nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Code Issues Projects Releases Wiki Activity

Tweak another certified-host-key-prompt.

Browse Source 
Like 5f3b743eb0, specifically reassure the user that taking the
add-to-cache action will not cause the CA that signed the key to be
trusted in any wider context, in the case where there was no previous
certified key cached. (I don't know why I missed this out before.)
This commit is contained in:
Jacob Nevins 2022-11-06 01:56:20 +00:00
parent 68db3d195d
commit 9209c7ea38
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ssh/common.c
View File

@ -1023,6 +1023,12 @@ SeatPromptResult verify_ssh_host_key(
text, SDT_PARA, "If you trust this host, %s to add the key to "
"%s's cache and carry on connecting.",
pds->hk_accept_action, appname);
if (key && ssh_key_alg(key)->is_certificate) {
seat_dialog_text_append(
text, SDT_PARA, "(Storing this certified key in the cache "
"will NOT cause its certification authority to be trusted "
"for any other key or host.)");
}
seat_dialog_text_append(
text, SDT_PARA, "If you want to carry on connecting just once, "
"without adding the key to the cache, %s.",