mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-09 17:38:00 +00:00
5f5c710cf3
Suggested by Manfred Kaiser, who also wrote most of this patch (although outlying parts, like documentation and SSH-1 support, are by me). This is a second line of defence against the kind of spoofing attacks in which a malicious or compromised SSH server rushes the client through the userauth phase of SSH without actually requiring any auth inputs (passwords or signatures or whatever), and then at the start of the connection phase it presents something like a spoof prompt, intended to be taken for part of userauth by the user but in fact with some more sinister purpose. Our existing line of defence against this is the trust sigil system, and as far as I know, that's still working. This option allows a bit of extra defence in depth: if you don't expect your SSH server to trivially accept authentication in the first place, then enabling this option will cause PuTTY to disconnect if it unexpectedly does so, without the user having to spot the presence or absence of a fiddly little sigil anywhere. Several types of authentication count as 'trivial'. The obvious one is the SSH-2 "none" method, which clients always try first so that the failure message will tell them what else they can try, and which a server can instead accept in order to authenticate you unconditionally. But there are two other ways to do it that we know of: one is to run keyboard-interactive authentication and send an empty INFO_REQUEST packet containing no actual prompts for the user, and another even weirder one is to send USERAUTH_SUCCESS in response to the user's preliminary *offer* of a public key (instead of sending the usual PK_OK to request an actual signature from the key). This new option detects all of those, by clearing the 'is_trivial_auth' flag only when we send some kind of substantive authentication response (be it a password, a k-i prompt response, a signature, or a GSSAPI token). So even if there's a further path through the userauth maze we haven't spotted, that somehow avoids sending anything substantive, this strategy should still pick it up. |
||
|---|---|---|
| charset | ||
| cmake | ||
| contrib | ||
| crypto | ||
| doc | ||
| icons | ||
| keygen | ||
| otherbackends | ||
| ssh | ||
| test | ||
| unix | ||
| utils | ||
| windows | ||
| .gitignore | ||
| aqsync.c | ||
| be_all_s.c | ||
| be_all.c | ||
| be_misc.c | ||
| be_none.c | ||
| be_nos_s.c | ||
| be_nossh.c | ||
| be_ssh.c | ||
| Buildscr | ||
| Buildscr.cv | ||
| callback.c | ||
| cgtest.c | ||
| CHECKLST.txt | ||
| clicons.c | ||
| CMakeLists.txt | ||
| cmdgen.c | ||
| cmdline.c | ||
| config.c | ||
| console.c | ||
| console.h | ||
| cproxy.c | ||
| defs.h | ||
| dialog.c | ||
| dialog.h | ||
| errsock.c | ||
| fuzzterm.c | ||
| import.c | ||
| LATEST.VER | ||
| ldisc.c | ||
| ldisc.h | ||
| LICENCE | ||
| licence.pl | ||
| logging.c | ||
| marshal.h | ||
| minibidi.c | ||
| misc.h | ||
| mksrcarc.sh | ||
| mkunxarc.sh | ||
| mpint.h | ||
| network.h | ||
| nocmdline.c | ||
| nocproxy.c | ||
| nogss.c | ||
| noprint.c | ||
| noproxy.c | ||
| norand.c | ||
| nosshproxy.c | ||
| noterm.c | ||
| notiming.c | ||
| nullplug.c | ||
| pageant.c | ||
| pageant.h | ||
| pinger.c | ||
| pproxy.c | ||
| proxy.c | ||
| proxy.h | ||
| pscp.c | ||
| psftp.c | ||
| psftp.h | ||
| psftpcommon.c | ||
| psocks.c | ||
| psocks.h | ||
| putty.h | ||
| puttymem.h | ||
| README | ||
| release.pl | ||
| settings.c | ||
| sign.sh | ||
| ssh.h | ||
| sshcr.h | ||
| sshkeygen.h | ||
| sshproxy.c | ||
| sshpubk.c | ||
| sshrand.c | ||
| storage.h | ||
| terminal.c | ||
| terminal.h | ||
| testcrypt.c | ||
| testcrypt.h | ||
| testsc.c | ||
| testzlib.c | ||
| timing.c | ||
| tree234.h | ||
| version.h | ||
| x11disp.c | ||
This is the README for PuTTY, a free Windows and Unix Telnet and SSH
client.
PuTTY is built using CMake <https://cmake.org/>. To compile in the
simplest way (on any of Linux, Windows or Mac), run these commands in
the source directory:
cmake .
cmake --build .
Documentation (in various formats including Windows Help and Unix
`man' pages) is built from the Halibut (`.but') files in the `doc'
subdirectory using `doc/Makefile'. If you aren't using one of our
source snapshots, you'll need to do this yourself. Halibut can be
found at <https://www.chiark.greenend.org.uk/~sgtatham/halibut/>.
The PuTTY home web site is
https://www.chiark.greenend.org.uk/~sgtatham/putty/
If you want to send bug reports or feature requests, please read the
Feedback section of the web site before doing so. Sending one-line
reports saying `it doesn't work' will waste your time as much as
ours.
See the file LICENCE for the licence conditions.