The SSH panel allows you to configure options that only apply to SSH sessions.
In SSH, you don't have to run a general shell session on the server. Instead, you can choose to run a single specific command (such as a mail user agent, for example). If you want to do this, enter the command in the "Remote command" box.
When connecting to a Unix system, most interactive shell sessions are run in a pseudo-terminal, which allows the Unix system to pretend it's talking to a real physical terminal device but allows the SSH server to catch all the data coming from that fake device and send it back to the client.
Occasionally you might find you have a need to run a session not in a pseudo-terminal. In PuTTY, this is generally only useful for very specialist purposes; although in Plink (see chapter 5) it is the usual way of working.
This enables data compression in the SSH connection: data sent by the server is compressed before sending, and decompressed at the client end. Likewise, data sent by PuTTY to the server is compressed first and the server decompresses it at the other end. This can help make the most of a low-bandwidth connection.
This allows you to select whether you would like to use SSH protocol version 1 or version 2.
PuTTY will attempt to use protocol 1 if the server you connect to does not offer protocol 2, and vice versa.
This option should now be unnecessary. It existed in order to work around a bug in early versions (2.3.0 and below) of the SSH server software from ssh.com. The symptom of this problem would be that PuTTY would die unexpectedly at the beginning of the session, saying "Incorrect MAC received on packet".
Current versions of PuTTY attempt to detect these faulty servers and enable the bug compatibility automatically, so you should never need to use this option any more.
PuTTY supports a variety of different encryption algorithms, and allows you to choose which one you prefer to use. You can do this by dragging the algorithms up and down in the list box to specify a preference order. When you make an SSH connection, PuTTY will search down the list from the top until it finds an algorithm supported by the server, and then use that.
If the algorithm PuTTY finds is below the "warn below here" line, you will see a warning box when you make the connection:
The first cipher supported by the server is single-DES, which is below the configured warning threshold. Do you want to continue with this connection?
This warns you that the first available encryption is not a very secure one. Typically you would put the "warn below here" line between the encryptions you consider secure and the ones you consider substandard.
By default, PuTTY supplies a preference order intended to reflect a reasonable preference in terms of security and speed.