Differences
This shows you the differences between the selected revisions of the page.
| 2015-02-18 | 2016-01-20 | ||
| login dialog was redesigned a while ago (martin) | 5.8.1 Change: Not allowing SSH-1 by default. + Moving SSH-1-only options to less prominent positions on Advanced Site Settings dialog and removing SSH-2-only designations of session options. + Updating SSH version configuration texts from PuTTY 0.66 documentation (martin) | ||
| Line 16: | Line 16: | ||
| The //Enable compression// checkbox enables [[ssh#compression|data compression]] in the SSH connection: data sent by the server is compressed before sending, and decompressed at the client end. | The //Enable compression// checkbox enables [[ssh#compression|data compression]] in the SSH connection: data sent by the server is compressed before sending, and decompressed at the client end. | ||
| - | The //Preferred SSH protocol version// selection allows you to select whether you would like to use SSH protocol version 1 or version 2. WinSCP will attempt to use protocol 1 if the server you connect to does not offer protocol 2, and vice versa. If you select //1 only// or //2 only// here, WinSCP will only connect if the server you connect to offers the SSH protocol version you have specified. ((&puttydoccite)) | + | The //Preferred %%SSH%% protocol version// selection allows you to select whether you would like to use SSH protocol version 2 or legacy version 1, and whether to permit falling back to the other version. If you select //2 only// or //1 only// here, WinSCP will only connect if the server you connect to offers the %%SSH%% protocol version you have specified. With the settings //2// and //1//, WinSCP will attempt to use protocol 1 if the server you connect to does not offer protocol 2, and vice versa. |
| + | |||
| + | You should normally leave this at the default, //2 only//. The older %%SSH-1%% protocol is no longer developed, has many known cryptographic weaknesses, and is generally not considered to be secure. If you permit use of %%SSH-1%% by selecting //2// instead of //2 only//, an active attacker can force downgrade to %%SSH-1%% even if the server you're connecting to supports %%SSH-2%%. ((&puttydoccite)) | ||
| You can see actually used protocol version on [[ui_fsinfo|Server and Protocol Information Dialog]]. | You can see actually used protocol version on [[ui_fsinfo|Server and Protocol Information Dialog]]. | ||