PuTTY bug hostkey-rekey

This is a mirror. Follow this link to find the primary PuTTY web site.

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Snapshot | Docs | Changes | Wishlist

summary: If the host key isn't saved, rekeys cause another warning
class: bug: This is clearly an actual problem we want fixed.
difficulty: fun: Just needs tuits, and not many of them.
priority: medium: This should be fixed one day.
present-in: 0.58
fixed-in: r10027 b8e668cd9b5702ff5c6a0178af5ab6dfed038d2e (0.64)

There's currently undesirable behaviour if you answer "accept once" for a host key at startup and then leave the connection open for long enough to trigger a rekey: since the host key has only been accepted once, the confirmation message is put up again, which is pretty nasty (especially in the command-line tools). Certainly at the very least we should treat "accept once" on a host key to mean accept for the whole of a session rather than for a single KEX; additionally, we probably ought to think about some sort of sensible behaviour if a different host key to that we originally accepted is used at rekey time, or if the key in the client's cache has changed.

If you want to comment on this web site, see the Feedback page.
Audit trail for this bug.
(last revision of this bug record was at 2016-12-27 11:40:21 +0000)