PuTTY bug cmdline-pw-suppresses-antispoof

This is a mirror. Follow this link to find the primary PuTTY web site.

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Snapshot | Docs | Changes | Wishlist

summary: Use of -pwfile (and -pw) options suppresses Plink anti-spoofing defences
class: bug: This is clearly an actual problem we want fixed.
absent-in: 88d5bb2a222470f1f615d96384f3701f1406790d
present-in: a82ab70b0bf418a7c18d07e0090bbf194f795cbe 0.77
fixed-in: bdb3ac9f3b80b0c94c05261abc9cbe7b89a9ebea (0.78)

Since 0.77 (specifically the fix for cmdline-pw-fallback-to-interactive), using Plink's -pwfile option (or the deprecated -pw option) to supply a password would accidentally suppress Plink's anti-spoofing defence; the usual 'Access granted. Press Return to begin session' prompt that you get in an interactive session would not appear. (This is Plink-specific; other tools, such as PuTTY and PSFTP, are not affected.)

This is now fixed.

(It remains the case that if this prompt is inconvenient for you, and you aren't worried about the mischief it protects against, you can turn it off.)


If you want to comment on this web site, see the Feedback page.
Audit trail for this bug.
(last revision of this bug record was at 2022-10-28 23:51:12 +0100)