ssh » Revisions »

Differences

This shows you the differences between the selected revisions of the page.

ssh 2019-02-22 ssh 2023-06-05 (current)
Line 14: Line 14:
the option to choose which methods can be used. In WinSCP, you can configure this on //[[ui_login_authentication|SSH > Authentication page]]// of Advanced Site Settings dialog. the option to choose which methods can be used. In WinSCP, you can configure this on //[[ui_login_authentication|SSH > Authentication page]]// of Advanced Site Settings dialog.
-The actual order of authentication methods is as follows: [[ui_login_authentication#gssapi|GSSAPI]] (SSH-2 only), [[public key]] (using [[ui_pageant|Pageant]]), public key (using [[ui_login_authentication|configured file]]), keyboard-interactive (%%SSH-2%% only), TIS or Cryptocard (SSH-1 only), password.+The actual order of authentication methods is as follows: [[ui_login_authentication#gssapi|GSSAPI]], [[public key]] (using [[ui_pageant|Pageant]]), public key (using [[ui_login_authentication|configured file]]), keyboard-interactive, password.
===== [[verifying_host_key]] Verifying the Host Key ===== ===== [[verifying_host_key]] Verifying the Host Key =====
-To prevent [[wp>Man-in-the-middle_attack|man-in-the-middle attacks]], each SSH server has a unique identifying code, called a host key. These keys prevent a server from forging another server's key. If you connect to a server for the first time or if the server presets a different key then previously, WinSCP will prompt you to [[ssh_verifying_the_host_key|verify the key]].+To prevent [[wp>Man-in-the-middle_attack|man-in-the-middle attacks]], each SSH server has a unique identifying code, called a host key. These keys prevent a server from forging another server's key. If you connect to a server for the first time or if the server presets a different key than previously, WinSCP will prompt you to [[ssh_verifying_the_host_key|verify the key]].
===== Encryption in SSH ===== ===== Encryption in SSH =====
SSH clients and servers can use a number of encryption methods. SSH clients and servers can use a number of encryption methods.
-Most widely used encryption methods in SSH-2 are AES and+Most widely used encryption methods in SSH are AES and
Blowfish. By default, %%AES%% is used if supported by the server. While %%AES%% is Blowfish. By default, %%AES%% is used if supported by the server. While %%AES%% is
considered to be highly secure, %%AES%% encryption requires substantial processor overhead. Blowfish is also considered considered to be highly secure, %%AES%% encryption requires substantial processor overhead. Blowfish is also considered
Line 33: Line 33:
===== SSH Protocols ===== ===== SSH Protocols =====
-Two major versions of the SSH protocol exist, SSH-2 and SSH-1. Most %%SSH%% servers nowadays allow modern and secure %%SSH-2%% only+Two major versions of the SSH protocol exist, SSH-2 and SSH-1. Most %%SSH%% servers nowadays allow modern and secure %%SSH-2%% only, which is also WinSCP's default.
- +
-WinSCP's default setting is to use %%SSH-2%%. If you need to use deprecated and insecure %%SSH-1%% at all, you can configure this in [[ui_login_ssh|SSH preferences]].+
===== [[compression]] Compression ===== ===== [[compression]] Compression =====

Last modified: by martin