SSH([Setup] Menu)

"TTSSH: Setup" Dialog box

Preferred cipher order
Specify the type of encryption for SSH with the order.
<ciphers below this line are disabled>
aes256-gcm@openssh.com not RFC5647, PROTOCOL of OpenSSH
camellia256-ctr draft-kanno-secsh-camellia-02
chacha20-poly1305@openssh.com PROTOCOL.chacha20poly1305 of OpenSSH
aes256-ctr RFC4344
camellia256-cbc draft-kanno-secsh-camellia-02
aes256-cbc RFC4253
camellia192-ctr draft-kanno-secsh-camellia-02
aes192-ctr RFC4344
camellia192-cbc draft-kanno-secsh-camellia-02
aes192-cbc RFC4253
aes128-gcm@openssh.com not RFC5647, PROTOCOL of OpenSSH
camellia128-ctr draft-kanno-secsh-camellia-02
aes128-ctr RFC4344
camellia128-cbc draft-kanno-secsh-camellia-02
aes128-cbc RFC4253
3des-ctr RFC4344
3des-cbc RFC4253
blowfish-ctr RFC4344
blowfish-cbc RFC4253
cast128-ctr RFC4344
cast128-cbc RFC4253
3DES(SSH1)
arcfour256 RFC4345
arcfour128 RFC4345
arcfour RFC4253
Blowfish(SSH1)
DES(SSH1)
SSH Known Hosts
Specify the file which includes a name of Host connected via SSH (and Public key for Host).
Host key rotation

Configure the host key rotation feature(OpenSSH 6.8 or later).

SSH server has the host key, however the host key may be changed for any reason.
In this case, SSH server sends a list of new host keys to client. Next, the server urges updating of host key lists to client.
TTSSH can support this feature. When a list of new host key is received, the known hosts list of client is updated.

No
Do not update the known hosts file.
Yes
Automatically update the known hosts file.
Ask
A user is asked to confirm the modifications to the known hosts file.
HeartBeat (keep-alive)
A Keep-alive packet is sent on a regular basis to maintain the connection (particularly useful under NAT). If 0 is specified, this feature is disabled.
Remember password in memory
The user password is preserved in the memory. The password in the memory is used by "Duplicate session" function. The password is deleted in the memory when Tera Term session disconnects.
Enable agent forwarding
The SSH agent forwarding is enabled using by the Pageant application.
Confirm agent forwarding
When the SSH agent-forwarding is requested, a user will confirm contacting the Pageant.
Verify host key fingerprint by DNS
The host key of the SSH server is verified by using the SSHFP Resource Record.
The result of this verification should be used only as a guide.
KEX order (SSH2 only)
Specify the type of KEX(Key Exchange) for SSH2 with the order.
<KEXs below this line are disabled>
ecdh-sha2-nistp256 RFC5656
ecdh-sha2-nistp384 RFC5656
ecdh-sha2-nistp521 RFC5656
diffie-hellman-group18-sha512 RFC8268
diffie-hellman-group16-sha512 RFC8268
diffie-hellman-group14-sha256 RFC8268
diffie-hellman-group-exchange-sha256 RFC4419
diffie-hellman-group-exchange-sha1 RFC4419
diffie-hellman-group14-sha1 RFC4253
diffie-hellman-group1-sha1 RFC4253
MAC order (SSH2 only)
Specify the type of MAC for SSH2 with the order.
<MACs below this line are disabled>
hmac-sha2-512-etm@openssh.com
hmac-sha2-256-etm@openssh.com
hmac-sha1-etm@openssh.com
hmac-sha2-512 RFC6668
hmac-sha2-256 RFC6668
hmac-sha1 RFC4253
hmac-ripemd160-etm@openssh.com
hmac-ripemd160@openssh.com
hmac-md5-etm@openssh.com
hmac-md5 RFC4253
hmac-sha1-96-etm@openssh.com
hmac-md5-96-etm@openssh.com
hmac-sha1-96 RFC4253
hmac-md5-96 RFC4253
Host key order (SSH2 only)
Specify the type of host key for SSH2 with the order.
<Host keys below this line are disabled>
ecdsa-sha2-nistp256 RFC5656
ecdsa-sha2-nistp384 RFC5656
ecdsa-sha2-nistp521 RFC5656
ssh-ed25519 RFC8709
rsa-sha2-512 RFC8332
rsa-sha2-256 RFC8332
ssh-rsa RFC4253
ssh-dss RFC4253
Compression order (SSH2 only)
Specify the type of compression key for SSH2 with the order.
<Compressions below this line are disabled>
zlib@openssh.com PROTOCOL of OpenSSH Delayed compression (Starts compressing after authentication)
zlib RFC4253
none RFC4253 No compression
Compression level
Specify the level of compression for transmission. The more right, the more compression is done (note: it may degrade the throughout with a high-speed link such as ADSL or FTTH).
By using SSH1 protocol, when the Compression level is 0, the packet compression is disabled, or the Compression level is over 1, the compression is enabled.
By using SSH2 protocol, use the Compression order to enable the packet compression. And then, set the Compression level to 1 over.
LogLevel
Specify the debug level of TTSSH module.
When the debug level is greater than 0, the debug data is recorded in "TTSSH.LOG",
"ssh2connect.log" and "ssh2packet.log" under ttermpro.exe directory.
Value Meaning
0 Disabled
5 Fatal
10 Error
30 Warning
50 Notice
80 Information
100 Verbose
200 SSH Dump