4.26 The Bugs and More Bugs panelsNot all SSH servers work properly. Various existing servers have bugs in them, which can make it impossible for a client to talk to them unless it knows about the bug and works around it.
Since most servers announce their software version number at the beginning of the SSH connection, PuTTY will attempt to detect which bugs it can expect to see in the server and automatically enable workarounds. However, sometimes it will make mistakes; if the server has been deliberately configured to conceal its version number, or if the server is a version which PuTTY's bug database does not know about, then PuTTY will not know what bugs to expect.
The Bugs and More Bugs panels (there are two because we have so many bug compatibility modes) allow you to manually configure the bugs PuTTY expects to see in the server. Each bug can be configured in three states:
•‘Off’: PuTTY will assume the server does not have the bug.
•‘On’: PuTTY will assume the server does have the bug.
•‘Auto’: PuTTY will use the server's version number announcement to try to guess whether or not the server has the bug.
4.26.1 ‘Chokes on SSH-1 ignore messages’ An ignore message (SSH_MSG_IGNORE) is a message in the SSH protocol which can be sent from the client to the server, or from the server to the client, at any time. Either side is required to ignore the message whenever it receives it. PuTTY uses ignore messages to hide the password packet in SSH-1, so that a listener cannot tell the length of the user's password; it also uses ignore messages for connection keepalives (see section 4.13.1
). If this bug is detected, PuTTY will stop using ignore messages. This means that keepalives will stop working, and PuTTY will have to fall back to a secondary defence against SSH-1 password-length eavesdropping. See section 4.26.2
. If this bug is enabled when talking to a correct server, the session will succeed, but keepalives will not work and the session might be more vulnerable to eavesdroppers than it could be. 4.26.2 ‘Refuses all SSH-1 password camouflage’ When talking to an SSH-1 server which cannot deal with ignore messages (see section 4.26.1
), PuTTY will attempt to disguise the length of the user's password by sending additional padding within the password packet. This is technically a violation of the SSH-1 specification, and so PuTTY will only do it when it cannot use standards-compliant ignore messages as camouflage. In this sense, for a server to refuse to accept a padded password packet is not really a bug, but it does make life inconvenient if the server can also not handle ignore messages. If this ‘bug’ is detected, PuTTY will assume that neither ignore messages nor padding are acceptable, and that it thus has no choice but to send the user's password with no form of camouflage, so that an eavesdropping user will be easily able to find out the exact length of the password. If this bug is enabled when talking to a correct server, the session will succeed, but will be more vulnerable to eavesdroppers than it could be.
This is an SSH-1-specific bug. SSH-2 is secure against this type of attack.
4.26.3 ‘Chokes on SSH-1 RSA authentication’