Always nice when software developers have thought of the thing you wanted already.

When #git on my laptop wants to talk to my machine at home (usually to continue work on something I left half-finished, append another commit or two, and push it back to my home checkout), it has to use #PuTTY rather than OpenSSH, because only my PuTTY configuration knows how to find its way to that machine. So I have to set either GIT_SSH or core.sshCommand to "plink". Ideally the latter, and only in the context of that one checkout.

What this _really_ needs, I thought, is an option to 'git clone' that will set an arbitrary 'git config' option early enough to affect the actual cloning operation, and then leave it set in the resulting checkout. That'd be perfect. I wonder if the git developers have thought to provide one?

And they have! #TIL 'git clone -c key=value'.

git clone -c core.sshCommand=plink my-home-machine:src/half-finished-thing

#PuTTY has fallen

We've released #PuTTY version 0.83.

This release is mostly full of bug fixes following up the new development in 0.82. Most significantly, 'psftp -b' was completely broken, and now works again. Also various assertion failures, crashes and hangs. On the Unix side, we've fixed an intermittent bug making the keys on the small keypad above the arrows (Home, End, Ins, Del etc) not work in the terminal.

We've also extended our #quantumsafe cryptography support, by supporting #MLKEM as a key exchange option, in addition to NTRU Prime which we already had.

https://www.chiark.greenend.org.uk/~sgtatham/putty/

Got some #Putty and a pack of #VerdantBrewing AF beer too! Excellent result

@1password hoping you can help here. I'm using #1Password and #OpenSSH in #WindowsTerminal here on #Windows11 to connect to my #RaspberryPi. I need an easier way to work with files, though, so I'm trying to set up #WinSCP. I've exported my key from 1Password in both formats available. I noticed it didn't have a file extension so added .pem to the name. No matter what I do, WinSCP won't take the key. Neither would #PuTTY when I tried it. Do you have any suggestions on how to resolve this? Anyone else who thinks they might be able to help is welcome to reply too.
#Linux #Windows #SSH #RaspberryPiOS #Tech #Technology

Pre-release builds of #PuTTY 0.83 are now available.

This is mostly a bug-fix release. 0.82 went out in a bit of a hurry, and users reported half a dozen bugs quite quickly, most notably that PSFTP forgot how to handle the -b option. Those are now all fixed.

Also new: support for a 2nd post-quantum key agreement scheme (ML-KEM), and improved support for Unicode filenames on Windows.

Please test! If there are still bugs, we'd like to fix them _before_ releasing 0.83.

https://www.chiark.greenend.org.uk/~sgtatham/putty/prerel.html

PuTTY for Debian bookworm is at 0.78; 0.82 was released today and has significant Unicode rework that is relevant to my interests. I have no idea why Debian's PuTTY is so far behind. Compiling from source works with zero errors, building all the binaries (pageant, etc.) ... but not putty itself. Checking out previous releases from git, they also skip putty itself.

Am I missing something obvious or well known?

We've released #PuTTY version 0.82.

The biggest change is improved Unicode support. Usernames and passwords read from the terminal or the Windows console now support full Unicode, so that you can use characters outside the Windows system code page, or the character set configured in PuTTY. The same is true for usernames and file names provided via the PuTTY tools' command line and via the GUI (but unfortunately not yet if you save and reload a session).

I've just renewed the #Authenticode certificate I use to sign #PuTTY.

Now #Windows #Defender gives me dire warnings about my own nightly builds. Apparently it thinks the new cert belongs to some previously unknown SW publisher, who might be a malware source for all it knows.

Is there any way to reassure it? E.g. the old cert hasn't expired yet, so I could use each one to cross-sign a declaration that the other one belongs to the same person.

Is there a standard procedure for this?

Nowy wpis na blogu! / New blog post!

Darmowa chmura ~200GB na Twoje pliki

#Cloudflare #Docker #DockerHub #dockerIo #FreeTier #FreeDNS42 #HTTPS #iptables #LetSEncrypt #Linux #MariaDB #MySQL #Nextcloud #NGINXProxyManager #OpenSource #Oracle #Portainer #PuTTY #SelfHosted #SSH #SSL #Termius #Ubuntu #ufw #VPS

Autor: @to3k

https://blog.tomaszdunia.pl/darmowa-chmura-200gb/

I tried my #PuTTYTor scripts on the newest versions of #PuTTY and Tor today and I couldn't get them to work...
Turns out version 0.77 of PuTTY last year introduced a bug that stops #DNS (it's always DNS) lookup over the #SOCKS5 #Proxy from working... Reported.

They're now on 0.81 and it hadn't been noticed, surprising really...

I'm really getting much more of a chuckle from the puzzles thrown up by trying to use a #VintagePC on a modern network than I ever expected!

Modern #puTTY binaries won't run on #WindowsNT4; ancient binaries from January 2000 are available and will run, but can't connect to a modern #SSH server. Most effective for file transfer is a combination of #telnet specially installed on my daily driver #Linux machine and python3 -m http.server.

Netscape 4.7 works nicely with the Python HTTP server, and the telnet client that comes with Windows NT4 supports VT100 so on opening a shell on my Linux machine, I find the w3m command line web browser is just about usable - good enough to download ancient binaries and installers onto the Linux machine that can be served via Python's HTTP server.

I've also given #wrp, the Web Rendering Proxy, a spin; it's surprisingly effective. Runs on a Linux machine on the network and serves pages as GIFs with clickable image maps.

https://github.com/tenox7/wrp

Having the devil of a time trying to find the earliest intact coining of this bit of funny.

Here’s as far as I got.

The post with reply I can’t confirm what platform it happened on or when, but seems it’s from no earlier than 2022.

Yesterday, I learned that @simontatham , who made the puzzles in the #SGTPuzzles Collection, which I discovered recently (see the Linux and Android ports), also makes #PuTTY, which I've been using for years. Mind BLOWN. And good show!

Neues Video: Installation von #PostgreSQL und #pgAdmin auf #Ubuntu mit #PuTTy

https://youtu.be/9-ZNtbNLdoQ?si=zzdfCLOC_rLulw19

Nextcloud auf der Kommandozeile aktualisieren

https://tube.solidcharity.net/videos/watch/0cf5ee97-ba7c-41df-a56f-8d1fea842ab0

Version 0.81 des SSH-Klienten PuTTY behebt Sicherheitslücken

Mit der Veröffentlichung der neuen Version 0.81 des freien SSH-Klienten PuTTY für Windows beheben die Entwickler eine Sicherheitslücke in SCP (Secure Copy Protocol), worüber Daten zwischen verschiedenen Rechnern via SSH ausgetauscht werden können. https://kantel.github.io/posts/2024051003_putty_update/ #PuTTY #Update #Security

New PuTTY Vulnerability via @endingwithali

#ThreatWire #Hak5 #PuTTY

https://www.youtube.com/watch?v=XZSS08ld6vM

I booted windows and installed #PuTTY last night to see how common an ECDSA-512 key could be (and I bet loads of people here don't run windows or PuTTY, so here's some details)

PuTTY doesn't generate ssh keys, you have to use a different tool that comes with PuTTY called PuTTYgen

The key generated by default is a 2048 bit RSA key

If I pick ECDSA as the key type, it defaults to a 256 bit key (it's not hard to pick a 512 bit key, but it's not the default)

I have a suspicion the number of PuTTY users with 512 bit ECDSA keys is going to be pretty small, which is excellent news.

#PuTTY #SSH client flaw allows recovery of #cryptographic #privatekeys
The vulnerability (CVE-2024-31497) was discovered by Fabian Bäumer and Marcus Brinkmann of the Ruhr University Bochum and is caused by how PuTTY generates #ECDSA nonces (temporary unique cryptographic numbers) for the NIST P-521 curve used for SSH authentication. The main repercussion of recovering the private key is that it allows unauthorized access to SSH servers or sign commits as the developer.
https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/