PuTTY compression for SSH 2

Solution 1:

Typically the security problem with TLS and compression involves a typical web browser, or other scenario where an attacker can cause network traffic to be generated (e.g., with JavaScript). That's because an attacker can modify other data in the connection, and determine the value of secret data, such as a cookie or other credential, based on how well the result compresses.

Whether this is a problem in SSH as well depends on what you're doing with it and whether a similar scenario can occur. In general, for most interactive uses (e.g., working at a shell or in a text editor), compression is not very helpful, since you're sending a large number of small packets which you want to arrive quickly, and you're not going to see appreciably better changes by enabling compression. Thus, there's no point in enabling it here.

The time compression might be useful is if you're sending large bulk data transfers where the data tends to be redundant and isn't already compressed. This isn't very likely to fall into the same kinds of security problems as mentioned above, so it's probably okay. However, if you have a reasonably fast network connection between the two machines, it might not make that much of a difference, and if you want to avoid any hint of a security problem, you can just not enable it.