The SSH2/Advanced category of the Session
Options dialog allows you to further configure your SSH2 The second version of the SSH protocol which provides a way to encrypt network traffic between a client and a server, with a slightly different set of security features than the SSH1 protocol provides.
connection A data path or circuit between two computers over a phone line, network cable, or other means. . The SSH2
category only appears when you have selected SSH2
or SFTP as your Protocol.
Cipher
The encryption The process of converting a data transmission into a secret format that cannot easily be read by unauthorized individuals. See also: decryption. algorithm to use for
data privacy The concept that data should only be viewed or accessed by those with authorization to do so. Data privacy is achieved using a cipher to encrypt data. . The ciphers
provided for use with the SSH2 protocol in SecureCRT are AES, Twofish,
Blowfish, 3DES, and RC4. You may also set the cipher to None
,
which will effectively render your connection insecure. No encryption
will occur if the cipher is set to None
, and all data will
be transmitted in plain text.
WARNING: Setting cipher
to None
causes the data channel to be left
unencrypted and offers no security.
SecureCRT will attempt to connect using the first selected cipher in the Cipher list and then, if not successful, work down the list trying each selected cipher. To reorder the list, select the cipher that you want to reposition and use the buttons to the right of the list to move the cipher up or down.
Cipher Speed Information -- The 3DES cipher is very CPU intensive (slow). The AES and Twofish ciphers are considerably less CPU intensive (faster) than 3DES.
MAC (Message Authentication Code)
The SSH2 protocol provides increased security over SSH1 The first version of the SSH protocol which provides a way to encrypt network traffic between a client and a server. by means of a MAC (Message Authentication Codes) which ensures data integrity The concept that information can be verified as original and unaltered. If data integrity is ensured, information can only be modified by those with proper authorization. See also: MAC. . Although specifying a MAC is optional, it is highly recommended that a MAC be specified in order to ensure data integrity. The MACs provided for use with the SSH2 protocol in SecureCRT are SHA1, MD5, and UMAC.
WARNING: Data integrity
cannot be ensured if MAC is set to None
.
SecureCRT will attempt to connect using the first selected MAC in the MAC list and then, if not successful, work down the list trying each selected MAC. To reorder the list, select the MAC that you want to reposition and use the buttons to the right of the list to move the MAC up or down.
Options group
Compression
Select the type of compression that you want for this SSH2 session A session is a set of options that are assigned to a connection to a remote machine. These settings and options are saved under a session name and allow the user to have different preferences for different hosts. .
Level
This option controls the level of compression. The compression level ranges from 0 (minimal compression) to 9 (maximum compression). A higher level means better compression but slower performance. The default value is 5.
Enable OpenSSH agent forwarding
Check this option to use the agent to connect to a remote machine through another remote machine (see Using the Agent). This is a tri-state option; If this option is set to the tri-state value (square), the setting from the Global Options/SSH2 category will be used.