Home |
Licence |
FAQ |
Docs |
Download |
Keys |
Links
Mirrors |
Updates |
Feedback |
Changes |
Wishlist |
Team
RFC 5656 defines elliptic-curve (ECDSA) key formats (host and user) for use with SSH-2, and associated ECDH key exchange methods. OpenSSH has supported these since 5.7.
PuTTY does not currently support these. It probably should.
The only niggle I (OSD) have is that I'm not 100% sure what the patent situation is. (Wikipedia has some words on the subject.)
A user reports that the French government computing security agency ANSSI has recommendations for configuring OpenSSH that prefer use of ECDSA keys.
2014-11: the development snapshots now include support for the mandatory parts of RFC5656: that is, ECDSA host and user keys and ECDH key exchange, with the curves nistp256, nistp384, and nistp521.
(This support is not included in PuTTY 0.64; however, a release labelled as 0.64 but erroneously built from the wrong source code was briefly available. If you have a version of PuTTY claiming to be 0.64 and to support ECDH/ECDSA, you should download a fresh copy, not least because the erroneous version is missing security fixes to unrelated code.)
Audit trail for this wish.