Home
|
FAQ
|
Feedback
|
Licence
|
Updates
|
Mirrors
|
Keys
|
Links
|
Team
Download:
Stable
·
Pre-release
·
Snapshot
|
Docs
|
Privacy
|
Changes
|
Wishlist
OpenSSH has a mechanism for changing SSH-2 from its usual encode-then-encrypt-and-MAC scheme to a more conventional encrypt-then-MAC. This is signalled by new MAC algorithms with -etm in their names. Of these, PuTTY now supports:
PuTTY doesn't currently prefer these because it's not clear to us that they give any security benefit except when using CBC-mode ciphers, and any server that supports ETM will also be able to do something better than CBC.