X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=doc%2Ferrors.but;h=e221a2d912cce090c2518292fdf82dfd6027b9a3;hb=e22120fea8d39e6a2ef6b2f4ab3ee5502f56169a;hp=2369b4cef840833407773a9fde203901a5129470;hpb=3a79eff8e2dcc7a7855e535e29e1ce3512087e18;p=PuTTY.git diff --git a/doc/errors.but b/doc/errors.but index 2369b4ce..e221a2d9 100644 --- a/doc/errors.but +++ b/doc/errors.but @@ -1,5 +1,3 @@ -\define{versioniderrors} \versionid $Id$ - \C{errors} Common \i{error messages} This chapter lists a number of common error messages which PuTTY and @@ -58,16 +56,24 @@ in the same way as you would if it was new. See \k{gs-hostkey} for more information on host keys. -\H{errors-portfwd-space} \q{Out of space for port forwardings} +\H{errors-ssh-protocol} \q{SSH protocol version 2 required by our +configuration but server only provides (old, insecure) SSH-1} + +By default, PuTTY only supports connecting to SSH servers that +implement \i{SSH protocol version 2}. If you see this message, the +server you're trying to connect to only supports the older SSH-1 +protocol. -PuTTY has a fixed-size buffer which it uses to store the details of -all \i{port forwardings} you have set up in an SSH session. If you -specify too many port forwardings on the PuTTY or Plink command line -and this buffer becomes full, you will see this error message. +If the server genuinely only supports SSH-1, then you need to either +change the \q{SSH protocol version} setting (see \k{config-ssh-prot}), +or use the \c{-1} command-line option; in any case, you should not +treat the resulting connection as secure. -We need to fix this (fixed-size buffers are almost always a mistake) -but we haven't got round to it. If you actually have trouble with -this, let us know and we'll move it up our priority list. +You might start seeing this message with new versions of PuTTY +\#{XXX-REVIEW-BEFORE-RELEASE: (from 0.XX onwards)} +where you didn't before, because it used to be possible to configure +PuTTY to automatically fall back from SSH-2 to SSH-1. This is no +longer supported, to prevent the possibility of a downgrade attack. \H{errors-cipher-warning} \q{The first cipher supported by the server is ... below the configured warning threshold} @@ -182,6 +188,9 @@ user's home directory on the server. Also, read the PuTTY Event Log; the server may have sent diagnostic messages explaining exactly what problem it had with your setup. +\K{pubkey-gettingready} has some hints on server-side public key +setup. + \H{errors-access-denied} \q{Access denied}, \q{Authentication refused} Various forms of this error are printed in the PuTTY window, or @@ -200,8 +209,15 @@ the various strategies we use for camouflaging passwords in transit. Upgrade your server, or use the workarounds described in \k{config-ssh-bug-ignore1} and possibly \k{config-ssh-bug-plainpw1}. +\H{errors-no-auth} \q{No supported authentication methods available} + +This error indicates that PuTTY has run out of ways to authenticate +you to an SSH server. This may be because PuTTY has TIS or +keyboard-interactive authentication disabled, in which case +\k{config-ssh-tis} and \k{config-ssh-ki}. + \H{errors-crc} \q{Incorrect \i{CRC} received on packet} or \q{Incorrect -MAC received on packet} +\i{MAC} received on packet} This error occurs when PuTTY decrypts an SSH packet and its checksum is not correct. This probably means something has gone wrong in the @@ -228,9 +244,10 @@ gone wrong in the encryption or decryption process. It's difficult to tell from this error message whether the problem is in the client, in the server, or in between. -If you get this error, one thing you could try would be to fiddle -with the setting of \q{Miscomputes SSH-2 encryption keys} on the Bugs -panel (see \k{config-ssh-bug-derivekey2}). +If you get this error, one thing you could try would be to fiddle with +the setting of \q{Miscomputes SSH-2 encryption keys} (see +\k{config-ssh-bug-derivekey2}) or \q{Ignores SSH-2 maximum packet +size} (see \k{config-ssh-bug-maxpkt2}) on the Bugs panel . Another known server problem which can cause this error is described in \k{faq-openssh-bad-openssl} in the FAQ. @@ -340,3 +357,13 @@ things into PuTTY while the network is down, but it can also occur if PuTTY decides of its own accord to send data: due to a repeat key exchange in SSH-2 (see \k{config-ssh-kex-rekey}) or due to keepalives (\k{config-keepalive}). + +\H{errors-cannotassignaddress} \q{Network error: Cannot assign requested +address} + +This means that the operating system rejected the parameters of the +network connection PuTTY tried to make, usually without actually +trying to connect to anything, because they were simply invalid. + +A common way to provoke this error is to accidentally try to connect +to port 0, which is not a valid port number.