Differences
This shows you the differences between the selected revisions of the page.
| 2016-01-20 | 2016-01-20 | ||
| 5.8.1 Change: Not allowing SSH-1 by default. + Moving SSH-1-only options to less prominent positions on Advanced Site Settings dialog and removing SSH-2-only designations of session options. + Updating SSH version configuration texts from PuTTY 0.66 documentation (martin) | limit acronym recognition (martin) | ||
| Line 27: | Line 27: | ||
| WinSCP currently supports the following algorithms: | WinSCP currently supports the following algorithms: | ||
| - | * //AES// (Rijndael) - 256, 192, or 128-bit SDCTR or CBC (SSH-2 only) | + | * //AES// (Rijndael) - 256, 192, or 128-bit SDCTR or CBC |
| - | * //Arcfour// (RC4) - 256 or 128-bit stream cipher (SSH-2 only) | + | * //Arcfour// (RC4) - 256 or 128-bit stream cipher |
| - | * //Blowfish// - 256-bit SDCTR (SSH-2 only) or 128-bit CBC | + | * //Blowfish// - 256-bit SDCTR or 128-bit CBC |
| - | * //Triple-DES// - 168-bit SDCTR (SSH-2 only) or CBC | + | * //Triple-DES// - 168-bit SDCTR or CBC |
| - | * //Single-DES// - 56-bit CBC (see below for SSH-2) | + | * //Single-%%DES%%// - 56-bit CBC (see below for %%SSH-2%%) |
| If the algorithm WinSCP finds is below the //warn below here// line, you will see a warning box when you make the connection: | If the algorithm WinSCP finds is below the //warn below here// line, you will see a warning box when you make the connection: | ||
| - | > The first cipher supported by the server is single-DES, which is below the configured warning threshold. | + | > The first cipher supported by the server is single-%%DES%%, which is below the configured warning threshold. |
| > | > | ||
| > Do you want to continue with this connection? | > Do you want to continue with this connection? | ||
| Line 43: | Line 43: | ||
| In SSH-2, the encryption algorithm is negotiated independently for each direction of the connection, although WinSCP does not support separate configuration of the preference orders. As a result you may get two warnings similar to the one above, possibly with different encryptions. | In SSH-2, the encryption algorithm is negotiated independently for each direction of the connection, although WinSCP does not support separate configuration of the preference orders. As a result you may get two warnings similar to the one above, possibly with different encryptions. | ||
| - | Single-DES is not recommended in the SSH-2 protocol standards, but one or two server implementations do support it. WinSCP can use single-DES to interoperate with these servers if you enable the //Enable legacy use of single-DES in SSH-2// option; by default this is disabled and WinSCP will stick to recommended ciphers. ((&puttydoccite)) | + | Single-DES is not recommended in the %%SSH-2%% protocol standards, but one or two server implementations do support it. WinSCP can use single-%%DES%% to interoperate with these servers if you enable the //Enable legacy use of single-%%DES%% in %%SSH-2%%// option; by default this is disabled and WinSCP will stick to recommended ciphers. ((&puttydoccite)) |
| You can see actually used encryption algorithm on [[ui_fsinfo|Server and Protocol Information Dialog]]. | You can see actually used encryption algorithm on [[ui_fsinfo|Server and Protocol Information Dialog]]. | ||