This category only appears if VanDyke Software's SecureCRT® 5.0 (or newer) is also installed.
The SSH1 category of the Session Options dialog allows you to configure your SSH1 connection. The SSH1 category only appears when you have selected SSH1
as your Protocol.
SSH1 Overview
SSH1 provides secure communication over a nonsecure channel by encrypting the data channel using the cipher algorithm selected for the session by the user.
WARNING: Setting cipher to None
causes the data channel to be left unencrypted and offers no security.
The cipher selected must also be supported by the destination SSH1 server . An error will be reported during a connection attempt if the chosen cipher is not supported by the server.
port forwarding is another feature based on SSH security. See "Port Forwarding with SSH" in the SecureCRT Help system to learn more about encrypting connections for other applications (such as IMAP) that are not secure by default.
SSH1 connection settings include hostname, port, username, cipher, and authentication .
Hostname
The hostname or IP address of the remote machine that provides the SSH1 service.
Port
The port number of the SSH1 service on the remote machine. For SSH1, the default port is 22
.
Firewall
If your connection involves a firewall, select your firewall from the list of firewalls that have been configured in the Global Options/Firewall dialog.
Note: You can also select an SSH2 session to be used as a firewall. When a session is specified as a firewall, the firewall session will be connected first.
Username
The username used to log on to the remote machine.
Authentication
SecureCRT supports three types of authentication for connecting to SSH1 servers: password, RSA, and TIS.
Password authentication transmits the user's password to the server to authenticate the connection. The transmitted password is protected from network eavesdropping, due to the cipher encryption of the data channel. For this reason, some SSH1 servers reject the use of password authentication if the cipher is set to None
.
RSA authentication uses a public/private key pair to authenticate the connection. The general mechanism behind RSA authentication is that the SSH1 server "challenges" the client to decrypt a message encoded using the user's public key stored on the server. Upon connecting, the SSH1 server generates a random value, encrypts the value using the user's public key and sends the encrypted challenge to the client. The client authenticates the connection by successfully decrypting the challenge using the user's private key. The security of the mechanism requires that no one but the owner have access to the private key. The private key is stored locally in an identity file . The first time you connect to an SSH1 server using RSA authentication, SecureCRT will prompt you for the location of this file. Also, prior to using RSA authentication, the public key must be made available to the SSH1 server.
TIS firewall authentication uses the TIS firewall server to provide a challenge phrase / response combination. SSH1 servers must be configured to offer TIS authentication.
Key exchange group
Key exchange is part of establishing trust between a client and a Secure Shell server. SecureCRT supports the rsa-ssh1 key exchange method for SSH1 sessions.
Related Topics