-\versionid $Id: faq.but,v 1.31 2002/08/09 09:11:09 simon Exp $
+\versionid $Id: faq.but,v 1.35 2002/09/14 10:24:27 jacob Exp $
\A{faq} PuTTY FAQ
anyone told you we had a Unix port, or an iPaq port, or any other
port of PuTTY, they were mistaken. We don't.
-\S{faq-wince}{Question} Will there be a port to Windows CE?
+\S{faq-wince}{Question} Will there be a port to Windows CE or PocketPC?
Probably not in the particularly near future. Despite sharing large
parts of the Windows API, in practice WinCE doesn't appear to be
page} on the PuTTY website (also provided as \k{feedback} in the
manual), and follow the guidelines contained in that.
-\S{faq-broken-openssh31}{Question} Since my SSH server was upgraded to
-OpenSSH 3.1p1, I can no longer connect with PuTTY.
+\S{faq-openssh-bad-openssl}{Question} Since my SSH server was upgraded
+to OpenSSH 3.1p1/3.4p1, I can no longer connect with PuTTY.
There is a known problem when OpenSSH has been built against an
incorrect version of OpenSSL; the quick workaround is to configure
PuTTY to use SSH protocol 2 and the Blowfish cipher.
+For more details and OpenSSH patches, see
+\W{http://bugzilla.mindrot.org/show_bug.cgi?id=138}{bug 138} in the
+OpenSSH BTS.
+
This is not a PuTTY-specific problem; if you try to connect with
-another client you'll likely have similar problems.
+another client you'll likely have similar problems. (Although PuTTY's
+default cipher differs from many other clients.)
-Configurations known to be broken (and symptoms):
+\e{OpenSSH 3.1p1:} configurations known to be broken (and symptoms):
\b SSH 2 with AES cipher (PuTTY says "Assertion failed! Expression:
(len & 15) == 0" in sshaes.c, or "Out of memory", or crashes)
\b SSH 1 with 3DES
-For more details and OpenSSH patches, see
-\W{http://bugzilla.mindrot.org/show_bug.cgi?id=138}{bug 138} in the
-OpenSSH BTS.
+\e{OpenSSH 3.4p1:} as of 3.4p1, only the problem with SSH 1 and
+Blowfish remains. Rebuild your server, apply the patch linked to from
+bug 138 above, or use another cipher (e.g., 3DES) instead.
-\e{Update:} As of OpenSSH 3.4p1 the problem with SSH 1 and Blowfish
-remains. Apply the patch linked to from bug 138, or use another cipher
-(e.g., 3DES) instead.
+\e{Other versions:} we occasionally get reports of the same symptom
+and workarounds with older versions of OpenSSH, although it's not
+clear the underlying cause is the same.
\S{faq-ssh2key-ssh1conn}{Question} Why do I see "Couldn't load private
key from ..."? Why can PuTTYgen load my key but not PuTTY?
probably OK. However, if you have the choice, we still recommend you
use RSA instead.
-\S{faq-virtuallock}{Question} Couldn't Pageant use \c{VirtualLock()}
-to stop private keys being written to disk?
+\S{faq-virtuallock}{Question} Couldn't Pageant use
+\cw{VirtualLock()} to stop private keys being written to disk?
-Unfortunately not. The \c{VirtualLock()} function in the Windows API
-doesn't do a proper job: it may prevent small pieces of a process's
-memory from being paged to disk while the process is running, but it
-doesn't stop the process's memory as a whole from being swapped
-completely out to disk when the process is long-term inactive. And
-Pageant spends most of its time inactive.
+Unfortunately not. The \cw{VirtualLock()} function in the Windows
+API doesn't do a proper job: it may prevent small pieces of a
+process's memory from being paged to disk while the process is
+running, but it doesn't stop the process's memory as a whole from
+being swapped completely out to disk when the process is long-term
+inactive. And Pageant spends most of its time inactive.
\H{faq-admin} Administrative questions
~mdw / sgt / putty / blobdiff