X-Git-Url: https://git.distorted.org.uk/~mdw/sgt/putty/blobdiff_plain/94cd7c3a9121a0a77d0d682f6affb9c00bf695b5..3d5040f8f85f049cbb072a827a6184b4b4314b08:/doc/errors.but diff --git a/doc/errors.but b/doc/errors.but index 7cdda2fd..48250d6b 100644 --- a/doc/errors.but +++ b/doc/errors.but @@ -58,17 +58,6 @@ in the same way as you would if it was new. See \k{gs-hostkey} for more information on host keys. -\H{errors-portfwd-space} \q{Out of space for port forwardings} - -PuTTY has a fixed-size buffer which it uses to store the details of -all \i{port forwardings} you have set up in an SSH session. If you -specify too many port forwardings on the PuTTY or Plink command line -and this buffer becomes full, you will see this error message. - -We need to fix this (fixed-size buffers are almost always a mistake) -but we haven't got round to it. If you actually have trouble with -this, let us know and we'll move it up our priority list. - \H{errors-cipher-warning} \q{The first cipher supported by the server is ... below the configured warning threshold} @@ -89,7 +78,7 @@ This can easily happen if you are using Pageant and have a large number of keys loaded into it, since these servers count each offer of a public key as an authentication attempt. This can be worked around by specifying the key that's required for the authentication in -the PuTTY configuration (see \k{config-ssh-privkey}; PuTTY will ignore +the PuTTY configuration (see \k{config-ssh-privkey}); PuTTY will ignore any other keys Pageant may have, but will ask Pageant to do the authentication, so that you don't have to type your passphrase. @@ -182,6 +171,9 @@ user's home directory on the server. Also, read the PuTTY Event Log; the server may have sent diagnostic messages explaining exactly what problem it had with your setup. +\K{pubkey-gettingready} has some hints on server-side public key +setup. + \H{errors-access-denied} \q{Access denied}, \q{Authentication refused} Various forms of this error are printed in the PuTTY window, or @@ -200,8 +192,15 @@ the various strategies we use for camouflaging passwords in transit. Upgrade your server, or use the workarounds described in \k{config-ssh-bug-ignore1} and possibly \k{config-ssh-bug-plainpw1}. +\H{errors-no-auth} \q{No supported authentication methods available} + +This error indicates that PuTTY has run out of ways to authenticate +you to an SSH server. This may be because PuTTY has TIS or +keyboard-interactive authentication disabled, in which case +\k{config-ssh-tis} and \k{config-ssh-ki}. + \H{errors-crc} \q{Incorrect \i{CRC} received on packet} or \q{Incorrect -MAC received on packet} +\i{MAC} received on packet} This error occurs when PuTTY decrypts an SSH packet and its checksum is not correct. This probably means something has gone wrong in the @@ -209,6 +208,14 @@ encryption or decryption process. It's difficult to tell from this error message whether the problem is in the client, in the server, or in between. +In particular, if the network is corrupting data at the TCP level, it +may only be obvious with cryptographic protocols such as SSH, which +explicitly check the integrity of the transferred data and complain +loudly if the checks fail. Corruption of protocols without integrity +protection (such as HTTP) will manifest in more subtle failures (such +as misdisplayed text or images in a web browser) which may not be +noticed. + A known server problem which can cause this error is described in \k{faq-openssh-bad-openssl} in the FAQ. @@ -220,9 +227,10 @@ gone wrong in the encryption or decryption process. It's difficult to tell from this error message whether the problem is in the client, in the server, or in between. -If you get this error, one thing you could try would be to fiddle -with the setting of \q{Miscomputes SSH-2 encryption keys} on the Bugs -panel (see \k{config-ssh-bug-derivekey2}). +If you get this error, one thing you could try would be to fiddle with +the setting of \q{Miscomputes SSH-2 encryption keys} (see +\k{config-ssh-bug-derivekey2}) or \q{Ignores SSH-2 maximum packet +size} (see \k{config-ssh-bug-maxpkt2}) on the Bugs panel . Another known server problem which can cause this error is described in \k{faq-openssh-bad-openssl} in the FAQ.