X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/9accb45de1f2c8588fb1d798a65eba1c6c288778..f9908cf7ef04deace24c6d8626e5b907c8f5704d:/doc/faq.but

diff --git a/doc/faq.but b/doc/faq.but
index 1d849a35..2916a92e 100644
--- a/doc/faq.but
+++ b/doc/faq.but
@@ -1,4 +1,4 @@
-\versionid $Id: faq.but,v 1.24 2002/04/01 15:18:29 simon Exp $
+\versionid $Id: faq.but,v 1.31 2002/08/09 09:11:09 simon Exp $
 
 \A{faq} PuTTY FAQ
 
@@ -37,10 +37,9 @@ version 0.52.
 \S{faq-ssh2-keyfmt}{Question} Does PuTTY support reading OpenSSH or
 \cw{ssh.com} SSHv2 private key files?
 
-Not at present. OpenSSH and \cw{ssh.com} have totally different
-formats for private key files, and neither one is particularly
-pleasant, so PuTTY has its own. We do plan to write a converter at
-some stage.
+Version 0.52 doesn't, but in the latest development snapshots
+PuTTYgen can load and save both OpenSSH and \cw{ssh.com} private key
+files.
 
 \S{faq-ssh1}{Question} Does PuTTY support SSH v1?
 
@@ -739,6 +738,21 @@ For more details and OpenSSH patches, see
 \W{http://bugzilla.mindrot.org/show_bug.cgi?id=138}{bug 138} in the
 OpenSSH BTS.
 
+\e{Update:} As of OpenSSH 3.4p1 the problem with SSH 1 and Blowfish
+remains. Apply the patch linked to from bug 138, or use another cipher
+(e.g., 3DES) instead.
+
+\S{faq-ssh2key-ssh1conn}{Question} Why do I see "Couldn't load private
+key from ..."? Why can PuTTYgen load my key but not PuTTY?
+
+It's likely that you've generated an SSH protocol 2 key with PuTTYgen,
+but you're trying to use it in an SSH 1 connection. SSH1 and SSH2 keys
+have different formats, and (at least in 0.52) PuTTY's reporting of a
+key in the wrong format isn't optimal.
+
+To connect using SSH 2 to a server that supports both versions, you
+need to change the configuration from the default (see \k{faq-ssh2}).
+
 \H{faq-secure} Security questions
 
 \S{faq-publicpc}{Question} Is it safe for me to download PuTTY and
@@ -781,6 +795,16 @@ all. For this reason we now believe PuTTY's DSA implementation is
 probably OK. However, if you have the choice, we still recommend you
 use RSA instead.
 
+\S{faq-virtuallock}{Question} Couldn't Pageant use \c{VirtualLock()}
+to stop private keys being written to disk?
+
+Unfortunately not. The \c{VirtualLock()} function in the Windows API
+doesn't do a proper job: it may prevent small pieces of a process's
+memory from being paged to disk while the process is running, but it
+doesn't stop the process's memory as a whole from being swapped
+completely out to disk when the process is long-term inactive. And
+Pageant spends most of its time inactive.
+
 \H{faq-admin} Administrative questions
 
 \S{faq-domain}{Question} Would you like me to register you a nicer
@@ -878,6 +902,15 @@ developers. If you want to be sure your donation is going towards
 something worthwhile, ask us first. If you don't like these terms,
 feel perfectly free not to donate. We don't mind.
 
+\H{faq-misc} Miscellaneous questions
+
+\S{faq-openssh}{Question} Is PuTTY a port of OpenSSH, or based on
+OpenSSH?
+
+No, it isn't. PuTTY is almost completely composed of code written
+from scratch for PuTTY. The only code we share with OpenSSH is the
+detector for SSH1 CRC compensation attacks, written by CORE SDI S.A.
+
 \S{faq-sillyputty}{Question} Where can I buy silly putty?
 
 You're looking at the wrong web site; the only PuTTY we know about