16.4. Advanced Client Use
To establish an SSH connection, you must fill in the following
Connection fields in the
Properties window. These include:
- Host Name
- The name of the remote SSH server machine to which you want to
connect.
- User Name
- Your username on the remote SSH server machine. If you're using
public key (RSA) authentication, this username must belong to an
account that contains your public key.
- Port Number
- The TCP port for SSH connections. Virtually all SSH clients and
servers operate on port 22. Unless you plan to connect to a
nonstandard SSH server, you don't need to change this. [Section 7.4.4.1, "Selecting a remote port"]
- SSH Protocol
- You may require SSH-1 or SSH-2, or select Automatic to let the
program figure it out based on the server's response.
Optionally, you may select the encryption cipher and an
authentication method. In the Properties window, select Cipher to
choose the set of encryption ciphers you will permit your client to
use. (The default should be acceptable for most uses.) The SSH server
negotiates with your client to choose a cipher they both support.
Your authentication method can be public key or password, which may
be chosen in the login window. The program automatically tries to
authenticate with each of your User Keys in order. [
Section 16.3.4, "Using Keys"]
16.4.1. Data Compression
F-Secure SSH can transparently
compress and uncompress the data traveling over an SSH connection,
which can speed up your connection. [
Section 7.4.11, "Data Compression"]
In the Properties window, choose Connection, and check the box
labeled Compression. There's no way to set different
compression levels as in SSH1.
16.4.2. Debugging with Verbose Mode
Is your
SSH session not working as expected? Turn on verbose mode so status
messages are printed in the window as your session runs. This can
help you locate and solve problems.
In the Properties window, select Appearance and check the box labeled
Verbose Mode. The next time you connect, you'll see messages
like this:
debug: connecting ...
debug: addresses 219.243.169.50
debug: Registered connecting socket: 12
debug: Connection still in progress
debug: Marked name resolver 1 killed
debug: Replaced connected socket object 12 with a stream
Verbose mode is much like its counterpart in the Unix SSH products.
[
Section 7.4.15, "Logging and Debugging"] It can be an indispensable tool for
diagnosing problems with your connection.
16.4.3. SOCKS Proxy Server
F-Secure SSH
Client supports connecting through SOCKS Version 4 proxy servers.
[
Section 4.1.5.8, "SOCKS proxy support"] On the Properties window, select Socks
and fill in the hostname or IP address of the proxy server machine
and the port number on the proxy (the usual SOCKS port is 1080).
16.4.4. Accepting Host Keys
Every SSH server has a unique host key
that represents the server's identity, so SSH clients can
verify that they are speaking with the actual server and not an
impostor. [
Section 2.3.1, "Known Hosts"] F-Secure SSH Client keeps
track of all host keys it encounters. The keys are stored in the
Windows registry.
If you want F-Secure SSH Client to reject host keys it hasn't
seen before, visit the Properties window and select Security. A
checkbox is available to set this option.
16.4.5. Additional Security Features
Normally, F-Secure SSH Client keeps track of hostnames, usernames,
filenames, and terminal input and output that it encounters. Any time
you want to purge this information from the program (say, to prevent
a third party from viewing it on your computer), visit the Properties
window and select
Security. The buttons on this window
will delete the information.
16.4.6. Secure File Transfer with SFTP
A graphical
file transfer program, F-Secure SSH FTP, is also included. Its user
interface should be familiar to anyone who has used a graphical FTP
client, except that you must set up authentication via SSH. We
don't document this program, as it comes with online help, but
we did want to mention it.
16.4.7. Command-Line Tools
F-Secure SSH comes with a graphical
terminal program as well as command-line clients using the SSH-2
protocol. These include
ssh2,
scp2, and
sftp2. These programs
are much the same as their counterparts in SSH2, as described in
Chapter 2, "Basic Client Use", except:
- Some of the Unix command-line options aren't supported. Type
the program name by itself (e.g., ssh2 ) to see
the current list of options.
- Key files aren't supported; these programs read keys from the
Windows registry, just as F-Secure SSH Client does.
The command-line programs are useful for scripting and batch files,
or for executing remote commands on the server machine:
C:\> ssh2 server.example.com mycommand
 |  |  |
| 16.3. Key Management |  | 16.5. Forwarding |
