1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-06-30 11:02:48 -05:00
Commit Graph

612 Commits

Author SHA1 Message Date
4782d0db91 Cross-reference Event Log and logfile docs. 2016-03-25 13:15:43 +00:00
bb6dd987ee Rewrite the FAQ entry about the MacOS port. 2016-03-25 08:46:34 +00:00
45bea43adf Document pageant interoperability with OpenSSH etc 2016-03-19 23:43:21 +00:00
cbf6a22994 Clarify Unix Pageant passphrase prompting docs.
Terminal prompting takes precedence over GUI prompting, so explicitly
state that in the docs.
2016-03-19 23:43:21 +00:00
a3529a474c Use more modern example keys in Pageant docs. 2016-03-19 23:43:21 +00:00
4b8a86b1ac Fix typo in pageant(1). 2016-03-19 23:43:21 +00:00
2aa8d81c2d Document that -i etc now accept public key files.
(This was added in 4204a53.)
2016-03-19 23:43:21 +00:00
91653a10c6 Fix punctuation in public key docs. 2016-03-19 23:43:21 +00:00
0fadffe0cb Add command-line passphrase-file options to command-line PuTTYgen.
Patch due to Colin Watson.

Putting the passphrase in a file avoids exposing it to 'ps' which can
print out every process's command line, while at the same time not
being as platform-specific as the approach of providing an fd number
(since cmdgen.c is in principle a potential cross-platform PuTTYgen,
not just a Unix one, which is why it's not in the 'unix' directory).

Of course it introduces its own risks if someone can read the file
from your disk after you delete it; probably the best approach to
avoiding this, if possible, is to point the option at a file on an
in-memory tmpfs type file system. Or better still, use bash-style
/dev/fd options such as

  puttygen --new-passphrase <(echo -n "my passphrase") [options]

Failing that, try a secure file-wipe utility, as the man page change
mentions.

(And a use case not to be overlooked, of course, is the one where you
actually want to generate an unprotected key - in which case, just
pass /dev/null as the filename.)
2016-03-17 18:55:57 +00:00
984fe3dde8 Merge branch 'pre-0.67' 2016-02-29 19:59:59 +00:00
830b7f8898 Update version number for 0.67 release. 2016-02-29 19:59:59 +00:00
29e8c24f90 Remove spurious -shareexists reference in Plink docs.
That option does exist, but only on master; it was not in the 0.66
release. It turned up by mistake when I updated the documentation copy
of the Plink online help while preparing the 0.66 release, because I
ran plink from the wrong branch.

The new release automation should stop that kind of mistake from
happening in future.
2016-02-29 19:59:37 +00:00
5ee166aab6 Mention the new Secure Contact Key in the GPG docs appendix.
The reporter of vuln-pscp-sink-sscanf asked for a key to encrypt the
vulnerability report with, and having generated one, it seemed like a
good idea to make it part of the official PuTTY GPG key set and
publish it for the next person to use.
2016-02-29 19:59:37 +00:00
329cd91959 Autogenerate licence text in doc subdir from LICENCE.
Now we have licence.pl, it seems to me to make very good sense to have
it generate the Halibut form(s) of the licence and copyright year as
well as the source-code forms.

As a result, I believe _no_ copies of the licence text or copyright
date exist any more except for the master one in LICENCE - so I can
completely remove the checklist section about all the places to update
it, because there's only one. Hooray!

(cherry picked from commit 774d37a0dc)

Conflicts:
	doc/licence.but

(cherry-picker's note: the conflict was just because the deleted file
didn't have identical contents)
2016-02-29 19:59:35 +00:00
906f8ed262 Document 'Cannot assign requested address' error.
Often it means you tried to connect to port 0.

(cherry picked from commit c4f963ebd7)
2016-02-29 19:59:33 +00:00
ac9862ec91 Rationalise and document log options somewhat.
TOOLTYPE_NONNETWORK (i.e. pterm) already has "-log" (as does Unix
PuTTY), so there's no sense suppressing the synonym "-sessionlog".

Undocumented lacunae that remain:

plink accepts -sessionlog, but does nothing with it. Arguably it should.

puttytel accepts -sshlog/-sshrawlog (and happily logs e.g. Telnet
negotiation, as does PuTTY proper).

(cherry picked from commit a454399ec8)

Conflicts:
	unix/uxplink.c
	windows/winplink.c

(cherry-picker's notes: the conflict was only contextual, in the Plink
help output)
2016-02-29 19:59:32 +00:00
774d37a0dc Autogenerate licence text in doc subdir from LICENCE.
Now we have licence.pl, it seems to me to make very good sense to have
it generate the Halibut form(s) of the licence and copyright year as
well as the source-code forms.

As a result, I believe _no_ copies of the licence text or copyright
date exist any more except for the master one in LICENCE - so I can
completely remove the checklist section about all the places to update
it, because there's only one. Hooray!
2015-12-22 13:33:42 +00:00
c4f963ebd7 Document 'Cannot assign requested address' error.
Often it means you tried to connect to port 0.
2015-11-21 12:21:31 +00:00
a454399ec8 Rationalise and document log options somewhat.
TOOLTYPE_NONNETWORK (i.e. pterm) already has "-log" (as does Unix
PuTTY), so there's no sense suppressing the synonym "-sessionlog".

Undocumented lacunae that remain:

plink accepts -sessionlog, but does nothing with it. Arguably it should.

puttytel accepts -sshlog/-sshrawlog (and happily logs e.g. Telnet
negotiation, as does PuTTY proper).
2015-11-08 11:58:45 +00:00
8fdeb3a95c Merge tag '0.66'
This brings in the rest of the 0.66 branch, including some changes new
on master.

Conflicts:
        doc/plink.but
        sshrsa.c

(The conflicts were both trivial: in one, the addition of an extra
parameter to rsa2_newkey on master happened on the line next to 0.66's
addition of a check for NULL return value, and in the other, I'd got
the version number in the plink -h transcript messed up on master.)
2015-11-07 09:54:05 +00:00
07af4ed100 Update version number for 0.66 release. 2015-11-07 09:53:03 +00:00
986b8f87be Document the new session-logging command line options.
If I'm going to announce them as a feature in 0.66, it would be
embarrassing to forget to mention them in the documentation.
2015-11-07 09:53:03 +00:00
7552ddb002 PuTTYgen's default hasn't been 1024 bits since 0.63.
(cherry picked from commit 9f9d72ec58)
2015-10-29 09:27:55 +00:00
72b659cb72 Add a FAQ for 'checksum mismatch' reports.
The aim is to try to reduce the incidence of the two least helpful
classes of those reports: the ones which have just got mismatched
checksum files, and the ones which don't tell us the information that
would help.

(cherry picked from commit 8ff3b22243)
2015-10-29 09:27:53 +00:00
48eafd66aa Update docs/usage for 'plink -shareexists'. 2015-10-22 01:48:35 +01:00
9dd9860cc8 Update docs for Ed25519 and ChaCha20-Poly1305. 2015-10-22 01:48:02 +01:00
9f9d72ec58 PuTTYgen's default hasn't been 1024 bits since 0.63. 2015-10-22 01:46:28 +01:00
4252cdbd82 Key rollover: cut and paste errors in pgpkeys.but.
What should have been links to the old DSA keys were actually a second
copy of the links to the old RSA ones. Ahem.

(cherry picked from commit b62af0f40a)
2015-10-17 17:30:17 +01:00
a063e52297 Key rollover: rewrite the PGP keys manual appendix.
This gives pride of place to the new set of keys we've recently
generated, and relegates the old ones to an afterthought.

(cherry picked from commit bb68baf53b)
2015-10-17 17:30:17 +01:00
417421cace New formatting directive in logfile naming: &P for port number.
Users have requested this from time to time, for distinguishing log
file names when there's more than one SSH server running on different
ports of the same host. Since we do take account of that possibility
in other areas (e.g. we cache host keys indexed by (host,port) rather
than just host), it doesn't seem unreasonable to do so here too.

(cherry picked from commit 0550943b51)
2015-10-17 17:30:17 +01:00
b62af0f40a Key rollover: cut and paste errors in pgpkeys.but.
What should have been links to the old DSA keys were actually a second
copy of the links to the old RSA ones. Ahem.
2015-09-03 19:04:26 +01:00
bb68baf53b Key rollover: rewrite the PGP keys manual appendix.
This gives pride of place to the new set of keys we've recently
generated, and relegates the old ones to an afterthought.
2015-09-02 18:50:49 +01:00
b8dd15b8ff Stop using abs(unsigned) in X11 time comparison.
The validation end of XDM-AUTHORIZATION-1 needs to check that two
time_t values differ by at most XDM_MAXSKEW, which it was doing by
subtracting them and passing the result to abs(). This provoked a
warning from OS X's clang, on the reasonable enough basis that the
value passed to abs was unsigned.

Fixed by using the (well defined) unsigned arithmetic wraparound: to
check that the mathematical difference of two unsigned numbers is in
the interval [-k,+k], compute their difference _plus k_ as an
unsigned, and check the result is in the interval [0,2k] by doing an
unsigned comparison against 2k.
2015-08-27 18:44:51 +01:00
8ff3b22243 Add a FAQ for 'checksum mismatch' reports.
The aim is to try to reduce the incidence of the two least helpful
classes of those reports: the ones which have just got mismatched
checksum files, and the ones which don't tell us the information that
would help.
2015-08-09 21:18:27 +01:00
0550943b51 New formatting directive in logfile naming: &P for port number.
Users have requested this from time to time, for distinguishing log
file names when there's more than one SSH server running on different
ports of the same host. Since we do take account of that possibility
in other areas (e.g. we cache host keys indexed by (host,port) rather
than just host), it doesn't seem unreasonable to do so here too.
2015-08-08 13:35:44 +01:00
b266d671ac Merge tag '0.65' 2015-07-25 10:55:34 +01:00
7cfe83f791 Bump version number for 0.65 release. 2015-07-25 10:54:57 +01:00
51ee4eb144 Divide the Bugs panel in half.
It overflowed as a result of the previous commit.

(cherry picked from commit 84e239dd88)
2015-06-20 09:31:55 +01:00
318076a183 Support RFC 4419.
PuTTY now uses the updated version of Diffie-Hellman group exchange,
except for a few old OpenSSH versions which Darren Tucker reports only
support the old version.

FIXME: this needs further work because the Bugs config panel has now
overflowed.

(cherry picked from commit 62a1bce7cb)
2015-06-20 09:31:55 +01:00
74f50c9f21 Move kh2reg.py link from svn to git.
(cherry picked from commit 06d2fb5b37)
2015-06-20 09:31:54 +01:00
5ea2f3065e Unix Pageant: man page and online help.
I think Unix Pageant is now more or less usable, though of course I
wouldn't blame anyone for sticking with other SSH agent solutions.
2015-05-19 18:24:04 +01:00
84e239dd88 Divide the Bugs panel in half.
It overflowed as a result of the previous commit.
2015-04-25 10:54:18 +01:00
62a1bce7cb Support RFC 4419.
PuTTY now uses the updated version of Diffie-Hellman group exchange,
except for a few old OpenSSH versions which Darren Tucker reports only
support the old version.

FIXME: this needs further work because the Bugs config panel has now
overflowed.
2015-04-25 10:54:18 +01:00
06d2fb5b37 Move kh2reg.py link from svn to git. 2015-03-01 12:27:27 +00:00
80bd6a01aa Minimal documentation for ECDSA/ECDH support. 2015-02-28 19:08:15 +00:00
808e414130 Merge branch 'pre-0.64' 2015-02-28 07:57:58 +00:00
2713396c91 Bump version number for 0.64 release. 2015-02-28 07:57:35 +00:00
ced3a46c3f Merge branch 'pre-0.64' 2015-01-18 14:50:20 +00:00
8dedf59080 Remove user-key-oriented advice from host key docs.
It would be rare to have a host keypair in .ppk format or on a client
machine to load into PuTTYgen, and it might confuse people into thinking
they are required to do so.
2015-01-18 14:50:08 +00:00
5904545cc1 Merge branch 'pre-0.64' 2015-01-05 23:49:25 +00:00