PuTTY wish hostkey-policy

Home | Licence | FAQ | Docs | Download | Keys | Links
Mirrors | Updates | Feedback | Changes | Wishlist | Team

summary: Enhanced flexibility in SSH host key selection policy
class: wish: This is a request for an enhancement.
difficulty: tricky: Needs many tuits.
priority: medium: This should be fixed one day.

PuTTY's SSH-2 host key selection policy currently involves a fixed preference order of RSA then DSA. I occasionally think it would be good to add a preference list to tweak the policy, either to put DSA first (if you're really mad) or to move DSA to below the "warn below this line" line.

When there's a choice of host keys available for a host, perhaps PuTTY should adjust its stated preferences so that the ones it already has cached come first. Need to think about that a bit. At the very least, when a new host key prompt is given, PuTTY should mention if it already has host keys for a host in other formats - particularly important when the default protocol changes to SSH-2, or a server that previously offered DSS keys starts supporting RSA too.

Audit trail for this wish.

If you want to comment on this web site, see the Feedback page.
(last revision of this bug record was at 2008-09-28 19:02:56 +0100)