PuTTY issue fixed in version 6.3.3, documentation states issue in WinSCP versions 5.9.5

jpantera
Joined:: 2018-01-31
Posts:: 23
Location:: Los Angeles, CA

PuTTY issue fixed in version 6.3.3, documentation states issue in WinSCP versions 5.9.5 – 6.3.2

2024-05-06 23:47

Hello Martin & WinSCP Support,
We were contacted by our security resources about this bug found specifically in PuTTY, but also affected is WinSCP:
https://bugzilla.redhat.com/show_bug.cgi?id=2275183

### Affected Products

- PuTTY 0.68 - 0.80

The following (not necessarily complete) list of products bundle an
affected PuTTY version and are therefore vulnerable as well:

- FileZilla 3.24.1 - 3.66.5
- WinSCP 5.9.5 - 6.3.2
- TortoiseGit 2.4.0.2 - 2.15.0
- TortoiseSVN 1.10.0 - 1.14.6

We actually have a system where we've created SSH keys with PuTTY, that is version 5.9.4 (WinSCP), so it's outside of the affected range 5.9.5 – 6.3.2.

For SSH keys (I believe we always use RSA type, and always with a passphrase attached), do we have any concern, if they were created with a WinSCP version 5.9.4 version?

Thank you,
Joe P.

Reply with quote

martin◆ Site Admin
Joined:: 2002-12-10
Posts:: 41,378
Location:: Prague, Czechia

Re: PuTTY issue fixed in version 6.3.3, documentation states issue in WinSCP versions 5.9.5 – 6.3.2

2024-05-07

That information is actually inaccurate. The problem in present in WinSCP (and bundled PuTTYgen) since 5.8.1 (in other words any version of WinSCP before 6.3.3 that already supports ECDSA keys):
See Issue 2285 – NIST P521 private keys are exposed by biased signature generation
Though if you are only using RSA keys, you are not affected. The problem is only with specific types of ECDSA keys.

Reply with quote

jpantera
Joined:: 2018-01-31
Posts:: 23
Location:: Los Angeles, CA

Follow-up detail on ECDSA Details

2024-05-07 07:45

Thank you Martin,

What specifically is a "ECDSA" type key? When I state we use RSA-type SSH keys, that is the option we choose in PuTTYgen, when we create the public and private key pair. Is there an alternative option called "ECDSA" (I will review in the morning), or is this some crypto library or something we'd have to add or specifically remove when we create the keys with PuTTYgen?

Also we always add a passphrase to our keys. Were we to have a key that had ECDSA type, and it had a passphrase, would the passphrase save us from this hack, or does the issue circumvent the use of the passphrase?

Thanks again,
Joe P.

Reply with quote

martin◆ Site Admin
Joined:: 2002-12-10
Posts:: 41,378
Location:: Prague, Czechia

Re: Follow-up detail on ECDSA Details

2024-05-09

ECDSA is key type, the way RSA is. See
https://winscp.net/eng/docs/ui_puttygen#window

A passphrase does not affect this at all.

Reply with quote

PuTTY issue fixed in version 6.3.3, documentation states issue in WinSCP versions 5.9.5 – 6.3.2