PuTTY 0.78 is released
anakin at pobox.com
Sat Oct 29 09:09:28 BST 2022
PuTTY version 0.78 is released
All the pre-built binaries, and the source code, are now available
from the PuTTY website at
New features in this release include:
- Support for OpenSSH certificates in user authentication. If you
have a certified key for user authentication, PuTTY can now use it,
either by configuring the certificate file separately from the
private key, or by making a single .ppk file incorporating both.
You can also configure a certificate in PuTTY's configuration to
accompany an ordinary key in Pageant, or load the combined .ppk
into Pageant itself.
- Support for OpenSSH certificates in host key checking. Using the
new "Configure host CAs" button in the "Host keys" config pane, you
can tell PuTTY about the public key of a certification authority
you trust, and tell it what host names you trust it to sign keys
for. Then PuTTY will accept host keys validly signed by that CA,
without needing the interactive host key prompt every time.
- Enhancements to the SSH jump-host proxy system. Now, as an
alternative to telling the proxy SSH server to connect directly to
the destination IP address, you can tell it to run a shell command
locally. (For example, an 'nc' command preceded by some other kind
of necessary setup.) You can also ask the server to invoke a
specified SSH subsystem, if one is configured that will help.
- Ability to allow a helper program, or 'plugin', to provide your
answers to SSH keyboard-interactive authentication. The idea is to
make it possible to automate one-time password schemes, if the
passwords can be determined by a program. However, this feature is
very new and plugins will need to be written before it can be used.
The specification of how a plugin must work is documented in
Appendix H of the PuTTY manual.
- Cryptography updates: the NTRU Prime post-quantum key exchange
implemented in OpenSSH, new larger Diffie-Hellman groups, support
for using those and ECDSA in conjunction with Kerberos, and the
AES-GCM cipher mode. (The last of those is done in the
OpenSSH-compatible way, not RFC 5647.)
Bug fixes in this release include:
- The 32-bit Windows build now runs on Windows XP again. (0.77
accidentally did not.)
- Setting the window title on the server using a single-byte
character set such as ISO 8859 now works again. (0.77 would set the
title to the empty string due to a character-set translation
One warning for users of the Windows installer:
- To work around a bug, we've had to change the 'install scope' of
the PuTTY MSI package. One effect of this is that installing 0.78
will not automatically uninstall 0.77. We recommend uninstalling
0.77 first, if you can. Failing that, uninstalling both packages
and reinstalling 0.78 should put everything right. Sorry about that.
Enjoy using PuTTY!
import hashlib; print((lambda p,q,g,y,r,s,m: (lambda w:(pow(g,int(hashlib.sha1(
and s%q!=0 and m)(12342649995480866419, 2278082317364501, 1670428356600652640,
5398151833726432125, 645223105888478, 1916678356240619, "<anakin at pobox.com>"))
More information about the PuTTY-announce