| | |
| ||
| ||
     |
To add a connection profile, click Add... in the Connection Profiles page. Type a name for the profile and click OK.
Define the profile settings in the tabbed view as described in Defining Connections, Defining Authentication, Defining Ciphers, Defining MACs, Defining Tunneling, Defining Proxy Settings, Defining Color Settings, Defining Keyboard Settings, Defining File Transfer Settings, and Defining Favorite Folders.
Type the name of the remote host computer you want to connect to using this profile. If you specify * (an asterisk) as the hostname, you will be prompted to type in the hostname when connecting.
Type the username you want to use when connecting to the remote
host computer. If you specify * (an asterisk) as the username, you will
be prompted to type in the username when connecting. If you specify
%USERNAME% (note the percent signs) as the username, it will
be replaced with the name of the current Windows user account upon
connecting.
Type the port number you want to use for the Secure Shell connection. The default port is 22.
![[Note]](images/note.gif) | Note |
|---|---|
A Secure Shell server program must be listening to the specified port on the remote host computer or the connection attempt will not succeed. If you are unsure which port the remote host computer is listening to, contact the system administrator of the remote host. |
Select the desired encryption algorithm from the drop-down menu. Valid choices are 3DES, Blowfish, Twofish, AES, Arcfour, and SEED. You can also select whatever default that is used by the remote host computer, use no enryption (none) at all, or create your own cipher list. For more information on the Cipher List tab, see Defining Ciphers.
For the AES and Twofish algorithms you can also choose the strength of encryption, meaning how many bits will be used. Greater values are more secure, but slower to use. Possible values are 128, 192, or 256 bits.
| Note |
|---|---|
If you select |
Select the desired Message Authentication Code (MAC) algorithm (hash algorithm) from the drop-down menu. Valid choices are HMAC-MD5 and HMAC-SHA1. You can also select which default is used by the remote host computer, or select to use no message authentication code at all (none). If you select not to use any MAC algorithm, a confirmation dialog will be displayed. The default MAC value is HMAC-SHA1, HMAC-MD5.
Select the desired compression setting from the drop-down menu. Valid choices are zlib and none. Compression is disabled by default.
Use this drop-down list to select a profile for creating a nested tunnel.
Use this drop-down list to select the desired terminal answerback.
Possible methods for general authentication are the following:
Password: Use a password for authentication.
Public-key: Use public-key authentication.
Keyboard-interactive: Keyboard-interactive is designed to allow the Secure Shell client to support several different types of authentication methods, including RSA SecurID and PAM. For more information on keyboard-interactive, see SSH Tectia Client/Server Product Description.
GSSAPI: GSSAPI (Generic Security Service Application Programming Interface) is a common security service interface that allows different security mechanisms to be used via one interface. For more information on GSSAPI, see SSH Tectia Client/Server Product Description.
When connecting from a Windows 5.x client to a Windows 4.x server
using GSSAPI authentication, if authentication fails although GSSAPI has
been correctly configured, you may have to disable the
LMHOSTS lookup on the client-side computer:
Select Control Panel → Network Connections.
In Local Area Connection, right-click and select Properties.
In the Local Area Connection Properties dialog box, General tab, select Internet Protocol (TCP/IP) and click the Properties button.
In the Internet Protocol (TCP/IP) Properties dialog box, in the General tab, click the Advanced... button.
In the Advanced TCP/IP Settings dialog box, in the WINS tab, clear the Enable LMHOSTS lookup check box.
Restart the client-side computer.
Select the Use defaults check box to use defaults, or define a cipher list using the arrow buttons.
Select the Use defaults check box to use defaults, or define a MAC list using the arrow buttons.
Select proxy settings for the profile.
Select this option if you do not want to use a proxy.
Select this option to use the proxy rules defined in the General settings Proxy page (Defining Proxy Rules).
Click Add... to add a new proxy definition for this profile.
Select type, and define a server and port.
Tunneling, or port forwarding, is a way of forwarding otherwise unsecured TCP traffic through an encrypted Secure Shell tunnel. You can secure for example POP3, SMTP, and HTTP connections that would otherwise be unsecured.
| Note |
|---|---|
The client-server applications using the tunnel will carry out their own authentication procedures (if any) the same way they would without the encrypted tunnel. |
Tunneling settings are configured using the Tunneling tab. Any changed tunneling settings will take effect the next time you log in.
The local (outgoing) and remote (incoming) tunnel settings are configured using the Local tunnels and Remote tunnels tabs of the Tunneling tab.
Local tunnels protect TCP connections that your local computer forwards from a specified local port to the specified port on the remote host computer you are connected to.
It is also possible to forward the connection beyond the remote host computer. However, the connection is encrypted only between the client (local computer) and the Secure Shell server.
Click the Local tunnels tab to edit outgoing tunnel definitions. Click Add... to open the Add a New Local Tunnel dialog.
The following fields are used to define a local tunnel:
Type: Select the type of the tunnel from the drop-down list. Valid choices are TCP and FTP.
Listen port: This is the number of the local port that the tunnel listens to, or captures.
| Note |
|---|---|
The protocol or application that you wish to create the tunnel for may have a fixed port number (for example 143 for IMAP) that it needs to use to connect successfully. Other protocols or applications may require an offset (for example 5900 for VNC) that you will have to take into an account. |
Allow local connections only: Select this option if you want to allow only local connections to be made. This means that other computers will not be able to use the tunnel created by you. By default, only local connections are allowed. This is the right choice for most situations. You should carefully consider the security implications if you decide to also allow outside connections.
Destination host: This field defines the destination host for the port forwarding. The default value is localhost.
| Note |
|---|---|
The value of localhost is resolved after the Secure Shell connection has been established, so here localhost refers to the remote host computer you have connected to. |
Destination port: The destination port defines the port that is used for the forwarded connection on the destination host.
Tunnel using profile: Select the server to use for the tunnel.
Remote tunnels protect TCP connections that the remote host forwards from a specified remote port to the specified port on your local computer.
Click the Remote tunnels tab to edit incoming tunnel definitions. Click Add... to open the Add a New Remote Tunnel dialog.
The following fields are used to define a remote tunnel:
Type: Select the type of the tunnel from the drop-down list. Valid choices are TCP and FTP.
Listen port: The port that the tunnel listens to, or captures from the remote host computer.
| Note |
|---|---|
Privileged ports (below 1024) can be forwarded only when logging in with root privileges on the remote host computer. |
Destination host: This field defines the destination host for the port forwarding. The default value is localhost.
| Note |
|---|---|
Here localhost refers to your local computer. Also note that if the connection from the remote host computer is forwarded beyond your local computer, that connection is unsecured. |
Destination port: The destination port defines the port that is used for the forwarded connection on the destination host.
Tunnel using profile: Select the server to use for the tunnel.
The following buttons are available for configuring local and remote tunnels.
Click Add... to add a tunnel definition. A dialog opens, allowing you to define the name, type, listen port, destination host, and destination port for the port forwarding. With outgoing tunnels you can also define whether you allow local connections only.
| Note |
|---|---|
If you are tunneling an FTP connection, you must set the tunnel type as FTP. |
If the Secure Shell server and the FTP server are located on separate host computers, FTP tunneling works only if FTP is set to run in passive mode. If the Secure Shell server and the FTP server are located on the same computer, tunneling works regardless of whether FTP is running in passive or active mode.
Select a tunnel definition from the list and click Edit... to edit a tunnel. An Edit Tunnel dialog opens, allowing you to edit the name, listen port, destination host, and destination port of the outgoing tunnel. With outgoing tunnels you can also define whether you allow local connections only.
Select a tunnel definition from the list and click Delete to remove a tunnel. Note that the selected tunnel will be removed immediately, with no confirmation dialog.
Use the Add profile..., Rename profile..., and Delete profile buttons at the bottom of the page to work with profiles.
SSH Tectia Client can securely tunnel (forward) X11 graphic connections from the remote host computer to an X Windows server running on the local computer.
| Note |
|---|---|
You must also be running an X emulator such as eXceed or Reflection X in passive mode on the Windows computer for X11 tunneling to work. |
To tunnel (forward) X11 traffic, do the following:
Install an X server (X emulation) program on Windows (eXceed, Reflection X, or the like).
Start SSH Tectia Client.
Select the Tunneling tab of the Connection Profiles page and make sure that the Tunnel X11 connections check box is selected.
Save your settings for SSH Tectia Client.
Quit the client, start it again and log into the remote host.
Start the X server (X emulation) program.
To test the tunneling, run xterm or xclock from SSH Tectia Client.
The colors used in the terminal window can be selected using the Colors page. The new color settings are active immediately when you click OK.
The color settings can be defined either globally or per profile. When colors are defined in Global Settings, the Use Global Colors option is not available, but the color settings will affect all connection profiles.
Note that changing the terminal colors does not affect what is already visible in the terminal window, but from this point onwards the text output will use the selected color scheme.
To discard your changes, click Cancel.
Use Global Colors: Select the Use Global Colors check box if you want to use the same color settings for each connection. If the check box is selected, you cannot specify different color settings for each connection profile (the other color settings are grayed out).
The text colors affect the terminal window background color and the color of text in both a connected window and a disconnected window.
Foreground: Select the desired foreground color from the drop-down menu. Foreground color is used for text in a window that has a connection to a remote host computer. You can select from sixteen colors. Black is the default foreground color.
Background: Select the desired background color from the drop-down menu. You can select from sixteen colors. White is the default background color.
Selection: Use the drop-down menu to select the color that is used as the background color when selecting text with the mouse. You can select from sixteen colors. Aqua is the default selection color.
Disconnected: Use the drop-down menu to select the color that is used as the foreground color in a terminal window that has no connection to a remote host computer. You can select from sixteen colors. Gray is the default foreground color for a disconnected terminal window.
Select the desired cursor color from the drop-down menu. You can select from sixteen colors. Navy is the default cursor color.
With ANSI control codes it is possible to change the color of text in a terminal window. With the ANSI Colors setting you can select to use this feature. Even if you disable ANSI colors, you can still select your favorite text and background colors to be used in the terminal window.
Enable ANSI Colors: Select this check box to allow ANSI colors to be used in the terminal window. By default, ANSI colors are selected.
By reversing the display colors you can quickly change the display from positive (dark on light) to negative (light on dark) to improve visibility.
Reverse Video: Select this check box to change the foreground color into background color and vice versa. This setting affects the whole terminal window when you click OK.
The keyboard settings used for the connection are configured using the Keyboard tab. Keyboard mappings take effect when you start a new connection or reset the terminal.
User Defined Keymap File: With this option you can create additional keyboard shortcuts or modify the existing ones. The additional key mappings are saved into a separate file with the .sshmap file extension. The current keymap file is displayed in the text field.
You can modify the current key mappings by clicking Edit to open the Keymap Editor dialog.
If you have defined an alternative keymap settings file, you can load it by typing the path and file name in the text field, or by clicking on the button on the right-hand side of the text field. Clicking the button will open an Open dialog that allows you to locate an alternative keymap file.
Backspace sends Delete: Select the Backspace sends Delete check box if you want to map the Backspace key to the Delete operation.
Delete Sends Backspace: Select the Delete Sends Backspace check box if you want to map the Delete key to the Backspace operation.
Enter sends CR + LF: Select the Enter sends CR + LF check box if you want to map the Enter key to send the carriage return (CR) and line feed (LF) characters. Otherwise only the line feed character will be sent.
Lock Function Keys: Select the Lock Function Keys check box if you want to lock the function keys.
Line Wrap: Select the Line Wrap check box if you want the text lines to wrap at the terminal window edge. By default, line wrapping is on.
Use Alt as meta key (send Escape): Select the Use Alt as meta key (send Escape) check box if you want the Alt key to function as the meta key in the same way as the Escape key. If this option is selected, you can for example press the Alt+X key combination to simulate the Escape followed by X.
Keypad Mode: Select how you want the numeric keypad on the right-hand side of the regular keyboard to function.
Numeric Keypad: The keypad is used to type numbers.
Application Keypad: The keypad is used for application control (with the keypad keys functioning as cursor keys, Home, End, Page Up, Page Down, Insert and Delete).
The File Transfer tab affects which files are transferred using ASCII mode.
Detect Windows server from the version string: Select this check box to automatically detect Windows servers and use the correct setting for them. For this feature to work correctly, the Windows server has to specify "windows" in its version string.
Unix: Select the Unix check box to use Unix compatible line breaks (LF).
Windows: Select the Windows check box to use Windows compatible line breaks (CRLF).
Ask before ASCII transfer: If you select this check box, the client will ask you to specify the server type before each ASCII file transfer.
In the Favorites Folders tab you can create a list of commonly used directories. These favorites can then be easily selected from a drop-down menu in the file transfer window.
This list contains the favorite folders you have defined for the current connection profile. You can add, remove, and sort the favorites by using Add..., Delete, and the arrow buttons below the list.
If you are defining a remote favorite that is located on a Windows
Secure Shell server, the folder on the Windows server must be specified as
follows: /drive:/folder/subfolder/.
A valid favorite folder definition would be for example
/C:/WINNT/Profiles/username/.
| |
Copyright 
2005 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Contact Information
