Docs: MD5 is forced for SSH-1 key fingerprints.

doc/pageant.but

@@ -86,10 +86,11 @@ fingerprint shown by remote utilities such as \i\c{ssh-keygen} when
 applied to your \c{authorized_keys} file.
 
 \lcont{
-By default this is shown in the \q{SHA256} format. You can change to the
+For SSH-2 keys, by default this is shown in the \q{SHA256} format. You
-older \q{MD5} format (which looks like \c{aa:bb:cc:...}) with the
+can change to the older \q{MD5} format (which looks like \c{aa:bb:cc:...})
-\q{Fingerprint type} drop-down, but bear in mind that this format is
+with the \q{Fingerprint type} drop-down, but bear in mind that this
-less secure and should be avoided for comparison purposes where possible.
+format is less secure and should be avoided for comparison purposes
+where possible.
 
 If some of the keys loaded into Pageant have certificates attached,
 then Pageant will default to showing the fingerprint of the underlying

doc/pubkey.but

@@ -240,9 +240,9 @@ a particular fingerprint. So some utilities, such as the Pageant key
 list box (see \k{pageant-mainwin-keylist}) and the Unix \c{ssh-add}
 utility, will list key fingerprints rather than the whole public key.
 
-By default, PuTTYgen will display fingerprints in the \q{SHA256}
+By default, PuTTYgen will display SSH-2 key fingerprints in the
-format. If you need to see the fingerprint in the older \q{MD5} format
+\q{SHA256} format. If you need to see the fingerprint in the older
-(which looks like \c{aa:bb:cc:...}), you can choose
+\q{MD5} format (which looks like \c{aa:bb:cc:...}), you can choose
 \q{Show fingerprint as MD5} from the \q{Key} menu, but bear in mind
 that this is less cryptographically secure; it may be feasible for
 an attacker to create a key with the same fingerprint as yours.