EncryptionAlgs Structure/Class

[C]

struct FlowSshC_EncryptionAlgs
{
  byte m_aes256Ctr;
  byte m_aes192Ctr;
  byte m_aes128Ctr;
  byte m_tripleDesCtr;
  byte m_aes256Cbc;
  byte m_aes192Cbc;
  byte m_aes128Cbc;
  byte m_tripleDesCbc;
  byte m_none;
};

[C++]

struct EncryptionAlgs : public FlowSshC_EncryptionAlgs
{
  EncryptionAlgs()
  {
    m_aes256Ctr = m_aes192Ctr = m_aes128Ctr = m_tripleDesCtr = 1;
    m_aes256Cbc = m_aes192Cbc = m_aes128Cbc = m_tripleDesCbc = 1;
    m_none = 0;
  }
};

[C#]

public sealed class EncryptionAlgs
{
  public byte Aes256Ctr;
  public byte Aes192Ctr;
  public byte Aes128Ctr;
  public byte TripleDesCtr;
  public byte Aes256Cbc;
  public byte Aes192Cbc;
  public byte Aes128Cbc;
  public byte TripleDesCbc;
  public byte None;
  
  public EncryptionAlgs()
  {
    Aes256Ctr = Aes192Ctr = Aes128Ctr = TripleDesCtr = 1;
    Aes256Cbc = Aes192Cbc = Aes128Cbc = TripleDesCbc = 1;
    None = 0;
  }
}

Members

  • Aes256Ctr: Priority of "aes256-ctr".
  • Aes192Ctr: Priority of "aes192-ctr".
  • Aes128Ctr: Priority of "aes128-ctr".
  • TripleDesCtr: Priority of "3des-ctr".
  • Aes256Cbc: Priority of "aes256-cbc".
  • Aes192Cbc: Priority of "aes192-cbc".
  • Aes128Cbc: Priority of "aes128-cbc".
  • TripleDesCbc: Priority of "3des-cbc".
  • None: Priority of "none" (no encryption used).

Remarks

The EncryptionAlgs structure/class is used to enable and prioritize or disable various encryption algorithms for the session. The algorithm names should be self-explanatory. Note that all algorithms are available in CTR and CBC mode. CTR mode is somewhat more secure, but the CBC mode is much more ubiquitous, and is required to connect to many servers. For member values the following rules apply:

  • An algorithm is enabled if it holds a non-zero value.
  • Algorithms with lower non-zero values precede algorithms with higher values.
  • Algorithms holding the same non-zero value are ordered by their declaration order.
  • You should NOT enable the "none" algorithm, except strictly for testing purposes. All other algorithms can normally be enabled.

By default, all encryption algorithms are enabled except "none". They are ordered by their declaration order.