The reason it triggered my question is they had to do something similar to get the exploit to work (add +ssh-rsa to putty). Thanks, though, for the thoughtful reply.