Differences
This shows you the differences between the selected revisions of the page.
| 2016-05-24 | 2016-05-24 | ||
| 5.8.3 Promoting ChaCha20 cipher above Blowfish (below AES). (martin) | reverting 5.8.3 Change: Fallback between SSH versions is not supported anymore. (martin) | ||
| Line 16: | Line 16: | ||
| The //Enable compression// checkbox enables [[ssh#compression|data compression]] in the SSH connection: data sent by the server is compressed before sending, and decompressed at the client end. | The //Enable compression// checkbox enables [[ssh#compression|data compression]] in the SSH connection: data sent by the server is compressed before sending, and decompressed at the client end. | ||
| - | The //Preferred %%SSH%% protocol version// selection allows you to select whether you would like to use SSH protocol version 2 or legacy version 1. //In the latest beta version//, you can select a specific version only. //The latest stable release//, support additional options to permit falling back to the other version. If you select //2 only// or //1 only// here, WinSCP will only connect if the server you connect to offers the %%SSH%% protocol version you have specified. With the settings //2// and //1//, WinSCP will attempt to use protocol 1 if the server you connect to does not offer protocol 2, and vice versa. &beta | + | The //Preferred %%SSH%% protocol version// selection allows you to select whether you would like to use SSH protocol version 2 or legacy version 1, and whether to permit falling back to the other version. If you select //2 only// or //1 only// here, WinSCP will only connect if the server you connect to offers the %%SSH%% protocol version you have specified. With the settings //2// and //1//, WinSCP will attempt to use protocol 1 if the server you connect to does not offer protocol 2, and vice versa. |
| - | You should normally leave this at the default, //2// (//2 only// in //the latest stable release//). The older %%SSH-1%% protocol is no longer developed, has many known cryptographic weaknesses, and is generally not considered to be secure. If you permit use of %%SSH-1%% by selecting //2// instead of //2 only//, in the //latest stable release/// an active attacker can force downgrade to %%SSH-1%% even if the server you're connecting to supports %%SSH-2%%. ((&puttydoccite)) &beta | + | You should normally leave this at the default, //2 only//. The older %%SSH-1%% protocol is no longer developed, has many known cryptographic weaknesses, and is generally not considered to be secure. If you permit use of %%SSH-1%% by selecting //2// instead of //2 only//, an active attacker can force downgrade to %%SSH-1%% even if the server you're connecting to supports %%SSH-2%%. ((&puttydoccite)) |
| You can see actually used protocol version on [[ui_fsinfo|Server and Protocol Information Dialog]]. | You can see actually used protocol version on [[ui_fsinfo|Server and Protocol Information Dialog]]. | ||