Home Page

    ZOC Home     Orders     Downloads     Contact     Deutsch

ZOC Terminal

The SSH Client That Will Make You Happy

ZOC is a professional ssh client and terminal emulator. With its modern user interface, it has many ways of making your life easier.

In its own way, ZOC is the Swiss Army Knife of terminal emulators:
versatile, robust, proven.

Get It Now

About ZOC

ZOC Terminal is a professional and feature-rich ssh client for Windows and macOS.

It lets you access servers and network gear using the secure shell protocol. The program offers everything that you expect from a modern secure shell client.

ZOC Terminal Emulation Screenshots

Overview of ZOC's SSH Features:
  • Based on industry reference implementation OpenSSH
  • Client supports latest encryptions like ED25519 SHA256, SHA2 or AES-256ctr
  • SSH Public key, keyboard interactive or password authentication
  • Dynamic port forwarding (client as a SOCKS proxy)
  • X11 forwarding (lets you run X-Windows applications in the remote session)
  • Static port forwarding (tunneling of connections to predefined destinations)
  • Proxy support (client connects to server through proxy)
  • SSH Agent forwarding between client and server
  • Client side SSH key generator
  • SFTP file transfer
  • SSH client protocol versions 1 and 2
  • SSH Keep-Alive

General Features:
  • Wide range of emulations and alternate connection methods
  • Host directory with user defined tabs and folders
  • Multiple sessions in tabbed window
  • Color coded hosts and tabs
  • User bar with user defined buttons and actions
  • Scripting and recording of SSH sessions
  • Powerful scripting language with screen-scrape ability
  • Supports Windows 7/8/10 and macOS Sierra
  • Administrator friendly with easy deployment
  • Fast with small memory footprint (RAM and hard drive)
  • Portable installation available

Start your free 30 days evaluation today and download
zoc V7.16.3 for Windows or macOS.

ZOC for Windows

What is a SSH-Client?

SSH (Secure Shell) is a cryptographic network protocol that transports data securely over an unsecured network. As the name implies, its main purpose is to provide a secure connection to a remote shell account.

The SSH client is the software, which the user runs on his local computer to connect to the remote computer. Once connected, the ssh-client enables the user to run programs or perform other tasks on the remote server.


ZOC SSH Features in Detail

ZOC is based on OpenSSH and supports the latest key exchange and encryption methods that the SSH protocol has to offer.

Unlike OpenSSH, this ssh client is wrapped in a modern tabbed user interface with a powerful host directory, industrial strength emulations and scripting.

Key Exchange

An especially challenging part of encrypted communication is the need to negotiate a shared secret (the key to use for encryption) over a public channel that could already be compromised.

The negotiation happens through a method called Diffie-Hellman or a variant thereof. ZOC supports all official diffie-hellman group exchanges, as well as the more modern ecdsa-sha2 and curve25519-sha256 methods.


Authenticating describes the process, where the user presents proof of who he is and the server deciding, if the user should be allowed access. The SSH protocol describes various methods that can be used for authentication.

Of those, ZOC supports password, public key exchange and keyboard interactive authentication. Public-key exchange comes in various flavors. ZOC understands RSA, DSA, ECDSA and ED25519 keys. Hardware (smart card) based key authentication is also possible.


Over time, the SSH protocol has seen a plethora of methods to be used to encrypt the communication (using the shared secret was negotiated during the KEX phase). Some encryptions were phased out over time, especially after Edward Snowden revealed how powerful possible listeners like the NSA are, and new ones were introduced. ZOC supports the whole list, starting with aes256-ctr and going down to older ciphers like aes256-cbc and arcfour (these older ones may still be necessary to connect to older servers which have not been updated in a while).


An important part of the secure shell protocol is a feature called port-forwarding. This feature allows the user to create a connection from the client computer to the server network, which can be used by other programs and where all the connection data is encrypted. This feature is sometimes called tunneling.

Programs and protocols which do not use data encrpytion (e.g. ftp or rsh) can connect to the tunnel's port on the client computer and the ssh client will transmit their data through the encrypted ssh connection to the final destination (and vice versa).

For example, a user can set up a port-forwarding (also called ssh-tunnel) on the client software, listening on the client port 5514 and forwarding traffic to the address of an older device on the remote network that only supports the unencrypted rsh protocol.

The user can then use a non-encrypting rsh client, connect it to localhost port 5514 and thus will get connected via the secure shell client to the rsh server on the remote network. A normal rsh client will not encrypt its data, but the ssh client will encrypt all traffic before sending it through the ssh tunnel to the host on the other side (and vice versa), essentially creating an encrypted rsh connection.

Dynamic Port-Forwarding

The standard port-forwarding feature requires the client to set up the tunnel source port and destination before making the connection. This means that there is limited flexibility and that for each possible destination, a separate ssh tunnel needs to be set up.

This problem is addressed by secure shell's dynamic port forwarding. With dynamic port forwarding, the client sets up a listening port (as with normal port fowarding), but when a software connects to the port, it can tell the client which host and port it wants to connect to. This is done in the same way that client software can request connections from SOCKS proxies.

The ssh client will then forward the connection request to the secure shell server which makes the connection to the destination host. This way, the ssh client could let an unencrypted ftp software access ftp servers on the remote network through an encrypted data channel.


Terms of Use  • Privacy Policy  • (C) EmTec Innovative Software - Home of ZOC, The Professional Terminal Emulator, Telnet and SSH Client for Power Users