, but with a little patience I was able to use it as required. On my Pentium II-400 system with 128 Mb (running Warp 4 and JDK 1.1.8), its performance is virtually equivalent to that of a moderately complicated native program. In the latter case, the only significant overhead is in starting the program up, which takes a few seconds -- after which MindTerm is gratifyingly responsive.

So far, I haven't touched on what is possibly MindTerm's best feature: the license. Not only is it free, it is open source software licensed under the GNU GPL. The source code is available with the program, and the developers seem quite willing to accept patches and code submissions from outside.

There is one caveat involved with using MindTerm. The RSA encryption algorithms (of which MindTerm makes use) are apparently protected by patents in certain countries, including the USA. Consequently, there may be legal issues involved with using MindTerm in such countries (although what these issues might be, this reviewer is not qualified to speculate). This is presumably not a problem in Sweden, where MindTerm is developed.

I've only touched on MindTerm's most basic features so far. It boasts quite a few others, including a secure tunneling function (with which I have yet to experiment), and the ability to run as an applet under a web browser. (The applet version is downloadable separately; in order to be much use, however, it needs to be 'signed' as trusted code.) The best suggestion I can make, for those who wish to know more, is to download MindTerm and try these features out personally.
 

A Few Criticisms

This would hardly be a proper review without a look at MindTerm's shortcomings. First of all, the graphical UI is still pretty basic (for instance, there is no toolbar and no status line). The dialogs are also relatively crude, and could benefit from some lessons in UI design. For example:

Although basic colours and fonts may be set for specific hosts, I have not found a way to modify the default colour and font choices. Consequently, MindTerm always starts up in black-on-white mode with a 12-point font size, and will not change until you have connected to a remote host. This is a minor issue, but a mildly annoying one.

Another weakness is that terminal colour handling is rather rough around the edges. All text colours which are supposed to be 'bright' (e.g., 'brightcyan', 'brightgreen') are shown in boldface as well. This is, frankly, unattractive, and strains the eyes when working in applications that make extensive use of screen colours (such as the newsreader 'slrn', which I use quite frequently).

Similarly, text background colours are sometimes flakey. Occasionally, if the background colour is something other than black, it seems to "drop out" in places, leaving black patches on the background.

I have also found that terminal problems increase over 'double-step' connections. For example, I often connect from work to home, by first using SSH to connect to a Linux firewall, then telnetting from the firewall to my OS/2 box. When using MindTerm as my SSH client, certain emulation modes ('xterm-color' and 'vt220', specifically; possibly others) refuse to even display anything containing ANSI extended characters (such as my colour directory program). When I run 'slrn', even with ASCII substitution enabled, it simply hangs until I hit Ctrl-C to get a prompt back. Other emulation modes, such as 'ansi' and 'vt100', do work in this respect, although extended characters all appear as little box-characters.

I reported this to the MindTerm developer (along with an apology for reporting bugs with such an obscure setup); I soon got back a friendly reply, followed some time later with a request to try an updated version with some emulation bugfixes. Several of my problems had been improved considerably; not all, but, to be fair, some of these problems may lie with OS/2's implementation of telnetd. In any case, the developer gets full marks from me on responsiveness.

MindTerm's planned future looks quite ambitious. Browsing the product's 'TODO' file shows some promising items, including SSHv2 support, improved terminal and character handling, and an updated GUI (Java Swing). Of course, all plans are presumably tentative; however, if the developers put as much care and energy into future development as they obviously have so far, I think that MindTerm will go far indeed.

(Now, if I could only find a complete and usable SSH daemon for OS/2...)


Appendix: Running MindTerm under OS/2

Several people have experienced problems in getting MindTerm to run under OS/2, so I will briefly outline the steps needed here. I assume that the Java 1.1.8 runtime environment is installed (IBM's fix updates are optional).

Setting up MindTerm is as simple (or as difficult) as any other Java application. Assuming that MindTerm resides in 'C:\MindTerm', and Java 1.1.8 in 'C:\Java11', the command-line

      javapm -classpath c:\Java11\lib\classes.zip;c:\MindTerm\mindtermfull.jar mindbright.application.MindTerm

should do the job. (Of course, the exact paths will have to be changed for your specific setup.)

There are two common problems when running a Java application like this. First, if the 'classpath' switch is used when invoking Java, the core Java classes must be explicitly included (in this case, 'c:\Java11\lib\classes.zip'). Otherwise, the Java interpreter will complain about missing classes, and terminate.

The other problem occurs when creating a Program Object for the desktop. In my experience, environment variables cannot be included in the parameters field for the program; so trying to use "%CLASSPATH%" will fail. If needed, any classpath entries must be entered by hand. This particular problem does not occur when invoking Java from the command-line.
 

The Monospaced Font
One thing I've found with IBM's OS/2 Java setup is that the "Monospaced" font is set by default to an extremely unattractive "Courier" implementation, which at many sizes is very difficult to read.

When using a program, such as MindTerm, which makes extensive use of the Java Monospaced font, I strongly recommend changing this font to something more comfortable. (I prefer "System VIO", which is what the OS/2 command windows use.)

To change the default Java fonts, edit the file named '\Java11\lib\font.prp' with a text editor, and locate the following block of lines:

    monospaced.0=Courier,OS2V4ONLY,ANSI_CHARSET,LATIN1_CHARSET,PC_CHARSET,LATIN2_CHARSET,BALTIC_CHARSET,TURKISH_CHARSET,CYRILLIC_CHARSET,NEED_CONVERTED

    monospaced.1=Courier,OS2V3ONLY,ANSI_CHARSET,LATIN1_CHARSET,PC_CHARSET,LATIN2_CHARSET,BALTIC_CHARSET,TURKISH_CHARSET,NEED_CONVERTED

    monospaced.2=Symbol Set,SYMBOL_CHARSET,NEED_CONVERTED

    monospaced.3=Wingdings,DINGBAT_CHARSET,WINGDING_CHARSET,NEED_CONVERTED

    monospaced.4=Times New Roman MT 30,UNICODE_CHARSET,NEED_CONVERTED

Change the font family name on the first two lines (marked in bold, above) to the font of your choice. For instance:
    monospaced.0=System VIO,OS2V4ONLY,ANSI_CHARSET,LATIN1_CHARSET,PC_CHARSET,LATIN2_CHARSET,BALTIC_CHARSET,TURKISH_CHARSET,CYRILLIC_CHARSET,NEED_CONVERTED

    monospaced.1=System VIO,OS2V3ONLY,ANSI_CHARSET,LATIN1_CHARSET,PC_CHARSET,LATIN2_CHARSET,BALTIC_CHARSET,TURKISH_CHARSET,NEED_CONVERTED

    monospaced.2=Symbol Set,SYMBOL_CHARSET,NEED_CONVERTED

    monospaced.3=Wingdings,DINGBAT_CHARSET,WINGDING_CHARSET,NEED_CONVERTED

    monospaced.4=Times New Roman MT 30,UNICODE_CHARSET,NEED_CONVERTED

(I can't guarantee that the above procedure will hold true on non-English NLVs, but it should be similar if not identical.)

Of course, it is good insurance to make a backup copy of your 'font.prp' file before making any changes.


editor@os2voice.org
[Previous Page ] [ Index] [Features] [Next Page ]
VOICE Home Page: http://www.os2voice.org