mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-10 01:48:00 +00:00
Merge misc docs improvements from branch 'pre-0.64'.
This commit is contained in:
Jacob Nevins
commit
5ffb20e4bf
@ -1758,7 +1758,9 @@ logical host name, you can arrange that PuTTY will not keep asking
|
||||
you to reconfirm its host key. Conversely, if you expect to use the
|
||||
same local port number for port forwardings to lots of different
|
||||
servers, you probably didn't want any particular server's host key
|
||||
cached under that local port number.
|
||||
cached under that local port number. (For this latter case, you
|
||||
could also explicitly configure host keys in the relevant sessions;
|
||||
see \k{config-ssh-kex-manual-hostkeys}.)
|
||||
|
||||
If you just enter a host name for this option, PuTTY will cache the
|
||||
SSH host key under the default SSH port for that host, irrespective
|
||||
@ -2339,8 +2341,6 @@ special case is that PSCP and PSFTP will \e{never} act as upstreams.
|
||||
|
||||
\H{config-ssh-kex} The Kex panel
|
||||
|
||||
\# FIXME: This whole section is draft. Feel free to revise.
|
||||
|
||||
The Kex panel (short for \q{\i{key exchange}}) allows you to configure
|
||||
options related to SSH-2 key exchange.
|
||||
|
||||
@ -2486,6 +2486,11 @@ that situation, you will probably want to use the \cw{-hostkey}
|
||||
command-line option to configure the expected host key(s); see
|
||||
\k{using-cmdline-hostkey}.
|
||||
|
||||
For situations where PuTTY's automated host key management simply
|
||||
picks the wrong host name to store a key under, you may want to
|
||||
consider setting a \q{logical host name} instead; see
|
||||
\k{config-loghost}.
|
||||
|
||||
To configure manual host keys via the GUI, enter some text describing
|
||||
the host key into the edit box in the \q{Manually configure host keys
|
||||
for this connection} container, and press the \q{Add} button. The text
|
||||
@ -2704,10 +2709,12 @@ This key must be in PuTTY's native format (\c{*.\i{PPK}}). If you have a
|
||||
private key in another format that you want to use with PuTTY, see
|
||||
\k{puttygen-conversions}.
|
||||
|
||||
If a key file is specified here, and \i{Pageant} is running (see
|
||||
\k{pageant}), PuTTY will first try asking Pageant to authenticate with
|
||||
that key, and ignore any other keys Pageant may have. If that fails,
|
||||
PuTTY will ask for a passphrase as normal.
|
||||
You can use the authentication agent \i{Pageant} so that you do not
|
||||
need to explicitly configure a key here; see \k{pageant}. If a file
|
||||
is specified here with Pageant running, PuTTY will first try asking
|
||||
Pageant to authenticate with that key, and ignore any other keys
|
||||
Pageant may have. If that fails, PuTTY will ask for a passphrase as
|
||||
normal.
|
||||
|
||||
\H{config-ssh-auth-gssapi} The \i{GSSAPI} panel
|
||||
|
||||
@ -2892,8 +2899,8 @@ PuTTY in a variety of ways, such as \cw{true}/\cw{false},
|
||||
The X11 panel allows you to configure \i{forwarding of X11} over an
|
||||
SSH connection.
|
||||
|
||||
If your server lets you run X Window System applications, X11
|
||||
forwarding allows you to securely give those applications access to
|
||||
If your server lets you run X Window System \i{graphical applications},
|
||||
X11 forwarding allows you to securely give those applications access to
|
||||
a local X display on your PC.
|
||||
|
||||
To enable X11 forwarding, check the \q{Enable X11 forwarding} box.
|
||||
@ -3214,6 +3221,29 @@ ignore messages. If this bug is enabled when talking to a correct
|
||||
server, the session will succeed, but keepalives will not work and
|
||||
the session might be less cryptographically secure than it could be.
|
||||
|
||||
\S{config-ssh-bug-winadj} \q{Chokes on PuTTY's SSH-2 \cq{winadj} requests}
|
||||
|
||||
\cfg{winhelp-topic}{ssh.bugs.winadj}
|
||||
|
||||
PuTTY sometimes sends a special request to SSH servers in the middle
|
||||
of channel data, with the name \cw{winadj@putty.projects.tartarus.org}
|
||||
(see \k{sshnames-channel}). The purpose of this request is to measure
|
||||
the round-trip time to the server, which PuTTY uses to tune its flow
|
||||
control. The server does not actually have to \e{understand} the
|
||||
message; it is expected to send back a \cw{SSH_MSG_CHANNEL_FAILURE}
|
||||
message indicating that it didn't understand it. (All PuTTY needs for
|
||||
its timing calculations is \e{some} kind of response.)
|
||||
|
||||
It has been known for some SSH servers to get confused by this message
|
||||
in one way or another \dash because it has a long name, or because
|
||||
they can't cope with unrecognised request names even to the extent of
|
||||
sending back the correct failure response, or because they handle it
|
||||
sensibly but fill up the server's log file with pointless spam, or
|
||||
whatever. PuTTY therefore supports this bug-compatibility flag: if it
|
||||
believes the server has this bug, it will never send its
|
||||
\cq{winadj@putty.projects.tartarus.org} request, and will make do
|
||||
without its timing data.
|
||||
|
||||
\S{config-ssh-bug-hmac2} \q{Miscomputes SSH-2 HMAC keys}
|
||||
|
||||
\cfg{winhelp-topic}{ssh.bugs.hmac2}
|
||||
@ -3320,29 +3350,6 @@ send an over-sized packet. If this bug is enabled when talking to a
|
||||
correct server, the session will work correctly, but download
|
||||
performance will be less than it could be.
|
||||
|
||||
\S{config-ssh-bug-winadj} \q{Chokes on PuTTY's SSH-2 \cq{winadj} requests}
|
||||
|
||||
\cfg{winhelp-topic}{ssh.bugs.winadj}
|
||||
|
||||
PuTTY sometimes sends a special request to SSH servers in the middle
|
||||
of channel data, with the name \cw{winadj@putty.projects.tartarus.org}
|
||||
(see \k{sshnames-channel}). The purpose of this request is to measure
|
||||
the round-trip time to the server, which PuTTY uses to tune its flow
|
||||
control. The server does not actually have to \e{understand} the
|
||||
message; it is expected to send back a \cw{SSH_MSG_CHANNEL_FAILURE}
|
||||
message indicating that it didn't understand it. (All PuTTY needs for
|
||||
its timing calculations is \e{some} kind of response.)
|
||||
|
||||
It has been known for some SSH servers to get confused by this message
|
||||
in one way or another \dash because it has a long name, or because
|
||||
they can't cope with unrecognised request names even to the extent of
|
||||
sending back the correct failure response, or because they handle it
|
||||
sensibly but fill up the server's log file with pointless spam, or
|
||||
whatever. PuTTY therefore supports this bug-compatibility flag: if it
|
||||
believes the server has this bug, it will never send its
|
||||
\cq{winadj@putty.projects.tartarus.org} request, and will make do
|
||||
without its timing data.
|
||||
|
||||
\S{config-ssh-bug-chanreq} \q{Replies to requests on closed channels}
|
||||
|
||||
\cfg{winhelp-topic}{ssh.bugs.chanreq}
|
||||
|
||||
@ -89,7 +89,7 @@ and down by pressing \i{Shift-PgUp} and \i{Shift-PgDn}. You can
|
||||
scroll a line at a time using \i{Ctrl-PgUp} and \i{Ctrl-PgDn}. These
|
||||
are still available if you configure the scrollbar to be invisible.
|
||||
|
||||
By default the last 200 lines scrolled off the top are
|
||||
By default the last 2000 lines scrolled off the top are
|
||||
preserved for you to look at. You can increase (or decrease) this
|
||||
value using the configuration box; see \k{config-scrollback}.
|
||||
|
||||
@ -328,10 +328,10 @@ information.)
|
||||
\H{using-x-forwarding} Using \i{X11 forwarding} in SSH
|
||||
|
||||
The SSH protocol has the ability to securely forward X Window System
|
||||
applications over your encrypted SSH connection, so that you can run
|
||||
an application on the SSH server machine and have it put its windows
|
||||
up on your local machine without sending any X network traffic in
|
||||
the clear.
|
||||
\i{graphical applications} over your encrypted SSH connection, so that
|
||||
you can run an application on the SSH server machine and have it put
|
||||
its windows up on your local machine without sending any X network
|
||||
traffic in the clear.
|
||||
|
||||
In order to use this feature, you will need an X display server for
|
||||
your Windows machine, such as Cygwin/X, X-Win32, or Exceed. This will probably
|
||||
@ -368,12 +368,12 @@ For more options relating to X11 forwarding, see \k{config-ssh-x11}.
|
||||
|
||||
\H{using-port-forwarding} Using \i{port forwarding} in SSH
|
||||
|
||||
The SSH protocol has the ability to forward arbitrary \i{network
|
||||
connection}s over your encrypted SSH connection, to avoid the network
|
||||
traffic being sent in clear. For example, you could use this to
|
||||
connect from your home computer to a \i{POP-3} server on a remote
|
||||
machine without your POP-3 password being visible to network
|
||||
sniffers.
|
||||
The SSH protocol has the ability to forward arbitrary \I{network
|
||||
connection}network (TCP) connections over your encrypted SSH
|
||||
connection, to avoid the network traffic being sent in clear. For
|
||||
example, you could use this to connect from your home computer to a
|
||||
\i{POP-3} server on a remote machine without your POP-3 password being
|
||||
visible to network sniffers.
|
||||
|
||||
In order to use port forwarding to \I{local port forwarding}connect
|
||||
from your local machine to a port on a remote server, you need to:
|
||||
|
||||
Loading…
Reference in New Issue
Block a user