From 504396f4d20d730afa20eabc0abc37a695245f8c Mon Sep 17 00:00:00 2001
From: Jacob Nevins <jacobn@chiark.greenend.org.uk>
Date: Fri, 9 Jul 2021 23:55:15 +0100
Subject: Document -no-trivial-auth more thoroughly.

Origin: upstream, https://git.tartarus.org/?p=simon/putty.git;a=commit;h=413398af85b27cd83134f5618bd82f81758f9603
Bug-Debian: https://bugs.debian.org/990901
Last-Update: 2023-12-21

Patch-Name: no-trivial-auth-doc.patch
---
 doc/man-pl.but   | 9 +++++++++
 doc/man-pscp.but | 9 +++++++++
 doc/man-psft.but | 9 +++++++++
 doc/man-putt.but | 9 +++++++++
 doc/plink.but    | 2 ++
 doc/pscp.but     | 2 ++
 doc/using.but    | 9 +++++++++
 7 files changed, 49 insertions(+)

diff --git a/doc/man-pl.but b/doc/man-pl.but
index 179a926a..94d5ce0c 100644
--- a/doc/man-pl.but
+++ b/doc/man-pl.but
@@ -196,6 +196,15 @@ which of the agent's keys to use. }
 \dd Allow use of an authentication agent. (This option is only necessary
 to override a setting in a saved session.)
 
+\dt \cw{\-no\-trivial\-auth}
+
+\dd Disconnect from any SSH server which accepts authentication without
+ever having asked for any kind of password or signature or token. (You
+might want to enable this for a server you always expect to challenge
+you, for instance to ensure ensure you don't accidentally type your key
+file's passphrase into a compromised server spoofing Plink's passphrase
+prompt.)
+
 \dt \cw{\-noshare}
 
 \dd Don't test and try to share an existing connection, always make
diff --git a/doc/man-pscp.but b/doc/man-pscp.but
index 515e541f..9302565f 100644
--- a/doc/man-pscp.but
+++ b/doc/man-pscp.but
@@ -142,6 +142,15 @@ which of the agent's keys to use. }
 \dd Allow use of an authentication agent. (This option is only necessary
 to override a setting in a saved session.)
 
+\dt \cw{\-no\-trivial\-auth}
+
+\dd Disconnect from any SSH server which accepts authentication without
+ever having asked for any kind of password or signature or token. (You
+might want to enable this for a server you always expect to challenge
+you, for instance to ensure ensure you don't accidentally type your key
+file's passphrase into a compromised server spoofing PSCP's passphrase
+prompt.)
+
 \dt \cw{\-hostkey} \e{key}
 
 \dd Specify an acceptable host public key. This option may be specified
diff --git a/doc/man-psft.but b/doc/man-psft.but
index c1329d0e..6da5f6c3 100644
--- a/doc/man-psft.but
+++ b/doc/man-psft.but
@@ -130,6 +130,15 @@ which of the agent's keys to use. }
 \dd Allow use of an authentication agent. (This option is only necessary
 to override a setting in a saved session.)
 
+\dt \cw{\-no\-trivial\-auth}
+
+\dd Disconnect from any SSH server which accepts authentication without
+ever having asked for any kind of password or signature or token. (You
+might want to enable this for a server you always expect to challenge
+you, for instance to ensure ensure you don't accidentally type your key
+file's passphrase into a compromised server spoofing PSFTP's passphrase
+prompt.)
+
 \dt \cw{\-hostkey} \e{key}
 
 \dd Specify an acceptable host public key. This option may be specified
diff --git a/doc/man-putt.but b/doc/man-putt.but
index cb7cca47..ccb16bb2 100644
--- a/doc/man-putt.but
+++ b/doc/man-putt.but
@@ -276,6 +276,15 @@ which of the agent's keys to use. }
 \dd Allow use of an authentication agent. (This option is only necessary
 to override a setting in a saved session.)
 
+\dt \cw{\-no\-trivial\-auth}
+
+\dd Disconnect from any SSH server which accepts authentication without
+ever having asked for any kind of password or signature or token. (You
+might want to enable this for a server you always expect to challenge
+you, for instance to ensure ensure you don't accidentally type your key
+file's passphrase into a compromised server spoofing PuTTY's passphrase
+prompt.)
+
 \dt \cw{\-hostkey} \e{key}
 
 \dd Specify an acceptable host public key. This option may be specified
diff --git a/doc/plink.but b/doc/plink.but
index ea622151..cabeb61c 100644
--- a/doc/plink.but
+++ b/doc/plink.but
@@ -75,6 +75,8 @@ use Plink:
 \c   -i key    private key file for user authentication
 \c   -noagent  disable use of Pageant
 \c   -agent    enable use of Pageant
+\c   -no-trivial-auth
+\c             disconnect if SSH authentication succeeds trivially
 \c   -noshare  disable use of connection sharing
 \c   -share    enable use of connection sharing
 \c   -hostkey aa:bb:cc:...
diff --git a/doc/pscp.but b/doc/pscp.but
index c8585764..82f04842 100644
--- a/doc/pscp.but
+++ b/doc/pscp.but
@@ -60,6 +60,8 @@ use PSCP:
 \c   -i key    private key file for user authentication
 \c   -noagent  disable use of Pageant
 \c   -agent    enable use of Pageant
+\c   -no-trivial-auth
+\c             disconnect if SSH authentication succeeds trivially
 \c   -hostkey aa:bb:cc:...
 \c             manually specify a host key (may be repeated)
 \c   -batch    disable all interactive prompts
diff --git a/doc/using.but b/doc/using.but
index 82a9033a..5fadc043 100644
--- a/doc/using.but
+++ b/doc/using.but
@@ -949,6 +949,15 @@ This option is equivalent to the \q{Private key file for
 authentication} box in the Auth panel of the PuTTY configuration box
 (see \k{config-ssh-privkey}).
 
+\S2{using-cmdline-no-trivial-auth} \i\c{-no-trivial-auth}: disconnect
+if SSH authentication succeeds trivially
+
+This option causes PuTTY to abandon an SSH session if the server
+accepts authentication without ever having asked for any kind of
+password or signature or token.
+
+See \k{config-ssh-notrivialauth} for why you might want this.
+
 \S2{using-cmdline-loghost} \i\c{-loghost}: specify a \i{logical host
 name}