PuTTY wish ppk3

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Pre-release · Snapshot | Docs | Changes | Wishlist

summary: More resistance to passphrase guessing in SSH private key (PPK) format
class: wish: This is a request for an enhancement.
priority: high: This should be fixed in the next release.
fixed-in: 08d17140a00481603f9692cc2989dba2d103a1ad (0.75)

New versions of the PuTTY tools use a new file format for SSH private keys (or rather keypairs) on disc, PPK version 3.

The new format has several benefits for encrypted keys (those with a passphrase):

Keys generated with new versions of PuTTYgen will be in the new format.

All existing PPK files, or at least the overwhelming majority, are in the PPK version 2 format, defined in the year 2001. New versions of the PuTTY tools can continue to use existing PPK key files, of course. You may want to upgrade your existing keys (which can be done by loading into a new version of PuTTYgen and re-saving, or on Unix with the --reencrypt option), but if you keep the same passphrase, that can't protect you from attacks on old copies of the key file (for instance on backup media).

Old versions of PuTTY tools can't use the new format; if they encounter a new key, they'll give error messages like 'Unable to load key file "new.ppk" (PuTTY key format too new)'. If you have a key in the new PPK version 3 format, you can use PuTTYgen to export it to the old PPK version 2 format.

The new key format is described (alongside previous formats) in a new section of the documentation.

(This change only affects key files on disc. It has no effect on network compatibility.)

If you want to comment on this web site, see the Feedback page.
Audit trail for this wish.
(last revision of this bug record was at 2021-03-07 13:41:39 +0000)