mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-09 09:27:59 +00:00
cd7f6c4407
OpenSSH, when called on to give the fingerprint of a certified public
key, will in many circumstances generate the hash of the public blob
of the _underlying_ key, rather than the hash of the full certificate.
I think the hash of the certificate is also potentially useful (if
nothing else, it provides a way to tell apart multiple certificates on
the same key). But I can also see that it's useful to be able to
recognise a key as the same one 'really' (since all certificates on
the same key share a private key, so they're unavoidably related).
So I've dealt with this by introducing an extra pair of fingerprint
types, giving the cross product of {MD5, SHA-256} x {base key only,
full certificate}. You can manually select which one you want to see
in some circumstances (notably PuTTYgen), and in others (such as
diagnostics) both fingerprints will be emitted side by side via the
new functions ssh2_double_fingerprint[_blob].
The default, following OpenSSH, is to just fingerprint the base key.
|
||
|---|---|---|
| charset | ||
| cmake | ||
| contrib | ||
| crypto | ||
| doc | ||
| icons | ||
| keygen | ||
| otherbackends | ||
| proxy | ||
| ssh | ||
| stubs | ||
| terminal | ||
| test | ||
| unix | ||
| utils | ||
| windows | ||
| .gitignore | ||
| aqsync.c | ||
| be_list.c | ||
| Buildscr | ||
| Buildscr.cv | ||
| callback.c | ||
| cgtest.c | ||
| CHECKLST.txt | ||
| clicons.c | ||
| CMakeLists.txt | ||
| cmdgen.c | ||
| cmdline.c | ||
| config.c | ||
| console.c | ||
| console.h | ||
| defs.h | ||
| dialog.c | ||
| dialog.h | ||
| errsock.c | ||
| import.c | ||
| LATEST.VER | ||
| ldisc.c | ||
| LICENCE | ||
| licence.pl | ||
| logging.c | ||
| marshal.h | ||
| misc.h | ||
| mksrcarc.sh | ||
| mkunxarc.sh | ||
| mpint.h | ||
| network.h | ||
| pageant.c | ||
| pageant.h | ||
| pinger.c | ||
| pscp.c | ||
| psftp.c | ||
| psftp.h | ||
| psftpcommon.c | ||
| psocks.c | ||
| psocks.h | ||
| putty.h | ||
| puttymem.h | ||
| README | ||
| release.pl | ||
| settings.c | ||
| sign.sh | ||
| ssh.h | ||
| sshcr.h | ||
| sshkeygen.h | ||
| sshpubk.c | ||
| sshrand.c | ||
| storage.h | ||
| timing.c | ||
| tree234.h | ||
| version.h | ||
| x11disp.c | ||
This is the README for PuTTY, a free Windows and Unix Telnet and SSH
client.
PuTTY is built using CMake <https://cmake.org/>. To compile in the
simplest way (on any of Linux, Windows or Mac), run these commands in
the source directory:
cmake .
cmake --build .
Then, to install in the simplest way on Linux or Mac:
cmake --build . --target install
On Unix, pterm would like to be setuid or setgid, as appropriate, to
permit it to write records of user logins to /var/run/utmp and
/var/log/wtmp. (Of course it will not use this privilege for
anything else, and in particular it will drop all privileges before
starting up complex subsystems like GTK.) The cmake install step
doesn't attempt to add these privileges, so if you want user login
recording to work, you should manually ch{own,grp} and chmod the
pterm binary yourself after installation. If you don't do this,
pterm will still work, but not update the user login databases.
Documentation (in various formats including Windows Help and Unix
`man' pages) is built from the Halibut (`.but') files in the `doc'
subdirectory using `doc/Makefile'. If you aren't using one of our
source snapshots, you'll need to do this yourself. Halibut can be
found at <https://www.chiark.greenend.org.uk/~sgtatham/halibut/>.
The PuTTY home web site is
https://www.chiark.greenend.org.uk/~sgtatham/putty/
If you want to send bug reports or feature requests, please read the
Feedback section of the web site before doing so. Sending one-line
reports saying `it doesn't work' will waste your time as much as
ours.
See the file LICENCE for the licence conditions.