PuTTY wish ssh2-only-default

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Snapshot | Docs | Changes | Wishlist

summary: Stop trying SSH-1 by default
class: wish: This is a request for an enhancement.
difficulty: fun: Just needs tuits, and not many of them.
priority: high: This should be fixed in the next release.
fixed-in: 2014-11-09 5da1d58325f647750a336cedf628f09c891443d2 3b4f3266d84068d75a099102778e2464a2832362 0.64

SSH protocol version 1 is obsolete and insecure. If you still need it, you should probably have to configure it explicitly. Change the default SSH protocol version from "2" to "2 only".

Probably we should also have some words in the docs (and maybe the UI) about SSH-1's insecurity, and maybe tweak the wording of the failure message (currently "SSH protocol version 2 required by user but not provided by server").

This will slightly speed up SSH connections, as PuTTY can send its first message without waiting to see the server's version string.

If you want to comment on this web site, see the Feedback page.
Audit trail for this wish.
(last revision of this bug record was at 2016-12-27 11:40:22 +0000)