PASSPORT Knowledge Base
Configuration

Date Published: October 18, 2007

Date Updated: December 2, 2008

Title

Enabling SSH Security

Product

PASSPORT PC to Host, PASSPORT Web to Host

Emulation Types

VT, SCO ANSI, Wyse 60

Issue

What is SSH Secure Shell Protocol and how do I enable SSH security?

Solution

SSH (Secure Shell) protocol is used if you need a secure, encrypted communications between a trusted host and your PC over an insecure network.  It is available for VT, SCO ANSI, and Wyse-60 Terminal emulation sessions.  When you configure PASSPORT to use SSH, all connections between your PC and the remote hosts are encrypted, protecting the data sent between them.  Passwords are never sent over the network in a clear text format.

The following options are available for SSH security:

Preferred Protocol Version

Specifies which version of the SSH protocol is used when a host connection is established. Two versions are available: SSH-1 and SSH-2. SSH-2 is a newer, more secure implementation and is the default setting.  With this setting PASSPORT will first attempt to connect using SSH-2 and will try SSH-1 if the server does not support SSH-2. Selecting SSH-2 Only or SSH-1 Only will force the connection to this version of the protocol.

Enable Compression

This enables data compression for the SSH connection. With this option enabled, data sent by the server is compressed before sending, and decompressed at the client end. Likewise, data sent to the server is compressed first and the server decompresses it at the other end. This can help with low-bandwidth connections.

Username

The username to be sent to the SSH server can be entered or left blank. If left blank the user is required to type this parameter each time host session is established. For security reasons, passwords cannot be saved and must always be typed by the user.

Private Key File for Authentication

Enter the path to the private key file, or locate it using the Browse button.

Note: When SSH security is enabled, the text "SSH" appears in positions 5-7 of the OIA line.

To enable SSH, follow the steps below:

For PASSPORT PC to Host:

1. Make sure that you’re connecting to a host system that supports the SSH Secure Shell protocol.  Check with your System Administrator.
2. Make sure the TCP port is correctly entered under Communication->Setup menu.  When using SSH typically TCP port 22 is used instead of 23.  Check with your System Administrator for this information.
3. Make sure the “Enable SSH Secure Connection” option is enabled under the Communication->Setup->Security menu (see screenshot below).
4. If you are a remote user, check with your System Administrator to make sure that your firewall is allowing SSH traffic through.

To enable SSH for a new session in PASSPORT PC to Host version 2007-914 or higher, enable the check box on the Security screen of the New Session Wizard:

To add SSH security to an existing session:

1. Disconnect from the session
2. Select "Setup" from the "Communication" Menu
3. Select the "Security" tab

For PASSPORT Web to Host:

From the Administrator:

1. Create a new or open an existing VT, SCO ANSI or Wyse 60 session profile
2. On the Security tab, enable the check box for SSH security:
   
   
3. Click OK to save or Connect to test.

More Information

• Feature added in PASSPORT PC to Host version 2004-3B30-4 and PASSPORT Web to Host version 2004-3722-3

• SSH security is only available for VT, SCO ANSI or Wyse 60 emulation

Keywords

ssh, secure, security, putty, shell, ssh-1, ssh-1, authentication