X-Git-Url: https://git.distorted.org.uk/~mdw/sgt/putty/blobdiff_plain/f9908cf7ef04deace24c6d8626e5b907c8f5704d..1549e076bc8f485888261a3b97ce35e442b5fda9:/doc/faq.but

diff --git a/doc/faq.but b/doc/faq.but
index 2916a92e..2592e50c 100644
--- a/doc/faq.but
+++ b/doc/faq.but
@@ -1,4 +1,4 @@
-\versionid $Id: faq.but,v 1.31 2002/08/09 09:11:09 simon Exp $
+\versionid $Id: faq.but,v 1.35 2002/09/14 10:24:27 jacob Exp $
 
 \A{faq} PuTTY FAQ
 
@@ -193,7 +193,7 @@ We do not have ports for any other systems at the present time. If
 anyone told you we had a Unix port, or an iPaq port, or any other
 port of PuTTY, they were mistaken. We don't.
 
-\S{faq-wince}{Question} Will there be a port to Windows CE?
+\S{faq-wince}{Question} Will there be a port to Windows CE or PocketPC?
 
 Probably not in the particularly near future. Despite sharing large
 parts of the Windows API, in practice WinCE doesn't appear to be
@@ -712,17 +712,22 @@ You should still read the
 page} on the PuTTY website (also provided as \k{feedback} in the
 manual), and follow the guidelines contained in that.
 
-\S{faq-broken-openssh31}{Question} Since my SSH server was upgraded to
-OpenSSH 3.1p1, I can no longer connect with PuTTY.
+\S{faq-openssh-bad-openssl}{Question} Since my SSH server was upgraded
+to OpenSSH 3.1p1/3.4p1, I can no longer connect with PuTTY.
 
 There is a known problem when OpenSSH has been built against an
 incorrect version of OpenSSL; the quick workaround is to configure
 PuTTY to use SSH protocol 2 and the Blowfish cipher.
 
+For more details and OpenSSH patches, see
+\W{http://bugzilla.mindrot.org/show_bug.cgi?id=138}{bug 138} in the
+OpenSSH BTS.
+
 This is not a PuTTY-specific problem; if you try to connect with
-another client you'll likely have similar problems.
+another client you'll likely have similar problems. (Although PuTTY's
+default cipher differs from many other clients.)
 
-Configurations known to be broken (and symptoms):
+\e{OpenSSH 3.1p1:} configurations known to be broken (and symptoms):
 
 \b SSH 2 with AES cipher (PuTTY says "Assertion failed! Expression:
 (len & 15) == 0" in sshaes.c, or "Out of memory", or crashes)
@@ -734,13 +739,13 @@ packet")
 
 \b SSH 1 with 3DES
 
-For more details and OpenSSH patches, see
-\W{http://bugzilla.mindrot.org/show_bug.cgi?id=138}{bug 138} in the
-OpenSSH BTS.
+\e{OpenSSH 3.4p1:} as of 3.4p1, only the problem with SSH 1 and
+Blowfish remains. Rebuild your server, apply the patch linked to from
+bug 138 above, or use another cipher (e.g., 3DES) instead.
 
-\e{Update:} As of OpenSSH 3.4p1 the problem with SSH 1 and Blowfish
-remains. Apply the patch linked to from bug 138, or use another cipher
-(e.g., 3DES) instead.
+\e{Other versions:} we occasionally get reports of the same symptom
+and workarounds with older versions of OpenSSH, although it's not
+clear the underlying cause is the same.
 
 \S{faq-ssh2key-ssh1conn}{Question} Why do I see "Couldn't load private
 key from ..."? Why can PuTTYgen load my key but not PuTTY?
@@ -795,15 +800,15 @@ all. For this reason we now believe PuTTY's DSA implementation is
 probably OK. However, if you have the choice, we still recommend you
 use RSA instead.
 
-\S{faq-virtuallock}{Question} Couldn't Pageant use \c{VirtualLock()}
-to stop private keys being written to disk?
+\S{faq-virtuallock}{Question} Couldn't Pageant use
+\cw{VirtualLock()} to stop private keys being written to disk?
 
-Unfortunately not. The \c{VirtualLock()} function in the Windows API
-doesn't do a proper job: it may prevent small pieces of a process's
-memory from being paged to disk while the process is running, but it
-doesn't stop the process's memory as a whole from being swapped
-completely out to disk when the process is long-term inactive. And
-Pageant spends most of its time inactive.
+Unfortunately not. The \cw{VirtualLock()} function in the Windows
+API doesn't do a proper job: it may prevent small pieces of a
+process's memory from being paged to disk while the process is
+running, but it doesn't stop the process's memory as a whole from
+being swapped completely out to disk when the process is long-term
+inactive. And Pageant spends most of its time inactive.
 
 \H{faq-admin} Administrative questions