this post was submitted on 16 Apr 2024
13 points (93.3% liked)
Security
522 readers
5 users here now
A community for discussion about cybersecurity, hacking, cybersecurity news, exploits, bounties etc.
Rules :
- All instance-wide rules apply.
- Keep it totally legal.
- Remember the human, be civil.
- Be helpful, don't be rude.
Icon base by Delapouite under CC BY 3.0 with modifications to add a gradient
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
If I understand correctly, the signatures generated by PuTTY aren’t perfectly random, so if someone got a hold of a bunch of keys from a server, they could figure out the pattern. It takes about 60 keys. This affects not just PuTTY, but also FileZilla, WinSCP, TortoiseGit, and TortoiseSVN.
In other words if you have NIST P-521 keys, or any others using 521-bit ECDSA, you should revoke them and generate new key pairs. After you update your software.