Differences
This shows you the differences between the selected revisions of the page.
| 2018-04-30 | 2021-12-06 | ||
| ssh_algorithms (martin) | removing reference to deprecated ssh-1 (martin) | ||
| Line 14: | Line 14: | ||
| the option to choose which methods can be used. In WinSCP, you can configure this on //[[ui_login_authentication|SSH > Authentication page]]// of Advanced Site Settings dialog. | the option to choose which methods can be used. In WinSCP, you can configure this on //[[ui_login_authentication|SSH > Authentication page]]// of Advanced Site Settings dialog. | ||
| - | The actual order of authentication methods is as follows: [[ui_login_authentication#gssapi|GSSAPI]] (SSH-2 only), [[public key]] (using [[ui_pageant|Pageant]]), public key (using [[ui_login_authentication|configured file]]), keyboard-interactive (%%SSH-2%% only), TIS or Cryptocard (SSH-1 only), password. | + | The actual order of authentication methods is as follows: [[ui_login_authentication#gssapi|GSSAPI]], [[public key]] (using [[ui_pageant|Pageant]]), public key (using [[ui_login_authentication|configured file]]), keyboard-interactive, password. |
| ===== [[verifying_host_key]] Verifying the Host Key ===== | ===== [[verifying_host_key]] Verifying the Host Key ===== | ||
| Line 21: | Line 21: | ||
| ===== Encryption in SSH ===== | ===== Encryption in SSH ===== | ||
| SSH clients and servers can use a number of encryption methods. | SSH clients and servers can use a number of encryption methods. | ||
| - | Most widely used encryption methods in SSH-2 are AES and | + | Most widely used encryption methods in SSH are AES and |
| Blowfish. By default, %%AES%% is used if supported by the server. While %%AES%% is | Blowfish. By default, %%AES%% is used if supported by the server. While %%AES%% is | ||
| considered to be highly secure, %%AES%% encryption requires substantial processor overhead. Blowfish is also considered | considered to be highly secure, %%AES%% encryption requires substantial processor overhead. Blowfish is also considered | ||
| Line 33: | Line 33: | ||
| ===== SSH Protocols ===== | ===== SSH Protocols ===== | ||
| - | Two major versions of the SSH protocol exist, SSH-2 and SSH-1. Most %%SSH%% servers nowadays allow modern and secure %%SSH-2%% only. | + | Two major versions of the SSH protocol exist, SSH-2 and SSH-1. Most %%SSH%% servers nowadays allow modern and secure %%SSH-2%% only, which is also WinSCP's default. |
| - | + | ||
| - | WinSCP's default setting is to use %%SSH-2%%. If you need to use deprecated and insecure %%SSH-1%% at all, you can configure this in [[ui_login_ssh|SSH preferences]]. | + | |
| ===== [[compression]] Compression ===== | ===== [[compression]] Compression ===== | ||