Skip to content
Image source –

A recently disclosed vulnerability in the popular SSH client PuTTY (versions 0.68 to 0.80) could allow attackers to recover private encryption keys, potentially enabling them to impersonate users and access sensitive systems.


Secure Shell (SSH) is a widely used protocol for secure remote logins and data transfer. PuTTY is a popular SSH client, especially on Windows systems. Cryptographic keys are fundamental to SSH; they are used to authenticate users and servers.

Encryption relies on complex algorithms that ideally should introduce randomness. This PuTTY flaw stemmed from a deterministic method of generating a part of the signature process, resulting in predictable patterns attackers can exploit.

Understanding the Threat

  • The Flaw: Affected versions of PuTTY generate biased cryptographic signatures when using the NIST P-521 encryption standard. This bias can be exploited to recover the private key with enough collected signatures.
  • The Impact: A successful attack fully compromises the affected private key. This means the attacker can generate forged signatures and potentially gain unauthorised access to servers where this key grants authentication.

What You Need To Do

  1. Immediate Action: If you have used a 521-bit ECDSA key with any vulnerable PuTTY version (0.68 – 0.80), consider this key compromised. Immediately revoke it from any server where it is authorised – typically by removing it from authorized_keys files.
  2. Upgrade Software: Update your PuTTY installation to version 0.81 or later. Additionally, software that relies on PuTTY, such as FileZilla, WinSCP, TortoiseGit, and TortoiseSVN may need updates. Refer to their websites for vulnerability status and patches.
  3. Generate New Keys: After revocation and updates, generate a new ECDSA key pair to replace the compromised one. It’s advisable to use a different encryption standard like the more robust Ed25519.

Prevention and Best Practices

  • Software Updates: Always apply software updates promptly, especially for security-critical tools like SSH clients.
  • Strong Encryption: Prefer modern encryption standards like Ed25519 over older ones where possible.
  • Key Management: Practice secure key management – limit the servers where a specific key is authorised, change keys regularly, and securely store private keys offline when possible.

Staying Informed

Security vulnerabilities are an ongoing reality. Keep up-to-date with the latest threats and recommended practices at the Cyber and Fraud Centre – or by downloading our new app.

Related Links: