Differences
This shows you the differences between the selected revisions of the page.
| 2021-12-06 | 2021-12-06 | ||
| updating to 5.20 caption - screenshot to be updated with stable release long with removal of protocol version selection (martin) | no need to refer to ssh versions (martin) | ||
| Line 36: | Line 36: | ||
| * //Triple-DES// -- 168-bit SDCTR or CBC | * //Triple-DES// -- 168-bit SDCTR or CBC | ||
| * //Arcfour// (RC4) -- 256 or 128-bit stream cipher | * //Arcfour// (RC4) -- 256 or 128-bit stream cipher | ||
| - | * //Single-%%DES%%// -- 56-bit CBC (see below for %%SSH-2%%) | + | * //Single-%%DES%%// -- 56-bit CBC (see below) |
| If the algorithm WinSCP finds is below the //warn below here// line, you will see a warning box when you make the connection: | If the algorithm WinSCP finds is below the //warn below here// line, you will see a warning box when you make the connection: | ||
| Line 46: | Line 46: | ||
| This warns you that the first available encryption is not a very secure one. Typically you would put the //warn below here// line between the encryptions you consider secure and the ones you consider substandard. By default, WinSCP supplies a preference order intended to reflect a reasonable preference in terms of security and speed. | This warns you that the first available encryption is not a very secure one. Typically you would put the //warn below here// line between the encryptions you consider secure and the ones you consider substandard. By default, WinSCP supplies a preference order intended to reflect a reasonable preference in terms of security and speed. | ||
| - | In SSH-2, the encryption algorithm is negotiated independently for each direction of the connection, although WinSCP does not support separate configuration of the preference orders. As a result you may get two warnings similar to the one above, possibly with different encryptions. | + | In SSH, the encryption algorithm is negotiated independently for each direction of the connection, although WinSCP does not support separate configuration of the preference orders. As a result you may get two warnings similar to the one above, possibly with different encryptions. |
| - | Single-DES is not recommended in the %%SSH-2%% protocol standards, but one or two server implementations do support it. WinSCP can use single-%%DES%% to interoperate with these servers if you enable the //Enable legacy use of single-%%DES%%// option; by default this is disabled and WinSCP will stick to recommended ciphers.((&puttydoccite)) | + | Single-DES is not recommended in the %%SSH%% protocol standards, but one or two server implementations do support it. WinSCP can use single-%%DES%% to interoperate with these servers if you enable the //Enable legacy use of single-%%DES%%// option; by default this is disabled and WinSCP will stick to recommended ciphers.((&puttydoccite)) |
| You can see actually used encryption algorithm on [[ui_fsinfo|Server and Protocol Information Dialog]]. | You can see actually used encryption algorithm on [[ui_fsinfo|Server and Protocol Information Dialog]]. | ||