Home |
Licence |
FAQ |
Docs |
Download |
Keys |
Links
Mirrors |
Updates |
Feedback |
Changes |
Wishlist |
Team
The addition of ssh2-rsa-kex has caused a problem with the KEX algorithm preference list, in that while the new default list puts RSA ahead of WARN, loading a saved session from an older PuTTY version that didn't support RSA KEX will leave RSA after warn. This is an inherent consequence of the way gprefs() works.
Fixing the problem isn't trivial. In this case, it would probably be reasonable to promote RSA to just above WARN if it's absent, but there probably isn't a suitable general rule. Another approach would be to scrap the preference lists and have a better cipher selection mechanism.
Audit trail for this bug.