nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Code Issues Projects Releases Wiki Activity

Draft FAQ entries for the spoofing defences.

Browse Source
This commit is contained in:
Simon Tatham 2019-03-15 07:15:33 +00:00
parent 514796b7e4
commit 31b4c6ad9c
1 changed files with 50 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
doc/faq.but
View File

@ -423,6 +423,56 @@ You can ask PuTTY to delete all this data; see \k{faq-cleanup}.
On Unix, PuTTY stores all of this data in a directory \cw{~/.putty}
by default.
\S{faq-trust-sigils} Why do small PuTTY icons appear next to the login
prompts?
As of PuTTY 0.71, some lines of text in the terminal window are marked
with a small copy of the PuTTY icon (as far as pixels allow).
This is to show trustworthiness. When the PuTTY icon appears next to a
line of text, it indicates that that line of text was generated by
PuTTY itself, and not generated by the server and sent to PuTTY.
Text that comes from the server does not have this icon, and we've
arranged that the server should not be able to fake it. (There's no
control sequence the server can send which will make PuTTY draw its
own icon, and if the server tries to move the cursor back up to a line
that \e{already} has an icon and overwrite the text, the icon will
disappear.)
This lets you tell the difference between (for example) a legitimate
prompt in which PuTTY itself asks you for your private key passphrase,
and a fake prompt in which the server tries to send the identical text
to trick you into telling \e{it} your private key passphrase.
\S{faq-plink-pause} Why has Plink started saying \q{Press Return to
begin session}?
As of PuTTY 0.71, if you use Plink for an interactive SSH session,
then after the login phase has finished, it will present a final
interactive prompt saying \q{Access granted. Press Return to begin
session}.
This is another defence against servers trying to mimic the real
authentication prompts after the session has started. When you pass
through that prompt, you know that everything after it is generated by
the server and not by Plink itself, so any request for your private
key passphrase should be treated with suspicion.
In Plink, we can't use the defence described in \k{faq-trust-sigils}:
Plink is running \e{in} the terminal, so anything it can write into
the terminal, the server could write in the same way after the session
starts. And we can't just print a separator line without a pause,
because then the server could simply move the cursor back up to it and
overwrite it (probably with a brief flicker, but you might easily miss
that). The only robust defence anyone has come up with involves this
pause.
If you trust your server not to be abusive, you can turn this off. It
will also not appear in various other circumstances where Plink can be
confident it isn't necessary. See \k{plink-option-antispoof} for
details.
\H{faq-howto} HOWTO questions
\S{faq-login}{Question} What login name / password should I use?