X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=doc%2Fusing.but;h=fc5859cf97b60269ac557959cb480f021da53d7d;hb=145ecf611238c4f1e39d89d3eee40319a2c54fe8;hp=0a05c2e27d35bbcaa4fe371fbe1f15b44ba89b59;hpb=8b4c43d6d23840b3d0d7266adc273bd001dedd22;p=PuTTY.git diff --git a/doc/using.but b/doc/using.but index 0a05c2e2..fc5859cf 100644 --- a/doc/using.but +++ b/doc/using.but @@ -201,6 +201,29 @@ resets associated timers and counters). For more information about repeat key exchanges, see \k{config-ssh-kex-rekey}. } +\b \I{host key cache}Cache new host key type + +\lcont{ +Only available in SSH-2. This submenu appears only if the server has +host keys of a type that PuTTY doesn't already have cached, and so +won't consider. Selecting a key here will allow PuTTY to use that key +now and in future: PuTTY will do a fresh key-exchange with the selected +key, and immediately add that key to its permanent cache (relying on +the host key used at the start of the connection to cross-certify the +new key). That key will be used for the rest of the current session; +it may not actually be used for future sessions, depending on your +preferences (see \k{config-ssh-hostkey-order}). + +Normally, PuTTY will carry on using a host key it already knows, even +if the server offers key formats that PuTTY would otherwise prefer, +to avoid host key prompts. As a result, if you've been using a server +for some years, you may still be using an older key than a new user +would use, due to server upgrades in the meantime. The SSH protocol +unfortunately does not have organised facilities for host key migration +and rollover, but this allows you to \I{host keys, upgrading}manually +upgrade. +} + \b \I{Break, SSH special command}Break \lcont{ @@ -877,9 +900,8 @@ The \c{-1} and \c{-2} options force PuTTY to use version \I{SSH-1}1 or version \I{SSH-2}2 of the SSH protocol. These options are only meaningful if you are using SSH. -These options are equivalent to selecting your preferred SSH -protocol version as \q{1 only} or \q{2 only} in the SSH panel of the -PuTTY configuration box (see \k{config-ssh-prot}). +These options are equivalent to selecting the SSH protocol version in +the SSH panel of the PuTTY configuration box (see \k{config-ssh-prot}). \S2{using-cmdline-ipversion} \i\c{-4} and \i\c{-6}: specify an \i{Internet protocol version} @@ -912,22 +934,22 @@ authentication} box in the Auth panel of the PuTTY configuration box \S2{using-cmdline-loghost} \i\c{-loghost}: specify a \i{logical host name} -This option overrides PuTTY's normal SSH host key caching policy by -telling it the name of the host you expect your connection to end up -at (in cases where this differs from the location PuTTY thinks it's -connecting to). It can be a plain host name, or a host name followed -by a colon and a port number. See \k{config-loghost} for more detail -on this. +This option overrides PuTTY's normal SSH \I{host key cache}host key +caching policy by telling it the name of the host you expect your +connection to end up at (in cases where this differs from the location +PuTTY thinks it's connecting to). It can be a plain host name, or a +host name followed by a colon and a port number. See +\k{config-loghost} for more detail on this. \S2{using-cmdline-hostkey} \i\c{-hostkey}: \I{manually configuring host keys}manually specify an expected host key -This option overrides PuTTY's normal SSH host key caching policy by -telling it exactly what host key to expect, which can be useful if the -normal automatic host key store in the Registry is unavailable. The -argument to this option should be either a host key fingerprint, or an -SSH-2 public key blob. See \k{config-ssh-kex-manual-hostkeys} for more -information. +This option overrides PuTTY's normal SSH \I{host key cache}host key +caching policy by telling it exactly what host key to expect, which +can be useful if the normal automatic host key store in the Registry +is unavailable. The argument to this option should be either a host key +fingerprint, or an SSH-2 public key blob. See +\k{config-ssh-kex-manual-hostkeys} for more information. You can specify this option more than once if you want to configure more than one key to be accepted.