-\define{versioniderrors} \versionid $Id$
-
\C{errors} Common \i{error messages}
This chapter lists a number of common error messages which PuTTY and
See \k{gs-hostkey} for more information on host keys.
-\H{errors-portfwd-space} \q{Out of space for port forwardings}
+\H{errors-ssh-protocol} \q{SSH protocol version 2 required by our
+configuration but server only provides (old, insecure) SSH-1}
+
+By default, PuTTY only supports connecting to SSH servers that
+implement \i{SSH protocol version 2}. If you see this message, the
+server you're trying to connect to only supports the older SSH-1
+protocol.
-PuTTY has a fixed-size buffer which it uses to store the details of
-all \i{port forwardings} you have set up in an SSH session. If you
-specify too many port forwardings on the PuTTY or Plink command line
-and this buffer becomes full, you will see this error message.
+If the server genuinely only supports SSH-1, then you need to either
+change the \q{SSH protocol version} setting (see \k{config-ssh-prot}),
+or use the \c{-1} command-line option; in any case, you should not
+treat the resulting connection as secure.
-We need to fix this (fixed-size buffers are almost always a mistake)
-but we haven't got round to it. If you actually have trouble with
-this, let us know and we'll move it up our priority list.
+You might start seeing this message with new versions of PuTTY
+\#{XXX-REVIEW-BEFORE-RELEASE: (from 0.XX onwards)}
+where you didn't before, because it used to be possible to configure
+PuTTY to automatically fall back from SSH-2 to SSH-1. This is no
+longer supported, to prevent the possibility of a downgrade attack.
\H{errors-cipher-warning} \q{The first cipher supported by the server is
... below the configured warning threshold}
the server may have sent diagnostic messages explaining exactly what
problem it had with your setup.
+\K{pubkey-gettingready} has some hints on server-side public key
+setup.
+
\H{errors-access-denied} \q{Access denied}, \q{Authentication refused}
Various forms of this error are printed in the PuTTY window, or
Upgrade your server, or use the workarounds described in
\k{config-ssh-bug-ignore1} and possibly \k{config-ssh-bug-plainpw1}.
+\H{errors-no-auth} \q{No supported authentication methods available}
+
+This error indicates that PuTTY has run out of ways to authenticate
+you to an SSH server. This may be because PuTTY has TIS or
+keyboard-interactive authentication disabled, in which case
+\k{config-ssh-tis} and \k{config-ssh-ki}.
+
\H{errors-crc} \q{Incorrect \i{CRC} received on packet} or \q{Incorrect
-MAC received on packet}
+\i{MAC} received on packet}
This error occurs when PuTTY decrypts an SSH packet and its checksum
is not correct. This probably means something has gone wrong in the
to tell from this error message whether the problem is in the client,
in the server, or in between.
-If you get this error, one thing you could try would be to fiddle
-with the setting of \q{Miscomputes SSH-2 encryption keys} on the Bugs
-panel (see \k{config-ssh-bug-derivekey2}).
+If you get this error, one thing you could try would be to fiddle with
+the setting of \q{Miscomputes SSH-2 encryption keys} (see
+\k{config-ssh-bug-derivekey2}) or \q{Ignores SSH-2 maximum packet
+size} (see \k{config-ssh-bug-maxpkt2}) on the Bugs panel .
Another known server problem which can cause this error is described
in \k{faq-openssh-bad-openssl} in the FAQ.
if PuTTY decides of its own accord to send data: due to a repeat key
exchange in SSH-2 (see \k{config-ssh-kex-rekey}) or due to
keepalives (\k{config-keepalive}).
+
+\H{errors-cannotassignaddress} \q{Network error: Cannot assign requested
+address}
+
+This means that the operating system rejected the parameters of the
+network connection PuTTY tried to make, usually without actually
+trying to connect to anything, because they were simply invalid.
+
+A common way to provoke this error is to accidentally try to connect
+to port 0, which is not a valid port number.
projects / PuTTY.git / blobdiff