nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-26 09:42:25 +00:00
Code Issues Projects Releases Wiki Activity

Cross-reference all the host key docs.

Browse Source 
And tweak some of the words a bit.
This commit is contained in:
Jacob Nevins 2016-03-26 17:38:49 +00:00
parent fc77fa0b8b
commit 15386cbe92
4 changed files with 28 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
doc/config.but
View File

@ -2486,11 +2486,12 @@ protection than SSH-2 without rekeys.
\H{config-ssh-hostkey} The Host Keys panel \H{config-ssh-hostkey} The Host Keys panel
The Host Keys panel allows you to configure options related to SSH-2 The Host Keys panel allows you to configure options related to SSH-2
host key management. \i{host key management}.
Host keys are used to prove the server's identity, and assure you that Host keys are used to prove the server's identity, and assure you that
the server is not being spoofed (either by a man-in-the-middle attack the server is not being spoofed (either by a man-in-the-middle attack
or by completely replacing it on the network). or by completely replacing it on the network). See \k{gs-hostkey} for
a basic introduction to host keys.
This entire panel is only relevant to SSH protocol version 2; none of This entire panel is only relevant to SSH protocol version 2; none of
these settings affect SSH-1 at all. these settings affect SSH-1 at all.
@ -2516,11 +2517,16 @@ NIST-standardised elliptic curves.
\b \q{RSA}: the ordinary \i{RSA} algorithm. \b \q{RSA}: the ordinary \i{RSA} algorithm.
If PuTTY already has a host key stored for the server, it will prefer If PuTTY already has one or more host keys stored for the server,
to use the one it already has. If not, it will choose an algorithm it will prefer to use one of those, even if the server has a key
based on the preference order you specify in the configuration. type that is higher in the preference order. You can add such a
key to PuTTY's cache from within an existing session using the
\q{Special Commands} menu; see \k{using-specials}.
If the first algorithm PuTTY finds is below the \q{warn below here} Otherwise, PuTTY will choose a key type based purely on the
preference order you specify in the configuration.
If the first key type PuTTY finds is below the \q{warn below here}
line, you will see a warning box when you make the connection, similar line, you will see a warning box when you make the connection, similar
to that for cipher selection (see \k{config-ssh-encryption}). to that for cipher selection (see \k{config-ssh-encryption}).

2
doc/gs.but
View File

@ -102,6 +102,8 @@ host key. If the system administrator sends you more than one
\I{host key fingerprint}fingerprint, you should make sure the one \I{host key fingerprint}fingerprint, you should make sure the one
PuTTY shows you is on the list, but it doesn't matter which one it is.) PuTTY shows you is on the list, but it doesn't matter which one it is.)
See \k{config-ssh-hostkey} for advanced options for managing host keys.
\# FIXME: this is all very fine but of course in practice the world \# FIXME: this is all very fine but of course in practice the world
doesn't work that way. Ask the team if they have any good ideas for doesn't work that way. Ask the team if they have any good ideas for
changes to this section! changes to this section!

3
doc/index.but
View File

@ -851,7 +851,8 @@ saved sessions from
\IM{logical host name} logical host name \IM{logical host name} logical host name
\IM{logical host name} host name, logical \IM{logical host name} host name, logical
\IM{host key cache}{host key caching policy} host key caching policy \IM{host key cache}{host key management} host key management
\IM{host key cache}{host key management} cache, of SSH host keys
\IM{web browsers} web browser \IM{web browsers} web browser

24
doc/using.but
View File

@ -934,22 +934,22 @@ authentication} box in the Auth panel of the PuTTY configuration box
\S2{using-cmdline-loghost} \i\c{-loghost}: specify a \i{logical host \S2{using-cmdline-loghost} \i\c{-loghost}: specify a \i{logical host
name} name}
This option overrides PuTTY's normal SSH \i{host key caching policy} by This option overrides PuTTY's normal SSH \I{host key cache}host key
telling it the name of the host you expect your connection to end up caching policy by telling it the name of the host you expect your
at (in cases where this differs from the location PuTTY thinks it's connection to end up at (in cases where this differs from the location
connecting to). It can be a plain host name, or a host name followed PuTTY thinks it's connecting to). It can be a plain host name, or a
by a colon and a port number. See \k{config-loghost} for more detail host name followed by a colon and a port number. See
on this. \k{config-loghost} for more detail on this.
\S2{using-cmdline-hostkey} \i\c{-hostkey}: \I{manually configuring \S2{using-cmdline-hostkey} \i\c{-hostkey}: \I{manually configuring
host keys}manually specify an expected host key host keys}manually specify an expected host key
This option overrides PuTTY's normal SSH \i{host key caching policy} by This option overrides PuTTY's normal SSH \I{host key cache}host key
telling it exactly what host key to expect, which can be useful if the caching policy by telling it exactly what host key to expect, which
normal automatic host key store in the Registry is unavailable. The can be useful if the normal automatic host key store in the Registry
argument to this option should be either a host key fingerprint, or an is unavailable. The argument to this option should be either a host key
SSH-2 public key blob. See \k{config-ssh-kex-manual-hostkeys} for more fingerprint, or an SSH-2 public key blob. See
information. \k{config-ssh-kex-manual-hostkeys} for more information.
You can specify this option more than once if you want to configure You can specify this option more than once if you want to configure
more than one key to be accepted. more than one key to be accepted.