* All the PuTTY tools for Windows and Unix now contain the fingerprints of
the Master Keys. The method for accessing them is crude but universal:
a new "-pgpfp" command-line option. (Except Unix PuTTYgen, which takes
"--pgpfp" just to be awkward.)
* Move the key policy discussion from putty-website/keys.html to
putty/doc/pgpkeys.but, and autogenerate the former from the latter.
Also tweak the text somewhat and include the fingerprints of the
Master Keys themselves.
(I've merged the existing autogeneration scripts into a single new
one; I've left the old scripts and keys.html around until such time
as the webmonster reviews the changes and plumbs in the new script;
he should remove the old files then.)
[originally from svn r5524]
[this svn revision also touched putty-website]
discussed. Use Barrett and Silverman's convention of "SSH-1" for SSH protocol
version 1 and "SSH-2" for protocol 2 ("SSH1"/"SSH2" refer to ssh.com
implementations in this scheme). <http://www.snailbook.com/terms.html>
[originally from svn r5480]
single most frequently asked thing which isn't in the FAQ (it's in
feedback.but instead), so let's add it. I'm uncertain that the
people who mail us asking things like `how do I read my email' and
`how do I access $database' will successfully recognise this more
general question as one which includes their specific one, but it's
worth a try.
[originally from svn r5451]
I wanted to get to -- "software caused connection abort" and friends --
are going to be more involved (probably requiring some cross-platform
notion of help contexts), and these ones hardly seem worth the effort.
Still, I've done it now.
Side-effect: Pageant now uses the same `hinst' and `hwnd' globals as
everything else. Tested basic functionality.
[originally from svn r5417]
appropriate context help, iff the help file is present. (Shame it's prey to
`winhelp-crash'.)
(I've perpetrated a widening of visibility of `hwnd'; the alternative, putting
it into a frontend handle, seemed too likely to cause maintenance trouble if
we don't also _use_ that frontend handle everywhere we now use the global
`hwnd'.)
[originally from svn r5309]
Note default circumstances of cipher warning. (I haven't bothered with the
similar kex warning since it doesn't come up in the default configuration,
and is in any case unlikely to be common.)
[originally from svn r5302]
particular, mention that doing an SCP wildcard download into a clean
directory is adequate protection against a malicious server trying
to overwrite your files.
[originally from svn r5279]
disabling the former is much more useful, and much safer, than disabling the
latter. The new wording on data-based rekeys might need some polishing.
[originally from svn r5222]
deal with rekeys at all: they totally ignore mid-session KEXINIT
sent by the client. Hence, a new bug entry so we don't try it.
[originally from svn r5092]
on a local port), the `Auto' protocol option on the Tunnels panel
should always produce a port you can connect to in _either_ of IPv4
and v6, because the aim is for the user not to have to know or care
which one they're using. This was not the case on Windows, and now
is. Also, updated the docs to give more detail on issues like this.
[originally from svn r5083]
of polishing to bring them to what I think should in principle be
release quality. Unlike the unfix.org patches themselves, this
checkin enables IPv6 by default; if you want to leave it out, you
have to build with COMPAT=-DNO_IPV6.
I have tested that this compiles on Visual C 7 (so the nightlies
_should_ acquire IPv6 support without missing a beat), but since I
don't have IPv6 set up myself I haven't actually tested that it
_works_. It still seems to make correct IPv4 connections, but that's
all I've been able to verify for myself. Further testing is needed.
[originally from svn r5047]
[this svn revision also touched putty-wishlist]
Change Settings, the port forwarding setup function is run again,
and tags all existing port forwardings as `do not keep'. Then it
iterates through the config in the normal way; when it encounters a
port forwarding which is already in the tree, it tags it `keep'
rather than setting it up from scratch. Finally, it goes through the
tree and removes any that haven't been labelled `keep'. Hence,
editing the list of forwardings in Change Settings has the effect of
cancelling any forwardings you remove, and adding any new ones.
The SSH panel now appears in the reconfig box, and is empty apart
from a message explaining that it has to be there for subpanels of
it to exist. Better wording for this message would be welcome.
[originally from svn r5030]
(which will gain more content anon).
Retire BUG_SSH2_DH_GEX and add a backwards-compatibility wart, since we never
did find a way of automatically detecting this alleged server bug, and in any
case there was only ever one report (<3D91F3B5.7030309@inwind.it>, FWIW).
Also generalise askcipher() to a new askalg() (thus touching all the
front-ends).
I've made some attempt to document what SSH key exchange is and why you care,
but it could use some review for clarity (and outright lies).
[originally from svn r5022]
- document behaviour of "-r" with mget/mput/reget/reput
- document "close" command
- document SFTP wildcard syntax for those who may not be familiar with Unix
wildcards
[originally from svn r5004]
results in unacceptable performance for him on Win2000. Add a checkbox to
revert to the old behaviour.
[originally from svn r4988]
[this svn revision also touched putty-wishlist]
which pretty much any module can call to request a call-back in the
future. So terminal.c can do its own handling of blinking, visual
bells and deferred screen updates, without having to rely on
term_update() being called 50 times a second (fixes: pterm-timer);
and ssh.c and telnet.c both invoke a new module pinger.c which takes
care of sending keepalives, so they get sent uniformly in all front
ends (fixes: plink-keepalives, unix-keepalives).
[originally from svn r4906]
[this svn revision also touched putty-wishlist]
binary out of the PuTTY docs Makefile. Instead, I expect to find
Halibut as simply `halibut' on the PATH, and anyone who doesn't have
it there can always do `make HALIBUT=/path/to/halibut'.
[originally from svn r4895]
unwritten design principles, so would-be contributors won't have to
either read our minds or pay _very_ close attention to the code.
[originally from svn r4815]
that in turn was confusing the new doc/Makefile mechanism. Fixed the
former, and also put an additional safeguard in the latter in a
belt-and-braces sort of fashion.
[originally from svn r4806]
line for every single .but file at the bottom of each page of the
HTML PuTTY docs. However, we can't _always_ replace that with a
single SVN revision, because there isn't always one available (SVN
still allows mixed working copies in which some files are
deliberately checked out against a different revision).
Hence, here's a mechanism for doing better. It uses `svnversion .'
to determine _whether_ a single revision number adequately describes
the current directory, and replaces all the version IDs with that if
so. If it can't do that, it uses the version IDs as before.
Also, this allows an explicit version string to be passed on the
make command line which will override _both_ these possibilities, so
that release documentation can be clearly labelled with the release
version number.
[originally from svn r4804]
[originally from svn r4788]
[this svn revision also touched bmbm,caltrap,charset,enigma,filter,fonts,golem,grunge,halibut,html,lj,local,misc,polyhedra,putty-website,putty-wishlist,puzzles,pycee,sdlgames,svn-tools,timber,tweak]
I've done this by centralising information about newsgroups in feedback.but
and linking to that from elsewhere; I've also put in a link to Google Groups.
[originally from svn r4781]
This is mainly intended to make the documentation suitable for including in
distributions such as the Debian package, but won't be amiss on the web site
docs. It will look a bit out of place in the .HLP, but never mind.
[originally from svn r4690]
- change click-by-click advice on modifying saved sessions
- add `Restart Session' as another reason you might not want to close the
window on exit; other tweaks to this language
- mention Shift-Backspace action
- the window resizing configuration documentation was completely out of
date; rewrite
- add a note about Default Bold Background since it's caused confusion
- "remote terminal" -> "remote system" in terminal-type doc
[originally from svn r4686]
- soften language around changing-username-during-login section; with SSH-2
this is a misfeature of implementations rather than the protocol itself
- tweak new-host-key dialog text
[originally from svn r4681]
variables. It was no longer true (given that we support them in SSH-2 now),
and the new situation was probably too complex to explain in an introductory
chapter. And the utility of setting them seems to be marginal these days given
the lack of server support.
[originally from svn r4679]
(in the Windows version), and hopefully to clarify distinction between line
charset and local font, which has occasionally foxed me.
Cross-reference the Translation panel reference section from the intro
section in using.but and mention line-drawing characters there also.
[originally from svn r4654]
of the SSH servers I conveniently have access to (Debian stable OpenSSH --
3.4p1 -- and lshd) seem to take a blind bit of notice, but the channel
requests look fine to me in the packet log.
I've included all the signals explicitly defined by
draft-ietf-secsh-connect-19, but I've put the more obscure ones in a submenu
of the specials menu; there's therefore been some minor upheaval to support
such submenus.
[originally from svn r4652]
into the Connection panel, and implemented support for the SSH2
"env" request. (I haven't yet found a server which accepts this
request, so although I've visually checked the packet log and it
looks OK, I haven't yet been able to do a full end-to-end test.)
Also, the `pty' backend reads this data and does a series of
`putenv' commands before launching the shell or application.
This is mostly because in last week's UTF-8 faffings I got
thoroughly sick of typing `export LANG=en_GB.UTF-8' every time I
started a new testing pterm, and it suddenly occurred to me that
this would be precisely the sort of thing you'd want to have pterm
set up for you, particularly since you can configure it alongside
the translation settings and so you can ensure they match up
properly.
[originally from svn r4645]
PuTTY / Plink not to run a remote shell/command at all. Supported in
the GUI configuration and via the (OpenSSH-like) -N command-line
option.
No effort is currently made to arrange `nice' UI properties. If you
do this in GUI PuTTY, a full-size terminal window will still be
created, and will sit there with almost nothing in it throughout
your session. If you do it in Plink, Plink will not accept any kind
of request to terminate gracefully; you'll have to ^C or kill it.
Nonetheless, even this little will be useful to some people...
[originally from svn r4614]
- new function platform_get_x_display() to find a sensible local display.
On Unix, the Gtk apps weren't taking account of --display when
determining where to send forwarded X traffic.
- explicitly document that leaving X display location blank in config tries
to do something sensible (and that it's now blank by default)
- don't override X11Display setting in plink, since that's more properly
done later
[originally from svn r4604]
by default (although they can be included). There's also an option to remove
session data, which is good both for privacy and for reducing the size of
logfiles.
[originally from svn r4593]
No very good reason, but I've occasionally wanted to frob it to see if it
makes any difference to problems I'm having, and it was easy.
Tested that it does actually cause keepalives on Windows (with tcpdump);
should also work on Unix. Not implemented on Mac (does nothing), but then
neither is TCP_NODELAY.
Quite a big checkin, much of which is adding `keepalive' alongside `nodelay'
in network function calls.
[originally from svn r4309]
fit in the text output format. If only to stop myself getting
pestered with cron stderr messages every night, here are some
changes that remove over-long code lines from the PuTTY manual.
[originally from svn r4238]
and this caused public key authentication to fail in spite of
following our instructions to the letter. It can't hurt to
s/g-w/go-w/ here, just in case!
[originally from svn r4205]
(we didn't before) - `ssh-termspeed'.
In the process, I've removed the individual controls on the Telnet and
Rlogin panels and replaced them with one on the Connection panel (since they
were backed by the same storage anyway).
The terminal speeds sent in SSH are logged in the Event Log.
[originally from svn r4133]
case people are incapable of spotting it on the Feedback page. Also
add to both locations Owen's point about first-line support.
[originally from svn r4009]
- remove a couple of "fixed in 0.52" (or before) type questions
- mention Mac OS X port that someone was working on
- add a missing {Question}
[originally from svn r3997]
can do it by hand, I've converted the man page set from Unix PuTTY
into Halibut format, and enhanced the Makefile so it will build
them. At some future point this will also allow me to include the
man pages as an appendix in the main manual (once I _have_ a main
manual for Unix PuTTY).
[originally from svn r3966]
- update usage info in tools
- ack, plink is over 24 lines now
- update man pages for Unix version
- Doc changes:
- move long description from (GUI) "config" to "using"
- sorry if complete specification isn't what this section is meant for,
but if you only read "using" it was hard to find.
- ensure enough references to this made in other sections (GUI,
command-line)
- update instance of plink usage info
[originally from svn r3740]
option from the Selection panel to the Translation panel (where it
fits at least as well). This frees a line in the Selection panel
which I'm about to use for an additional mouse handling option.
[originally from svn r3564]
which is only included if you explicitly tell the docs Makefile to
do so. Also make it a relative reference, while we're at it.
[originally from svn r3524]
"REGEDIT /E". On newer versions of Windows (verified on 2K), this will cause
the .REG file to be saved in REGEDIT4 format (ASCII) which can be read by
older Windows, rather than REGEDIT5 (Unicode). On older Windows, the extra "A"
is harmless (verified on Win98).
[originally from svn r3305]
box, in that it started to expand under the weight of proxy options.
Now fixed, by folding the SOCKS version selector into the general
proxy type selector so there's one single 5- or 6-way radio button
set split over two lines. settings.c has of course grown a backwards
compatibility wart to deal with legacy config data.
[originally from svn r3168]
hazard. I considered removing it completely, but I can't rule out
the possibility of an OS that actually takes security of its
terminal devices seriously, and which might be able to make sensible
and safe use of this feature.
[originally from svn r3103]
the location of PuTTY's data storage mentioned in the manual section
about loading and storing sessions. This seems not unreasonable, so
I've put it there.
[originally from svn r3094]
is not the same thing as ECONNABORTED, so I've removed the `we're a
bit confused about this, send us details' text. And someone has just
been confused by `connection timed out', so I've added that too.
[originally from svn r2950]
clears, and also to temporarily push the primary screen contents
into the scrollback while the alternate screen is active and bring
it back afterwards.
[originally from svn r2910]
to pieces, and put it back together in a new table-driven form.
config.c sets up a data structure describing most of the config box;
wincfg.c adds in the Windows-specific options (so that config.c can
also form the basis for Mac and Unix config boxes). Then winctrls.c
contains a shiny new layout engine which consumes that data
structure, and windlg.c passes all WM_COMMAND and similar messages
to a driver alongside that layout engine. In the process I've sorted
out nicer-looking panel titles and finally fixed the list-boxes-are-
never-the-right-size bug (turned out to be Windows's fault, of
course). I _believe_ it should do everything the old config box did,
including context help. Now everyone has to test it thoroughly...
[originally from svn r2908]
Modified text to reflect the fact that the wishlist now shows bugs fixed
recently (FSVO "recently"). Hopefully I haven't made it too confusing.
[originally from svn r2852]
which have a strange idea of what data should be signed in a PK auth
request. This actually got in my way while doing serious things at
work! :-)
[originally from svn r2800]
foreground colours, and ESC[100m through ESC[107m to set bright
background colours. Hence, so do we. Bright-foreground is
distinguishable from bold, and bright-background distinguishable
from blink, when it leaves terminal.c; the front end may then choose
to display them in the same way if it's configured to do so. This
change makes the xterm backend for Turbo Vision (!!!) work properly.
Untested on Mac.
[originally from svn r2734]
Change the sense of cfg.win_name_always' representation in the UI (from
`Avoid ever using icon title' to `Separate window and icon titles').
Also update the docs to match reality.
[originally from svn r2681]
users. Update the file selection dialogs to mention it per the usual Windows
convention, and also sprinkle references to it throughout the docs. I've
also scattered hints that most tools need PuTTY's native format; perhaps this
will reduce the frequency with which FAQ A.1.2 trips people up.
[originally from svn r2625]
and term_reconfig() now passes in a new structure which is copied
over the top. This means that the old and new structures can be
compared, and the _current_ as well as default states of auto wrap
mode, DEC origin mode, BCE, blinking text and character classes can
be conveniently reconfigured in mid-session without requiring a
terminal reset.
[originally from svn r2557]
the remote IP/port data provided by the server for forwarded
connections. Disabled by default, since it's incompatible with SSH2,
probably incompatible with some X clients, and tickles a bug in
at least one version of OpenSSH.
[originally from svn r2554]
might give a bit count one less than the one the user asked for. Two
people have been worried by this now, and it's probably worth
documenting that it's perfectly normal.
[originally from svn r2369]
SockAddr, which just contains an unresolved hostname and is created
by a stub function in *net.c. It's an error to pass this to most of
the real-meat functions in *net.c; these fake addresses should have
been dealt with by the time they get down that far. proxy.c now
contains name_lookup(), a wrapper on sk_namelookup() which decides
whether or not to do real DNS, and the individual proxy
implementations each deal sensibly with being handed an unresolved
address and avoid ever passing one down to *net.c.
[originally from svn r2353]
well, though it's a lot less useful since you still can't bind to
low-numbered ports of odd loopback IPs. Should work in principle for
SSH2 remote forwardings as well as local ones, but OpenSSH seems
unwilling to cooperate.
[originally from svn r2344]
Not that I desperately want to shout about it just yet, but I feel a
bit bad about the FAQ saying `we don't have a Unix port, anyone who
told you so was wrong'. :-)
[originally from svn r2185]
it's automatically deactivated by any keypress, so that command-line
beeps from (e.g.) filename completion don't suddenly stop occurring,
but it still provides a rapid response to an accidental spewing of a
binary to your terminal.
[originally from svn r2107]
Updated manual to reflect reality (e.g. usage messages, '-p port' not actually
implemented, sprinkle references to '-i keyfile').
(I've put "Release 0.53" in the messages; let's hope this doesn't cause a
flood of "where is 0.53?" email.)
I don't guarantee that the result is entirely sane and sensible in all
respects, but it is at least consistent.
[originally from svn r1951]
not sending us large attachments, and in particular remove the
emphasis on screen shots in the hope of also decreasing the number
of _other_ large attachments we get.
[originally from svn r1715]
Import command; the former warns you if you load a foreign key,
whereas the latter doesn't. So the user should always be aware, one
way or the other, that a format conversion is taking place.
[originally from svn r1687]
than a future prospect. I'm going to move the beta-0-52 tag on this
file, but that won't affect release binaries that have already been
built.
[originally from svn r1547]
of scp.c, psftp.c and plink.c into it. Additionally, add `batch
mode', in which all the interactive prompts (bad host key, log file
exists, insecure cipher, password prompt) are disabled and safe
responses are assumed. (The idea being that if you run PSCP, for
example, in a cron job then you'd probably rather it failed and
exited instead of leaving the cron job wedged while it waits for
user input that will never arrive.)
[originally from svn r1525]
^M instead of the Telnet New Line code. Unix-type telnetds don't
care one way or the other; RDB claims some telnetds prefer Telnet
NL; and now someone has found one that can't deal with Telnet NL and
prefers ^M. Sigh.
[originally from svn r1520]
we really need to know what character sequence you were _expecting_
your function key to generate before we can even think about making
PuTTY generate it.
[originally from svn r1519]
to give feedback. (I think the latter has suddenly become worthwhile
now we have the ability to distribute a help file; so people won't
have to come to the website for the feedback information.)
[originally from svn r1502]
connections from outside localhost' switch. Interestingly OpenSSH
3.0 appears to ignore this (though I know it works because ssh.com
3.0 gets it right, and the SSH packet dump agrees that I'm doing the
right thing).
[originally from svn r1496]
sick of recompiling to enable packet dumps. SSH packet dumping is
now provided as a logging option, and dumps to putty.log like all
the other logging options. While I'm at it I cleaned up the format
so that packet types are translated into strings for easy browsing.
POSSIBLE SIDE EFFECT: in the course of this work I had to re-enable
the SSH1 packet length checks which it turns out hadn't actually
been active for some time, so it's possible things might break as a
result. If need be I can always disable those checks for the 0.52
release and think about it more carefully later.
[originally from svn r1493]
individual documentation of the various PuTTYgen controls; also
implemented context help in PuTTYgen to go with it. Shame there
isn't space for a generic `Help' button in the PuTTYgen window.
[originally from svn r1478]
configurable option so users can re-enable the feature _if_ they
know they have an SSH2 server that isn't going to get shirty about
it. Inspired by a spectacular increase in OpenSSH's shirtiness.
[originally from svn r1474]
we just invoke the same help file and jump to the Pageant chapter.
It would be nice to be able to bring up the contents box with the
Pageant chapter expanded, but I don't think WinHelp() allows us to
request this.)
[originally from svn r1471]
PuTTY now has a complete manual. Stylistic review, content review
and indexing are yet to do, but at least there's some plausible text
in every section now.
[originally from svn r1460]
between `Getting Started' (things we can barely believe you don't
know) and the Configuration reference chapter (things you already
knew and had just forgotten). Only half-written at the moment.
[originally from svn r1423]
than \e when describing button names and menu items: the "Foo"
button rather than the _Foo_ button. Certainly consistent use of
either is better than the mixed use of both we had before :-)
[originally from svn r1420]
added an introduction to public key authentication, and made a
couple of changes in intro.but. Transatlantic flights have some uses
after all.
[originally from svn r1146]