From 2a6e2dfff43d8f28b5f56b3ae8c5c8fda44172a8 Mon Sep 17 00:00:00 2001 From: Jacob Nevins Date: Wed, 19 Jul 2023 17:15:23 +0100 Subject: [PATCH] Make it clearer that detached SSH cert is optional. Someone just asked us a question which suggests they might have thought they need to supply both files in the 'Public-key authentication' box in the config dialog, to use public-key authentication at all. I can see why someone might think that, anyway. --- config.c | 3 ++- doc/config.but | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/config.c b/config.c index e0c11916..f756f8e6 100644 --- a/config.c +++ b/config.c @@ -2917,7 +2917,8 @@ void setup_config_box(struct controlbox *b, bool midsession, FILTER_KEY_FILES, false, "Select private key file", HELPCTX(ssh_auth_privkey), conf_filesel_handler, I(CONF_keyfile)); - ctrl_filesel(s, "Certificate to use with the private key:", 'e', + ctrl_filesel(s, "Certificate to use with the private key " + "(optional):", 'e', NULL, false, "Select certificate file", HELPCTX(ssh_auth_cert), conf_filesel_handler, I(CONF_detached_cert)); diff --git a/doc/config.but b/doc/config.but index 1990a92a..8b3191fa 100644 --- a/doc/config.but +++ b/doc/config.but @@ -3033,6 +3033,9 @@ PuTTY can't fall back to using this file itself. \S{config-ssh-cert} \q{\ii{Certificate} to use with the private key} +(This is optional. If you don't know you need it, you can leave this +blank.) + In some environments, user authentication keys can be signed in turn by a \q{certifying authority} (\q{CA} for short), and user accounts on an SSH server can be configured to automatically trust any key that's