I normally wouldn't post about any old software release, but with the recent discussion of SSH and authentication these release notes from PuTTY seem appropriate.
- Marsh http://lists.tartarus.org/pipermail/putty-announce/2011/000016.html
It's been more than four years since 0.60 was released, and we've had quite a lot of email asking if PuTTY was still under development, and occasionally asking if we were even still alive. Well, we are, and it has been! Sorry about the long wait. New features in 0.61 include: - Support for SSH-2 authentication using GSSAPI, on both Windows and Unix. Users in a Kerberos realm should now be able to use their existing Kerberos single sign-on in their PuTTY SSH connections. (While this has been successfully deployed in several realms, some small gaps are known to exist in this functionality, and we would welcome further testing and advice from Kerberos experts.)
- On Windows: PuTTY's X11 forwarding can now authenticate with the local X server, if you point it at an X authority file where it can find the authentication details. So you can now use Windows PuTTY with X forwarding and not have to open your X server up to all connections from localhost.
- A small but important feature: you can now manually tell PuTTY the name of the host you expect to end up talking to, in cases where that differs from where it's physically connecting to (e.g. when port forwarding). If you do this, the host key will be looked up and cached under the former name.
- Assorted optimisation and speedup work. SSH key exchange should be faster by about a factor of three compared to 0.60; SSH-2 connections are started up in a way that reduces the number of network round trip delays; SSH-2 window management has also been revised to reduce round trip delays during any large-volume data transfer (including port forwardings as well as SFTP/SCP).
- Support for OpenSSH's security-tweaked form of SSH compression (so PuTTY can now use compression again when talking to modern OpenSSH servers).
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography