SSH([Setup] Menu)

"TTSSH: Setup" Dialog box

Preferred cipher order

Specify the type of encryption for SSH with the order.
<ciphers below this line are disabled>

aes256-gcm@openssh.com	not RFC5647, PROTOCOL of OpenSSH
camellia256-ctr	draft-kanno-secsh-camellia-02
chacha20-poly1305@openssh.com	PROTOCOL.chacha20poly1305 of OpenSSH
aes256-ctr	RFC4344
camellia256-cbc	draft-kanno-secsh-camellia-02
aes256-cbc	RFC4253
camellia192-ctr	draft-kanno-secsh-camellia-02
aes192-ctr	RFC4344
camellia192-cbc	draft-kanno-secsh-camellia-02
aes192-cbc	RFC4253
aes128-gcm@openssh.com	not RFC5647, PROTOCOL of OpenSSH
camellia128-ctr	draft-kanno-secsh-camellia-02
aes128-ctr	RFC4344
camellia128-cbc	draft-kanno-secsh-camellia-02
aes128-cbc	RFC4253
3des-ctr	RFC4344
3des-cbc	RFC4253
blowfish-ctr	RFC4344
blowfish-cbc	RFC4253
cast128-ctr	RFC4344
cast128-cbc	RFC4253
3DES(SSH1)
arcfour256	RFC4345
arcfour128	RFC4345
arcfour	RFC4253
Blowfish(SSH1)
DES(SSH1)

SSH Known Hosts

Specify the file which includes a name of Host connected via SSH (and Public key for Host).

Host key rotation

Configure the host key rotation feature(OpenSSH 6.8 or later).

SSH server has the host key, however the host key may be changed for any reason.
In this case, SSH server sends a list of new host keys to client. Next, the server urges updating of host key lists to client.
TTSSH can support this feature. When a list of new host key is received, the known hosts list of client is updated.

No

Do not update the known hosts file.

Yes

Automatically update the known hosts file.

Ask

A user is asked to confirm the modifications to the known hosts file.

HeartBeat (keep-alive)

A Keep-alive packet is sent on a regular basis to maintain the connection (particularly useful under NAT). If 0 is specified, this feature is disabled.

Remember password in memory

The user password is preserved in the memory. The password in the memory is used by "Duplicate session" function. The password is deleted in the memory when Tera Term session disconnects.

Enable agent forwarding

The SSH agent forwarding is enabled using by the Pageant application.

Confirm agent forwarding

When the SSH agent-forwarding is requested, a user will confirm contacting the Pageant.

Verify host key fingerprint by DNS

The host key of the SSH server is verified by using the SSHFP Resource Record.
The result of this verification should be used only as a guide.

KEX order (SSH2 only)

Specify the type of KEX(Key Exchange) for SSH2 with the order.
<KEXs below this line are disabled>

ecdh-sha2-nistp256	RFC5656
ecdh-sha2-nistp384	RFC5656
ecdh-sha2-nistp521	RFC5656
diffie-hellman-group18-sha512	RFC8268
diffie-hellman-group16-sha512	RFC8268
diffie-hellman-group14-sha256	RFC8268
diffie-hellman-group-exchange-sha256	RFC4419
diffie-hellman-group-exchange-sha1	RFC4419
diffie-hellman-group14-sha1	RFC4253
diffie-hellman-group1-sha1	RFC4253

MAC order (SSH2 only)

Specify the type of MAC for SSH2 with the order.
<MACs below this line are disabled>

hmac-sha2-512-etm@openssh.com
hmac-sha2-256-etm@openssh.com
hmac-sha1-etm@openssh.com
hmac-sha2-512	RFC6668
hmac-sha2-256	RFC6668
hmac-sha1	RFC4253
hmac-ripemd160-etm@openssh.com
hmac-ripemd160@openssh.com
hmac-md5-etm@openssh.com
hmac-md5	RFC4253
hmac-sha1-96-etm@openssh.com
hmac-md5-96-etm@openssh.com
hmac-sha1-96	RFC4253
hmac-md5-96	RFC4253

Host key order (SSH2 only)

Specify the type of host key for SSH2 with the order.
<Host keys below this line are disabled>

ecdsa-sha2-nistp256	RFC5656
ecdsa-sha2-nistp384	RFC5656
ecdsa-sha2-nistp521	RFC5656
ssh-ed25519	RFC8709
rsa-sha2-512	RFC8332
rsa-sha2-256	RFC8332
ssh-rsa	RFC4253
ssh-dss	RFC4253

Compression order (SSH2 only)

Specify the type of compression key for SSH2 with the order.
<Compressions below this line are disabled>

zlib@openssh.com	PROTOCOL of OpenSSH	Delayed compression (Starts compressing after authentication)
zlib	RFC4253
none	RFC4253	No compression

Compression level

Specify the level of compression for transmission. The more right, the more compression is done (note: it may degrade the throughout with a high-speed link such as ADSL or FTTH).
By using SSH1 protocol, when the Compression level is 0, the packet compression is disabled, or the Compression level is over 1, the compression is enabled.
By using SSH2 protocol, use the Compression order to enable the packet compression. And then, set the Compression level to 1 over.

LogLevel

Specify the debug level of TTSSH module.
When the debug level is greater than 0, the debug data is recorded in "TTSSH.LOG", "ssh2connect.log" and "ssh2packet.log" under Log folder.

Value	Meaning
0	Disabled
5	Fatal
10	Error
30	Warning
50	Notice
80	Information
100	Verbose
200	SSH Dump