1. Forum
  2. Usenet
  3. COMP.SECURITY.SSH

  • PuTTY 0.78 is released

    From Simon Tatham@21:1/5 to All on Sat Oct 29 09:10:12 2022
    PuTTY version 0.78 is released
    ------------------------------

    All the pre-built binaries, and the source code, are now available
    from the PuTTY website at

    https://www.chiark.greenend.org.uk/~sgtatham/putty/

    New features in this release include:

    - Support for OpenSSH certificates in user authentication. If you
    have a certified key for user authentication, PuTTY can now use it,
    either by configuring the certificate file separately from the
    private key, or by making a single .ppk file incorporating both.
    You can also configure a certificate in PuTTY's configuration to
    accompany an ordinary key in Pageant, or load the combined .ppk
    into Pageant itself.

    - Support for OpenSSH certificates in host key checking. Using the
    new "Configure host CAs" button in the "Host keys" config pane, you
    can tell PuTTY about the public key of a certification authority
    you trust, and tell it what host names you trust it to sign keys
    for. Then PuTTY will accept host keys validly signed by that CA,
    without needing the interactive host key prompt every time.

    - Enhancements to the SSH jump-host proxy system. Now, as an
    alternative to telling the proxy SSH server to connect directly to
    the destination IP address, you can tell it to run a shell command
    locally. (For example, an 'nc' command preceded by some other kind
    of necessary setup.) You can also ask the server to invoke a
    specified SSH subsystem, if one is configured that will help.

    - Ability to allow a helper program, or 'plugin', to provide your
    answers to SSH keyboard-interactive authentication. The idea is to
    make it possible to automate one-time password schemes, if the
    passwords can be determined by a program. However, this feature is
    very new and plugins will need to be written before it can be used.
    The specification of how a plugin must work is documented in
    Appendix H of the PuTTY manual.

    - Cryptography updates: the NTRU Prime post-quantum key exchange
    implemented in OpenSSH, new larger Diffie-Hellman groups, support
    for using those and ECDSA in conjunction with Kerberos, and the
    AES-GCM cipher mode. (The last of those is done in the
    OpenSSH-compatible way, not RFC 5647.)

    Bug fixes in this release include:

    - The 32-bit Windows build now runs on Windows XP again. (0.77
    accidentally did not.)

    - Setting the window title on the server using a single-byte
    character set such as ISO 8859 now works again. (0.77 would set the
    title to the empty string due to a character-set translation
    failure.)

    One warning for users of the Windows installer:

    - To work around a bug, we've had to change the 'install scope' of
    the PuTTY MSI package. One effect of this is that installing 0.78
    will not automatically uninstall 0.77. We recommend uninstalling
    0.77 first, if you can. Failing that, uninstalling both packages
    and reinstalling 0.78 should put everything right. Sorry about that.

    Enjoy using PuTTY!

    --
    for k in [pow(x,37,0x1a1298d262b49c895d47f) for x in [0x50deb914257022de7fff, 0x213558f2215127d5a2d1, 0x90c99e86d08b91218630, 0x109f3d0cfbf640c0beee7, 0xc83e01379a5fbec5fdd1, 0x19d3d70a8d567e388600e, 0x534e2f6e8a4a33155123]]:
    print("".join([chr(32+3*((k>>x)&1))for x in range(79)])) # <anakin@pobox.com>

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)