Encryption Pane

Getting there

The options are:

 

Ciphers

Specify which ciphers the server allows for encrypting the session. The cipher used for a given session is the cipher highest in the client's order of preference that is also supported by the server.

Caution: Enable None for testing purposes only. When no cipher is used, data is transmitted as clear text.

 

MACs

Specify which MACs (hashed message authentication codes) the server allows for verifying data integrity. The MAC used for a given session is the MAC highest in the client's order of preference that is also supported by the server.

Caution: Enable None for testing purposes only. When no MAC is used, data is transmitted without integrity checking.

 

Compression

Specify which compression options the server allows. The options are No Compression or Compression using zlib. The compression used for a given connection is negotiated between the server and client. Compression is desirable on modem lines and other slow connections, but will slow down response rates on fast networks. Compression also adds extra randomness to the packet, making it harder for a malicious person to decrypt the packet.

 

Use only FIPS-140 certified cryptography algorithms

When selected, allows only those algorithms that meet FIPS 140-2 standards.

Note: You need to restart the server after changing this setting for the change to take effect.

Related Topics

Data Encryption

Data Integrity

Federal Information Processing Standard (FIPS)