Differences
This shows you the differences between the selected revisions of the page.
| ssh 2005-04-14 | ssh 2023-06-05 (current) | ||
| Line 1: | Line 1: | ||
| ====== Understanding SSH ====== | ====== Understanding SSH ====== | ||
| - | SSH is a cryptographically protected remote login protocol | + | SSH is a cryptographically protected remote login protocol that replaces insecure telnet and rlogin protocols. It provides strong protection against password sniffing and third party·session monitoring, better protecting your authentication credentials |
| - | designed to replace the insecure telnet and rlogin protocols. SSH | + | and privacy. In addition, %%SSH%% offers additional authentication methods that are considered more·secure than passwords, such as [[public_key|public key authentication]] and extensive |
| - | provides strong protection against password sniffing and third party | + | |
| - | session monitoring, better protecting your authentication credentials | + | |
| - | and privacy. In addition to protecting your passwords and your privacy, | + | |
| - | SSH offers additional authentication methods that are considered more | + | |
| - | secure than passwords, such as public key authentication, and extensive | + | |
| protection against spoofing. | protection against spoofing. | ||
| - | ===== Authentication in SSH ===== | + | The %%SSH%% employs a public key cryptography that uses [[ssh_keys|two keys pairs, for host and user]]. |
| + | |||
| + | ===== [[authentication]] Authentication in SSH ===== | ||
| SSH servers offer the client a selection of authentication | SSH servers offer the client a selection of authentication | ||
| methods. The server advertises what it supports, and the client | methods. The server advertises what it supports, and the client | ||
| Line 15: | Line 12: | ||
| Generally, the client will choose methods that are the least intrusive | Generally, the client will choose methods that are the least intrusive | ||
| to the user, if they are available. In most cases, the client provides | to the user, if they are available. In most cases, the client provides | ||
| - | the option to choose which methods can be used. | + | the option to choose which methods can be used. In WinSCP, you can configure this on //[[ui_login_authentication|SSH > Authentication page]]// of Advanced Site Settings dialog. |
| - | The actual order of authentication methods is as follows: MIT Kerberos GSSAPI 5 (SSH2 only), public key (using [[ssh#using_pageant_for_authentication|Pageant]]), public key (using [[ui_login_session|configured file]]), keyboard-interactive (SSH2 only), TIS or Cryptocard (SSH1 only), password. | + | The actual order of authentication methods is as follows: [[ui_login_authentication#gssapi|GSSAPI]], [[public key]] (using [[ui_pageant|Pageant]]), public key (using [[ui_login_authentication|configured file]]), keyboard-interactive, password. |
| - | ==== Using Public Keys for Authentication ==== | + | ===== [[verifying_host_key]] Verifying the Host Key ===== |
| - | Read [[&url(puttypubkey)|PuTTY documentation]]. It mostly applies to WinSCP. | + | To prevent [[wp>Man-in-the-middle_attack|man-in-the-middle attacks]], each SSH server has a unique identifying code, called a host key. These keys prevent a server from forging another server's key. If you connect to a server for the first time or if the server presets a different key than previously, WinSCP will prompt you to [[ssh_verifying_the_host_key|verify the key]]. |
| - | + | ||
| - | ==== Using Pageant for Authentication ==== | + | |
| - | Read [[&pageanthelp|Putty documentation]]. It mostly applies to WinSCP. | + | |
| ===== Encryption in SSH ===== | ===== Encryption in SSH ===== | ||
| - | A number of encryption methods can be used by SSH clients and | + | SSH clients and·servers can use a number of encryption methods.· |
| - | servers. In the older SSH1 protocol, 3DES and DES are typically used. | + | Most widely used encryption methods in SSH are AES and |
| - | SSH2 adds support for additional encryption methods including AES and | + | Blowfish. By default, %%AES%% is used if supported by the server. While %%AES%% is |
| - | Blowfish. By default, AES is used if supported by the server. AES is | + | considered to be highly secure, %%AES%% encryption requires substantial processor overhead. Blowfish is also considered |
| - | considered to be highly secure, however substantial processor overhead | + | |
| - | is involved in performing AES encryption. Blowfish is also considered | + | |
| secure, but with less computational overhead, it's also theoretically | secure, but with less computational overhead, it's also theoretically | ||
| easier to perform a brute-force attack. Depending on your security and | easier to perform a brute-force attack. Depending on your security and | ||
| performance requirements, you may wish to configure WinSCP to prefer | performance requirements, you may wish to configure WinSCP to prefer | ||
| - | the Blowfish algorithm. 3DES and DES are used with SSH1 servers. DES | + | the %%Blowfish%% algorithm. %%3DES%% and %%DES%% are used with %%SSH-1%% servers. %%DES%% |
| is widely regarded as insecure, as the resources to perform an | is widely regarded as insecure, as the resources to perform an | ||
| exhaustive brute-force attack have been well within the realm of | exhaustive brute-force attack have been well within the realm of | ||
| Line 41: | Line 33: | ||
| ===== SSH Protocols ===== | ===== SSH Protocols ===== | ||
| - | Two major versions of the SSH protocol are in widespread use. | + | Two major versions of the SSH protocol exist, SSH-2 and SSH-1. Most %%SSH%% servers nowadays allow modern and secure %%SSH-2%% only, which is also WinSCP's default. |
| - | The SSH1 protocol is an older version of the SSH protocol that's still | + | |
| - | widely supported despite its age and some technical issues. The SSH2 | + | |
| - | protocol has become the de-facto standard for most installations, | + | |
| - | although there are still a few systems out there only supporting SSH1. | + | |
| - | Additionally, many sites that use SSH2 now disable the SSH1 protocol | + | |
| - | for security reasons. | + | |
| - | The default setting in WinSCP is to prefer SSH2 and negotiate | + | ===== [[compression]] Compression ===== |
| - | down to SSH1 if SSH2 is not available. If the majority of systems you | + | SSH supports data stream compression between the client |
| - | connect to are using SSH2, you may wish to change this setting in the | + | and the server. On slow links, this may increase throughput, while in faster connections the added CPU overhead may actually result in |
| - | SSH preferences. | + | slower transfers, particularly depending on the data type you're transferring. Large text files may still benefit significantly, while |
| - | + | binaries may transfer more slowly. You may want to | |
| - | ===== Compression ===== | + | |
| - | SSH supports compression of the data stream between the client | + | |
| - | and the server. On slow links, this may increase throughput, however, | + | |
| - | with faster connections the added CPU overhead may actually result in | + | |
| - | slower transfers, particularly depending on the type of data being | + | |
| - | transferred - large text files may still benefit significantly, while | + | |
| - | binaries may actually transfer more slowly. You may wish to | + | |
| experiment to find what works best in your situation. Compression may | experiment to find what works best in your situation. Compression may | ||
| - | also improve security slightly, in part by rendering known-cyphertext | + | also improve security slightly, in part by rendering known·cyphertext |
| - | attacks more difficult to execute and by providing less data for | + | attacks more difficult and by providing less data for |
| cryptanalysis. | cryptanalysis. | ||
| + | |||
| + | ===== Supported Algorithms ===== | ||
| + | |||
| + | See list of [[ssh_algorithms|supported SSH algorithms]]. | ||