1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Go to file
Simon Tatham 15f097f399 New feature: k-i authentication helper plugins.
In recent months I've had two requests from different people to build
support into PuTTY for automatically handling complicated third-party
auth protocols layered on top of keyboard-interactive - the kind of
thing where you're asked to enter some auth response, and you have to
refer to some external source like a web server to find out what the
right response _is_, which is a pain to do by hand, so you'd prefer it
to be automated in the SSH client.

That seems like a reasonable thing for an end user to want, but I
didn't think it was a good idea to build support for specific
protocols of that kind directly into PuTTY, where there would no doubt
be an ever-lengthening list, and maintenance needed on all of them.

So instead, in collaboration with one of my correspondents, I've
designed and implemented a protocol to be spoken between PuTTY and a
plugin running as a subprocess. The plugin can opt to handle the
keyboard-interactive authentication loop on behalf of the user, in
which case PuTTY passes on all the INFO_REQUEST packets to it, and
lets it make up responses. It can also ask questions of the user if
necessary.

The protocol spec is provided in a documentation appendix. The entire
configuration for the end user consists of providing a full command
line to use as the subprocess.

In the contrib directory I've provided an example plugin written in
Python. It gives a set of fixed responses suitable for getting through
Uppity's made-up k-i system, because that was a reasonable thing I
already had lying around to test against. But it also provides example
code that someone else could pick up and insert their own live
response-provider into the middle of, assuming they were happy with it
being in Python.
2022-09-01 20:43:23 +01:00
charset Formatting: normalise back to 4-space indentation. 2022-08-03 20:48:46 +01:00
cmake Reinstate __USE_MINGW_ANSI_STDIO for MinGW builds. 2022-08-29 17:22:28 +01:00
contrib New feature: k-i authentication helper plugins. 2022-09-01 20:43:23 +01:00
crypto Support elliptic-curve Diffie-Hellman GSS KEX. 2022-08-30 18:09:39 +01:00
doc New feature: k-i authentication helper plugins. 2022-09-01 20:43:23 +01:00
icons New script to draw the icons as SVG. 2022-03-18 12:55:01 +00:00
keygen Generalise strbuf_catf() into put_fmt(). 2021-11-19 11:32:47 +00:00
otherbackends Comment typo in supdup.c. 2022-08-03 20:48:46 +01:00
proxy Formatting: remove spurious spaces in 'type * var'. 2022-08-03 20:48:46 +01:00
ssh New feature: k-i authentication helper plugins. 2022-09-01 20:43:23 +01:00
stubs New facility, platform_start_subprocess. 2022-09-01 20:43:23 +01:00
terminal Formatting: miscellaneous. 2022-08-03 20:48:46 +01:00
test Add RFC8268 / RFC3126 Diffie-Hellman group{15,16,17,18}. 2022-08-30 18:09:39 +01:00
unix New facility, platform_start_subprocess. 2022-09-01 20:43:23 +01:00
utils New facility, platform_start_subprocess. 2022-09-01 20:43:23 +01:00
windows New feature: k-i authentication helper plugins. 2022-09-01 20:43:23 +01:00
.gitignore Add .gitignore rules for in-tree builds. 2021-04-19 18:26:56 +01:00
aqsync.c Build outgoing SSH agent requests in a strbuf. 2018-05-25 14:36:16 +01:00
be_list.c Merge be_*.c into one ifdef-controlled module. 2021-11-26 17:58:55 +00:00
Buildscr Merge tag '0.77' 2022-05-27 09:10:35 +01:00
Buildscr.cv Replace mkfiles.pl with a CMake build system. 2021-04-17 13:53:02 +01:00
callback.c Add lots of missing 'static' keywords. 2020-01-29 06:44:18 +00:00
cgtest.c Richer data type for interactive prompt results. 2021-12-28 18:08:31 +00:00
CHECKLST.txt Checklist update: add Windows Store instructions. 2022-05-27 09:55:14 +01:00
clicons.c Change vtable defs to use C99 designated initialisers. 2020-03-10 21:06:29 +00:00
CMakeLists.txt Reorganise the stubs collection. 2022-09-01 20:43:23 +01:00
cmdgen.c Certificate-aware handling of key fingerprints. 2022-08-05 18:08:59 +01:00
cmdline.c Merge assorted pterm fixes from 'pre-0.77'. 2022-05-21 10:59:31 +01:00
config.c New feature: k-i authentication helper plugins. 2022-09-01 20:43:23 +01:00
console.c Centralise most details of host-key prompting. 2022-07-07 18:05:32 +01:00
console.h Mention the host name in host-key prompts. 2021-09-16 14:33:59 +01:00
defs.h Centralise most details of host-key prompting. 2022-07-07 18:05:32 +01:00
dialog.c Fix uninitialised field in ctrl_fileselect. 2022-07-24 14:08:56 +01:00
dialog.h Replace integer context2 encoding in conf_editbox_handler. 2022-09-01 20:43:23 +01:00
errsock.c Change vtable defs to use C99 designated initialisers. 2020-03-10 21:06:29 +00:00
import.c Formatting: realign labels and case/default statements. 2022-08-03 20:48:46 +01:00
LATEST.VER Update version number for 0.77 release. 2022-05-24 17:53:18 +01:00
ldisc.c Formatting: realign labels and case/default statements. 2022-08-03 20:48:46 +01:00
LICENCE It's a new year. 2022-01-04 10:17:17 +00:00
licence.pl Separate the functions of licence.pl. 2021-04-17 13:52:27 +01:00
logging.c sshproxy: share the caller's LogPolicy. 2021-09-13 17:18:31 +01:00
marshal.h Formatting: realign run-on parenthesised stuff. 2022-08-03 20:48:46 +01:00
misc.h Utility function to do terminal word wrapping. 2022-07-07 18:05:32 +01:00
mksrcarc.sh Replace mkfiles.pl with a CMake build system. 2021-04-17 13:53:02 +01:00
mkunxarc.sh Integrate the 'doc' subdir into the CMake system. 2021-05-03 17:01:55 +01:00
mpint.h Utility function mp_resize. 2022-04-15 17:46:06 +01:00
network.h New facility, platform_start_subprocess. 2022-09-01 20:43:23 +01:00
pageant.c Formatting: another handful of mis-indented labels. 2022-08-07 18:44:11 +01:00
pageant.h winpgnt: menu options to delete/reencrypt everything. 2021-04-04 10:02:24 +01:00
pinger.c Whitespace rationalisation of entire code base. 2019-09-08 20:29:21 +01:00
pscp.c Formatting: miscellaneous. 2022-08-03 20:48:46 +01:00
psftp.c Formatting: normalise back to 4-space indentation. 2022-08-03 20:48:46 +01:00
psftp.h Remove FLAG_VERBOSE. 2020-01-30 06:40:21 +00:00
psftpcommon.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
psocks.c New API for plug_closing() with a custom type enum. 2021-11-06 14:48:26 +00:00
psocks.h Auxiliary application: 'psocks', a simple SOCKS server. 2020-02-23 16:36:27 +00:00
putty.h New feature: k-i authentication helper plugins. 2022-09-01 20:43:23 +01:00
puttymem.h Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
README Restore advice about making pterm set[ug]id. 2022-05-19 10:52:56 +01:00
release.pl Replace mkfiles.pl with a CMake build system. 2021-04-17 13:53:02 +01:00
settings.c New feature: k-i authentication helper plugins. 2022-09-01 20:43:23 +01:00
sign.sh GPG key rollover. 2021-08-14 08:02:27 +01:00
ssh.h New feature: k-i authentication helper plugins. 2022-09-01 20:43:23 +01:00
sshcr.h Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
sshkeygen.h Side-channel-safe rewrite of the Miller-Rabin test. 2021-08-27 18:04:49 +01:00
sshpubk.c Certificate-aware handling of key fingerprints. 2022-08-05 18:08:59 +01:00
sshrand.c Remove dependency of sshrand.c on SHA-512. 2020-09-13 09:11:31 +01:00
storage.h Certificate trust scope: change to a boolean-expression system. 2022-06-25 14:32:23 +01:00
timing.c Whitespace rationalisation of entire code base. 2019-09-08 20:29:21 +01:00
tree234.h Formatting: remove spurious spaces in 'type * var'. 2022-08-03 20:48:46 +01:00
version.h Replace mkfiles.pl with a CMake build system. 2021-04-17 13:53:02 +01:00
x11disp.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00

This is the README for PuTTY, a free Windows and Unix Telnet and SSH
client.

PuTTY is built using CMake <https://cmake.org/>. To compile in the
simplest way (on any of Linux, Windows or Mac), run these commands in
the source directory:

  cmake .
  cmake --build .

Then, to install in the simplest way on Linux or Mac:

  cmake --build . --target install

On Unix, pterm would like to be setuid or setgid, as appropriate, to
permit it to write records of user logins to /var/run/utmp and
/var/log/wtmp. (Of course it will not use this privilege for
anything else, and in particular it will drop all privileges before
starting up complex subsystems like GTK.) The cmake install step
doesn't attempt to add these privileges, so if you want user login
recording to work, you should manually ch{own,grp} and chmod the
pterm binary yourself after installation. If you don't do this,
pterm will still work, but not update the user login databases.

Documentation (in various formats including Windows Help and Unix
`man' pages) is built from the Halibut (`.but') files in the `doc'
subdirectory using `doc/Makefile'. If you aren't using one of our
source snapshots, you'll need to do this yourself. Halibut can be
found at <https://www.chiark.greenend.org.uk/~sgtatham/halibut/>.

The PuTTY home web site is

    https://www.chiark.greenend.org.uk/~sgtatham/putty/

If you want to send bug reports or feature requests, please read the
Feedback section of the web site before doing so. Sending one-line
reports saying `it doesn't work' will waste your time as much as
ours.

See the file LICENCE for the licence conditions.