Differences
This shows you the differences between the selected revisions of the page.
| 2011-10-05 | 2012-05-07 | ||
| ui_pageant (martin) | 5.0.7 blowfish is default (martin) | ||
| Line 41: | Line 41: | ||
| SSH clients and servers can use a number of encryption methods. In the older SSH-1 protocol, 3DES and DES are typically used. | SSH clients and servers can use a number of encryption methods. In the older SSH-1 protocol, 3DES and DES are typically used. | ||
| SSH-2 adds support for additional encryption methods including AES and | SSH-2 adds support for additional encryption methods including AES and | ||
| - | Blowfish. By default, AES is used if supported by the server. While AES is | + | Blowfish. By default, Blowfish is used if supported by the server. While AES is |
| considered to be highly secure, AES encryption requires substantial processor overhead. Blowfish is also considered | considered to be highly secure, AES encryption requires substantial processor overhead. Blowfish is also considered | ||
| secure, but with less computational overhead, it's also theoretically | secure, but with less computational overhead, it's also theoretically | ||
| easier to perform a brute-force attack. Depending on your security and | easier to perform a brute-force attack. Depending on your security and | ||
| performance requirements, you may wish to configure WinSCP to prefer | performance requirements, you may wish to configure WinSCP to prefer | ||
| - | the Blowfish algorithm. 3DES and DES are used with SSH-1 servers. DES | + | the AES algorithm. 3DES and DES are used with SSH-1 servers. DES |
| is widely regarded as insecure, as the resources to perform an | is widely regarded as insecure, as the resources to perform an | ||
| exhaustive brute-force attack have been well within the realm of | exhaustive brute-force attack have been well within the realm of | ||