+\S{faq-openssh-bad-openssl}{Question} Since my SSH server was upgraded
+to OpenSSH 3.1p1/3.4p1, I can no longer connect with PuTTY.
+
+There is a known problem when OpenSSH has been built against an
+incorrect version of OpenSSL; the quick workaround is to configure
+PuTTY to use SSH protocol 2 and the Blowfish cipher.
+
+For more details and OpenSSH patches, see
+\W{http://bugzilla.mindrot.org/show_bug.cgi?id=138}{bug 138} in the
+OpenSSH BTS.
+
+This is not a PuTTY-specific problem; if you try to connect with
+another client you'll likely have similar problems. (Although PuTTY's
+default cipher differs from many other clients.)
+
+\e{OpenSSH 3.1p1:} configurations known to be broken (and symptoms):
+
+\b SSH 2 with AES cipher (PuTTY says "Assertion failed! Expression:
+(len & 15) == 0" in sshaes.c, or "Out of memory", or crashes)
+
+\b SSH 2 with 3DES (PuTTY says "Incorrect MAC received on packet")
+
+\b SSH 1 with Blowfish (PuTTY says "Incorrect CRC received on
+packet")
+
+\b SSH 1 with 3DES
+
+\e{OpenSSH 3.4p1:} as of 3.4p1, only the problem with SSH 1 and
+Blowfish remains. Rebuild your server, apply the patch linked to from
+bug 138 above, or use another cipher (e.g., 3DES) instead.
+
+\e{Other versions:} we occasionally get reports of the same symptom
+and workarounds with older versions of OpenSSH, although it's not
+clear the underlying cause is the same.
+
+\S{faq-ssh2key-ssh1conn}{Question} Why do I see "Couldn't load private
+key from ..."? Why can PuTTYgen load my key but not PuTTY?
+
+It's likely that you've generated an SSH protocol 2 key with PuTTYgen,
+but you're trying to use it in an SSH 1 connection. SSH1 and SSH2 keys
+have different formats, and (at least in 0.52) PuTTY's reporting of a
+key in the wrong format isn't optimal.
+
+To connect using SSH 2 to a server that supports both versions, you
+need to change the configuration from the default (see \k{faq-ssh2}).
+