X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=doc%2Fconfig.but;h=361d68e3001374846544ad6f257d669c23c2d3f0;hb=bf94aecd95271ed16a79d378e58b701f64554100;hp=f125817693b19edef3c3f094f39baa61dbf9abfd;hpb=30896d650e987e1a8bc30f295d6291030b1ce7c8;p=PuTTY.git

diff --git a/doc/config.but b/doc/config.but
index f1258176..361d68e3 100644
--- a/doc/config.but
+++ b/doc/config.but
@@ -2200,8 +2200,21 @@ used:
 }
 
 PuTTY can be prevented from initiating a rekey entirely by setting
-both of these values to zero. (Note, however, that the SSH server may
-still initiate rekeys.)
+both of these values to zero. (Note, however, that the SSH
+\e{server} may still initiate rekeys.)
+
+You might have a need to disable rekeys completely for the same
+reasons that keepalives aren't always helpful. If you anticipate
+suffering a network dropout of several hours in the middle of an SSH
+connection, but were not actually planning to send \e{data} down
+that connection during those hours, then an attempted rekey in the
+middle of the dropout will probably cause the connection to be
+abandoned, whereas if rekeys are disabled then the connection should
+in principle survive (in the absence of interfering firewalls). See
+\k{config-keepalive} for more discussion of these issues; for these
+purposes, rekeys have much the same properties as keepalives.
+(Except that rekeys have cryptographic value in themselves, so you
+should bear that in mind when deciding whether to turn them off.)
 
 \H{config-ssh-auth} The Auth panel
 
@@ -2399,6 +2412,26 @@ address to listen on, by specifying (for instance) \c{127.0.0.5:79}.
 See \k{using-port-forwarding} for more information on how this
 works and its restrictions.
 
+You can modify the currently active set of port forwardings in
+mid-session using \q{Change Settings}. If you delete a local or
+dynamic port forwarding in mid-session, PuTTY will stop listening
+for connections on that port, so it can be re-used by another
+program. If you delete a remote port forwarding, note that:
+
+\b The SSHv1 protocol contains no mechanism for asking the server to
+stop listening on a remote port.
+
+\b The SSHv2 protocol does contain such a mechanism, but not all SSH
+servers support it. (In particular, OpenSSH does not support it in
+any version earlier than 3.9.)
+
+If you ask to delete a remote port forwarding and PuTTY cannot make
+the server actually stop listening on the port, it will instead just
+start refusing incoming connections on that port. Therefore,
+although the port cannot be reused by another program, you can at
+least be reasonably sure that server-side programs can no longer
+access the service at your end of the port forwarding.
+
 \S{config-ssh-portfwd-localhost} Controlling the visibility of
 forwarded ports