X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/114a251878bd8d087bbe468d20876db48841f8cf..05bea829b8868f5db4ac048897e944ed05dfc457:/doc/pubkey.but

diff --git a/doc/pubkey.but b/doc/pubkey.but
index 1a55ccb7..8b9a3f95 100644
--- a/doc/pubkey.but
+++ b/doc/pubkey.but
@@ -1,4 +1,4 @@
-\versionid $Id: pubkey.but,v 1.19 2002/11/01 21:50:35 jacob Exp $
+\versionid $Id: pubkey.but,v 1.22 2004/05/06 11:27:58 simon Exp $
 
 \C{pubkey} Using public keys for SSH authentication
 
@@ -150,6 +150,18 @@ of the key PuTTYgen will generate.
 
 Currently 1024 bits should be sufficient for most purposes.
 
+Note that an RSA key is generated by finding two primes of half the
+length requested, and then multiplying them together. For example,
+if you ask PuTTYgen for a 1024-bit RSA key, it will create two
+512-bit primes and multiply them. The result of this multiplication
+might be 1024 bits long, or it might be only 1023; so you may not
+get the exact length of key you asked for. This is perfectly normal,
+and you do not need to worry. The lengths should only ever differ by
+one, and there is no perceptible drop in security as a result.
+
+DSA keys are not created by multiplying primes together, so they
+should always be exactly the length you asked for.
+
 \S{puttygen-generate} The \q{Generate} button
 
 \cfg{winhelp-topic}{puttygen.generate}
@@ -268,9 +280,10 @@ Press the \q{Save private key} button. PuTTYgen will put up a dialog
 box asking you where to save the file. Select a directory, type in a
 file name, and press \q{Save}.
 
-This file is the one you will need to tell PuTTY to use for
-authentication (see \k{config-ssh-privkey}) or tell Pageant to load
-(see \k{pageant-mainwin-addkey}).
+This file is in PuTTY's native format (\c{*.PPK}); it is the one you
+will need to tell PuTTY to use for authentication (see
+\k{config-ssh-privkey}) or tell Pageant to load (see
+\k{pageant-mainwin-addkey}).
 
 \S{puttygen-savepub} Saving your public key to a disk file
 
@@ -352,12 +365,12 @@ another.
 Using the \q{Import} command from the \q{Conversions} menu, PuTTYgen
 can load SSH2 private keys in OpenSSH's format and \cw{ssh.com}'s
 format. Once you have loaded one of these key types, you can then
-save it back out as a PuTTY-format key so that you can use it with
-PuTTY. The passphrase will be unchanged by this process (unless you
-deliberately change it). You may want to change the key comment
-before you save the key, since OpenSSH's SSH2 key format contains no
-space for a comment and \cw{ssh.com}'s default comment format is
-long and verbose.
+save it back out as a PuTTY-format key (\c{*.PPK}) so that you can use
+it with the PuTTY suite. The passphrase will be unchanged by this
+process (unless you deliberately change it). You may want to change
+the key comment before you save the key, since OpenSSH's SSH2 key
+format contains no space for a comment and \cw{ssh.com}'s default
+comment format is long and verbose.
 
 PuTTYgen can also export private keys in OpenSSH format and in
 \cw{ssh.com} format. To do so, select one of the \q{Export} options
@@ -406,10 +419,10 @@ that server.
 You may also need to ensure that your home directory, your \c{.ssh}
 directory, and any other files involved (such as
 \c{authorized_keys}, \c{authorized_keys2} or \c{authorization}) are
-not group-writable. You can typically do this by using a command
-such as
+not group-writable or world-writable. You can typically do this by
+using a command such as
 
-\c chmod g-w $HOME $HOME/.ssh $HOME/.ssh/authorized_keys
+\c chmod go-w $HOME $HOME/.ssh $HOME/.ssh/authorized_keys
 
 Your server should now be configured to accept authentication using
 your private key. Now you need to configure PuTTY to \e{attempt}