Kid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 7 months agoWidely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attackthehackernews.comexternal-linkmessage-square3fedilinkarrow-up158arrow-down11
arrow-up157arrow-down1external-linkWidely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attackthehackernews.comKid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 7 months agomessage-square3fedilink
minus-squarem-p{3}@lemmy.calinkfedilinkEnglisharrow-up10·7 months agoI’d consider the ecdsa-sha2-nistp521 private keys used with those versions as compromised, and suggest generating new private keys asap.
minus-squareleds@feddit.dklinkfedilinkEnglisharrow-up3·7 months agoDoes anyone know if the new versions of putty (or applications using putty likeTortoiseGIT) will warn users about this?
I’d consider the
ecdsa-sha2-nistp521private keys used with those versions as compromised, and suggest generating new private keys asap.Does anyone know if the new versions of putty (or applications using putty likeTortoiseGIT) will warn users about this?