1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-24 16:52:24 +00:00
Commit Graph

62 Commits

Author SHA1 Message Date
Jacob Nevins
9ce5bc401c Tweaks to OpenSSH key format docs.
Index the older format as 'PEM-style', since PEM is how it's referred to
in OpenSSH's own docs; and justify why you might want to use the newer
format.
2023-07-12 17:55:58 +01:00
Simon Tatham
1aa97cfb89 Another minor docs typo.
(cherry picked from commit 37f67bc937)
2023-04-19 14:28:36 +01:00
Jacob Nevins
6472f7fc77 Docs: update Pageant key list description.
GUI Pageant stopped using SSH identifiers for key types in fea08bb244,
but the docs were still referring to them.

As part of this, ensure that the term "NIST" is thoroughly
cross-referenced and indexed, since it now appears so prominently in
Pageant.

(While I'm there, reword the "it's OK that elliptic-curve keys are
smaller than RSA ones" note, as I kept tripping over the old wording.)
2022-10-21 13:04:57 +01:00
Jacob Nevins
5d5a6a8fd3 Docs: MD5 is forced for SSH-1 key fingerprints. 2022-10-21 13:04:41 +01:00
Jacob Nevins
d42983088a Docs: prime generation defaults are usually fine. 2022-10-21 13:02:36 +01:00
Jacob Nevins
2b5b7b5c45 Docs: note warning about <2048-bit RSA/DSA keys. 2022-10-21 12:52:27 +01:00
Jacob Nevins
617bf732bd Docs: PuTTYgen: fix gratuitous exclusion of PSFTP. 2022-10-21 12:52:27 +01:00
Jacob Nevins
25ac012c40 Document Windows PuTTYgen "-t ed25519" / "ed448". 2022-10-20 23:42:21 +01:00
Simon Tatham
e52087719c Documentation for OpenSSH certificates.
Also I've filled in the help contexts in all the new GUI controls.
2022-08-07 18:44:11 +01:00
Jacob Nevins
98a213e832 Document Windows PuTTYgen's -E option.
This was missed in 11aa9ab8f3.
2022-05-20 13:28:01 +01:00
Simon Tatham
f11b20156b Windows PuTTYgen docs: remove redundant text.
When I was writing the documentation for the new command-line options,
I wondered why there was an existing section for the corresponding GUI
setting for each option I'd added except strong primes. Now I've found
it: strong primes are discussed in the same section as prime-
generation methods. So I can replace the second explanation with a
cross-reference.
2022-01-22 16:45:29 +00:00
Simon Tatham
11aa9ab8f3 Windows PuTTYgen: support cmdgen's key-type and PPK options.
This imports the following options from command-line PuTTYgen, which
all correspond to controls in Windows PuTTYgen's GUI, and let you set
the GUI controls to initial values of your choice:

  -t <key type>
  -b <bits>
  -E <fingerprint type>
  --primes <prime gen policy>
  --strong-rsa
  --ppk-param <KDF parameters or PPK version etc>

The idea is that if someone generates a lot of keys and has standard
non-default preferences, they can make a shortcut that passes those
preferences on the command line.
2022-01-15 18:54:07 +00:00
Jacob Nevins
7843b428ad docs: Correct proven-primes side channel risk.
After reading Simon's wishlist write-up 'rsa-gen-side-channels'.
2022-01-12 01:15:55 +00:00
Jacob Nevins
39d1515ea6 Note side-channel resistance of probable primes.
This came in around d8fda3b6da.
2022-01-11 23:57:20 +00:00
Jacob Nevins
f0162af6a5 doc: Index 'DSS'. 2022-01-11 23:57:05 +00:00
Jacob Nevins
f5d1d4ce4b Docs: typo. 2021-05-01 18:44:08 +01:00
Jacob Nevins
8f8593a86e Document PPK format parameters, and --reencrypt. 2021-04-20 15:35:50 +01:00
Jacob Nevins
4c596b31ad Docs: tweak indexing of 'strong' primes. 2021-04-20 15:35:50 +01:00
Jacob Nevins
ab23ebc3ae Docs: SSH key type support is server-dependent. 2021-04-20 15:35:50 +01:00
Jacob Nevins
71c411d076 Fix typos in PuTTYgen docs. 2021-04-20 15:35:39 +01:00
Simon Tatham
a21056acd2 Fill in holes in the documentation.
I've filled in some text about prime generation methods and Ed448,
which were all the things marked as 'review before release'.

While I'm at it, also filled in a reasonable enough DSA key length
recommendation, because the FIXME comment in that section was within
sight of one of the places I was editing. FIPS 186-4 seemed to think
that RSA and DSA had comparable relationships between the key length
and practical security level, so I see no reason not to use the same
recommendation for both key types.
2021-04-11 15:06:44 +01:00
Jacob Nevins
3549e56194 Document multiple fingerprint formats. 2021-03-27 18:39:16 +00:00
Jacob Nevins
e85b159d87 Minimally document key generation novelties.
Covers Ed448 (and the user interface change to "EdDSA"), and the prime
generation method. (Both of these need better words, really.)
2020-03-02 23:36:09 +00:00
Jacob Nevins
ecbf919e77 Docs: tweak PuTTYgen "public keys for pasting".
Use the control name displayed for SSH-2 keys, since that's
overwhelmingly what people will care about these days.
2019-04-19 16:02:59 +01:00
Jacob Nevins
5aacd0d98e Docs: talk about SSH-2 before SSH-1.
Because SSH-1 is a very niche interest these days. Mostly this affects
the public key documentation.

Also, a couple of unrelated concessions to modernity.
2019-04-19 15:49:05 +01:00
Jacob Nevins
464e351c7b Remove most traces of WinHelp support.
Remove the 'winhelp-topic' IDs from the Halibut source, and from the
code. Now we have one fewer name to think of every time we add a
setting.

I've left the HELPCTX system in place, with the vague notion that it
might be a useful layer of indirection for some future help system on a
platform like Mac OS X.

(I've left the putty.hlp target in doc/Makefile, if nothing else because
this is a convenient test case for Halibut's WinHelp support. But the
resulting help file will no longer support context help.)
2019-03-26 00:27:04 +00:00
Simon Tatham
c5021a121b Update docs and FAQ for current DSA policy.
I think the deterministic DSA system we've been using for ages can now
be considered proven in use, not to mention the fact that RFC 6979 and
the Ed25519 spec both give variants on the same idea. So I've removed
the 'don't use DSA if you can avoid it' warning.
2016-03-27 20:10:56 +01:00
Jacob Nevins
91653a10c6 Fix punctuation in public key docs. 2016-03-19 23:43:21 +00:00
Jacob Nevins
9dd9860cc8 Update docs for Ed25519 and ChaCha20-Poly1305. 2015-10-22 01:48:02 +01:00
Jacob Nevins
80bd6a01aa Minimal documentation for ECDSA/ECDH support. 2015-02-28 19:08:15 +00:00
Simon Tatham
4d8782e74f Rework versioning system to not depend on Subversion.
I've shifted away from using the SVN revision number as a monotonic
version identifier (replacing it in the Windows version resource with
a count of days since an arbitrary epoch), and I've removed all uses
of SVN keyword expansion (replacing them with version information
written out by Buildscr).

While I'm at it, I've done a major rewrite of the affected code which
centralises all the computation of the assorted version numbers and
strings into Buildscr, so that they're all more or less alongside each
other rather than scattered across multiple source files.

I've also retired the MD5-based manifest file system. A long time ago,
it seemed like a good idea to arrange that binaries of PuTTY would
automatically cease to identify themselves as a particular upstream
version number if any changes were made to the source code, so that if
someone made a local tweak and distributed the result then I wouldn't
get blamed for the results. Since then I've decided the whole idea is
more trouble than it's worth, so now distribution tarballs will have
version information baked in and people can just cope with that.

[originally from svn r10262]
2014-09-24 10:33:13 +00:00
Jacob Nevins
24f0a6f13b Remove comment about 1024/1023 RSA key lengths that's no longer true as of
r9421.

[originally from svn r9422]
[r9421 == 9604c2b367]
2012-03-04 01:01:11 +00:00
Simon Tatham
fece1b69f5 Typo: replace a \i with a \I.
[originally from svn r8607]
2009-07-12 12:02:58 +00:00
Jacob Nevins
908acc3adb publickeyfile now an RFC
[originally from svn r6905]
[this svn revision also touched putty-website]
2006-11-15 12:56:48 +00:00
Jacob Nevins
4c77e32305 s/PuTTY/PuTTYgen/ in two places.
[originally from svn r6528]
2006-01-24 11:08:34 +00:00
Jacob Nevins
0e82598a35 Index the complete PuTTY manual.
This was a bit rushed, and could doubtless be improved.
Also fix a couple of things I noted on the way, including:
 - "pscp -ls" wasn't documented
 - Windows XP wasn't mentioned enough

[originally from svn r5593]
2005-04-05 18:01:32 +00:00
Ben Harris
6070903a09 Make it clear that even when using SSH 2, you only need the SSH-2 pubkey format
if you're actually using the SSH-2 protocol.

[originally from svn r5483]
2005-03-10 17:04:26 +00:00
Jacob Nevins
5aa719d16e Consistently use a single notation to refer to SSH protocol versions, as
discussed. Use Barrett and Silverman's convention of "SSH-1" for SSH protocol
version 1 and "SSH-2" for protocol 2 ("SSH1"/"SSH2" refer to ssh.com
implementations in this scheme). <http://www.snailbook.com/terms.html>

[originally from svn r5480]
2005-03-10 16:36:05 +00:00
Jacob Nevins
55a60a4c74 \k --> \K
[originally from svn r4893]
2004-11-24 03:18:14 +00:00
Simon Tatham
5d32d4af14 Now we use Subversion, it seems excessive to have an individual $Id$
line for every single .but file at the bottom of each page of the
HTML PuTTY docs. However, we can't _always_ replace that with a
single SVN revision, because there isn't always one available (SVN
still allows mixed working copies in which some files are
deliberately checked out against a different revision).

Hence, here's a mechanism for doing better. It uses `svnversion .'
to determine _whether_ a single revision number adequately describes
the current directory, and replaces all the version IDs with that if
so. If it can't do that, it uses the version IDs as before.

Also, this allows an explicit version string to be passed on the
make command line which will override _both_ these possibilities, so
that release documentation can be clearly labelled with the release
version number.

[originally from svn r4804]
2004-11-17 18:16:59 +00:00
Simon Tatham
d18cd16ca1 A user at ARM just found his home directory was _world_ writable,
and this caused public key authentication to fail in spite of
following our instructions to the letter. It can't hurt to
s/g-w/go-w/ here, just in case!

[originally from svn r4205]
2004-05-06 11:27:58 +00:00
Jacob Nevins
57610f8580 Steven Shockley points out that the .PPK extension is far from obvious to
users. Update the file selection dialogs to mention it per the usual Windows
convention, and also sprinkle references to it throughout the docs. I've
also scattered hints that most tools need PuTTY's native format; perhaps this
will reduce the frequency with which FAQ A.1.2 trips people up.

[originally from svn r2625]
2003-01-16 15:43:18 +00:00
Simon Tatham
b2f4de02b9 Mention in the documentation that the method of generating RSA keys
might give a bit count one less than the one the user asked for. Two
people have been worried by this now, and it's probably worth
documenting that it's perfectly normal.

[originally from svn r2369]
2002-12-27 16:54:14 +00:00
Jacob Nevins
406bc897b3 s/public/private/ spotted by Clint Hastings; also change a "public key"
to "key pair"

[originally from svn r2180]
2002-11-01 21:50:35 +00:00
Jacob Nevins
c7fa2f6183 Updated usage messages for command-line utilities to reflect new options.
Updated manual to reflect reality (e.g. usage messages, '-p port' not actually
  implemented, sprinkle references to '-i keyfile').
(I've put "Release 0.53" in the messages; let's hope this doesn't cause a
  flood of "where is 0.53?" email.)
I don't guarantee that the result is entirely sane and sensible in all
  respects, but it is at least consistent.

[originally from svn r1951]
2002-09-11 17:30:36 +00:00
Simon Tatham
c92ea6c8ed UI changes for key imports. We now have a separate Load command and
Import command; the former warns you if you load a foreign key,
whereas the latter doesn't. So the user should always be aware, one
way or the other, that a format conversion is taking place.

[originally from svn r1687]
2002-05-18 09:20:41 +00:00
Jacob Nevins
fdbfe9e89f Nit: PuTTYgen can generate RSA _and DSA_ keys
[originally from svn r1685]
2002-05-16 22:36:36 +00:00
Simon Tatham
de3b29f7e5 Final cleanups on key import/export work. Rationalised the UI (so
that menu options are greyed out helpfully) and added documentation.

[originally from svn r1683]
2002-05-15 20:07:11 +00:00
Simon Tatham
9a8c58a64b Added a framework for importing foreign key formats, and implemented
importing of OpenSSH SSH2 private key files (both encrypted and
unencrypted). Seems to work fine.

[originally from svn r1668]
2002-05-11 16:45:29 +00:00
Simon Tatham
ab431397d6 Aargh, an Americanism crept in. Now corrected: favorite -> favourite.
[originally from svn r1482]
2001-12-14 09:58:07 +00:00