Doesn't work properly with Coolkey middleware

Hi,

Putty CAC works great with public keys. As far as I understand I take out the public key out of the user certificate (from the token) and put it into the SSH authoruzed_keys. So far so good.

Suppose I want to use SSH certificates. in this scenario I usually put the public key of the CA into the server and then use my public certificate (instead of my public key) and my private key to log into the server. This also work great with openssh.

I tried to do this with Putty-cac:
I put the CA public key in the server and tried to log in with my smartcard via putty-cac, but it doesn't work.

Is there a way to do this with putty-cac?

Thanks.

add support for ECC certificates on smartcards, especially with regard to the ssh-keystring generation

@NoMoreFood Started up the windows executable version of Pageant v0.81 and there's only the Add Key and Remove Key buttons. Add CAPI Cert button is not there.

This was already an issue in v0.80.
Is there an update available?

Would like to have checksums (SHA1 or SHA256 preferably) for the binary downloads.

I see that this doesn't work with cackey or coolkey. I assume it only works with activclient?

When I visit risacher.org, Google Chrome reports that the site is harmful.

see this report

The "status" of the site is: "Dangerous: www.risacher.org/putty-cac contains harmful programs."

Hi,

I'm trying to connect with putty-cac to a OpenSSH server. For some certificates it is working as expected but for some it fails with messages like

May 17 17:14:07 sssd-devel sshd[651]: error: buffer_get_bignum2_ret: negative numbers not supported [preauth]

It looks like putty-cac and OpenSSH's ssh-keygen generate slightly different public keys:

putty-cac:
echo -n AAAAB3NzaC1yc2EAAAAEsSwzJwAAAQEAg998ayLmHJMQsH7TZDXTrcXx8tS8ZnBe0GU5/v2Ghyggk5N/uJrMJSDu/pidlQ4rmAWtSySjGtMvB0FEofL74+lBZmTS1nEQGHfyiv3Fa6+9+AH4SDWWV341rcrVKis1ZMlRFRVIhsudmcgC2e69O7qSJ+ms52oFGL0sacY9d9UKV/NKgVD/dkXb7f03NCj7dVZVHauZxBmPv2FpFKa55PkSr9hQB4dLarjuh7B5Em+Lg4+tRUZop4kNooeo/P/WsWNNefZWjpwOQ1IklKnHhdGBPIE5a5NQQoXeacyGtybN9M9SBJCdIBW4CAbQBa5VNI3mjs/rlxTHO2dDaSmcHQ== |base64 -d | od -t x1
0000000 00 00 00 07 73 73 68 2d 72 73 61 00 00 00 04 b1
0000020 2c 33 27 00 00 01 01 00 83 df 7c 6b 22 e6 1c 93
0000040 10 b0 7e d3 64 35 d3 ad c5 f1 f2 d4 bc 66 70 5e
0000060 d0 65 39 fe fd 86 87 28 20 93 93 7f b8 9a cc 25
0000100 20 ee fe 98 9d 95 0e 2b 98 05 ad 4b 24 a3 1a d3
0000120 2f 07 41 44 a1 f2 fb e3 e9 41 66 64 d2 d6 71 10
0000140 18 77 f2 8a fd c5 6b af bd f8 01 f8 48 35 96 57
0000160 7e 35 ad ca d5 2a 2b 35 64 c9 51 15 15 48 86 cb
0000200 9d 99 c8 02 d9 ee bd 3b ba 92 27 e9 ac e7 6a 05
0000220 18 bd 2c 69 c6 3d 77 d5 0a 57 f3 4a 81 50 ff 76
0000240 45 db ed fd 37 34 28 fb 75 56 55 1d ab 99 c4 19
0000260 8f bf 61 69 14 a6 b9 e4 f9 12 af d8 50 07 87 4b
0000300 6a b8 ee 87 b0 79 12 6f 8b 83 8f ad 45 46 68 a7
0000320 89 0d a2 87 a8 fc ff d6 b1 63 4d 79 f6 56 8e 9c
0000340 0e 43 52 24 94 a9 c7 85 d1 81 3c 81 39 6b 93 50
0000360 42 85 de 69 cc 86 b7 26 cd f4 cf 52 04 90 9d 20
0000400 15 b8 08 06 d0 05 ae 55 34 8d e6 8e cf eb 97 14
0000420 c7 3b 67 43 69 29 9c 1d
0000430

ssh-keygen:
echo -n AAAAB3NzaC1yc2EAAAAFALEsMycAAAEBAIPffGsi5hyTELB+02Q1063F8fLUvGZwXtBlOf79hocoIJOTf7iazCUg7v6YnZUOK5gFrUskoxrTLwdBRKHy++PpQWZk0tZxEBh38or9xWuvvfgB+Eg1lld+Na3K1SorNWTJURUVSIbLnZnIAtnuvTu6kifprOdqBRi9LGnGPXfVClfzSoFQ/3ZF2+
39NzQo+3VWVR2rmcQZj79haRSmueT5Eq/YUAeHS2q47oeweRJvi4OPrUVGaKeJDaKHqPz/1rFjTXn2Vo6cDkNSJJSpx4XRgTyBOWuTUEKF3mnMhrcmzfTPUgSQnSAVuAgG0AWuVTSN5o7P65cUxztnQ2kpnB0= |base64 -d | od -t x1
0000000 00 00 00 07 73 73 68 2d 72 73 61 00 00 00 05 00
0000020 b1 2c 33 27 00 00 01 01 00 83 df 7c 6b 22 e6 1c
0000040 93 10 b0 7e d3 64 35 d3 ad c5 f1 f2 d4 bc 66 70
0000060 5e d0 65 39 fe fd 86 87 28 20 93 93 7f b8 9a cc
0000100 25 20 ee fe 98 9d 95 0e 2b 98 05 ad 4b 24 a3 1a
0000120 d3 2f 07 41 44 a1 f2 fb e3 e9 41 66 64 d2 d6 71
0000140 10 18 77 f2 8a fd c5 6b af bd f8 01 f8 48 35 96
0000160 57 7e 35 ad ca d5 2a 2b 35 64 c9 51 15 15 48 86
0000200 cb 9d 99 c8 02 d9 ee bd 3b ba 92 27 e9 ac e7 6a
0000220 05 18 bd 2c 69 c6 3d 77 d5 0a 57 f3 4a 81 50 ff
0000240 76 45 db ed fd 37 34 28 fb 75 56 55 1d ab 99 c4
0000260 19 8f bf 61 69 14 a6 b9 e4 f9 12 af d8 50 07 87
0000300 4b 6a b8 ee 87 b0 79 12 6f 8b 83 8f ad 45 46 68
0000320 a7 89 0d a2 87 a8 fc ff d6 b1 63 4d 79 f6 56 8e
0000340 9c 0e 43 52 24 94 a9 c7 85 d1 81 3c 81 39 6b 93
0000360 50 42 85 de 69 cc 86 b7 26 cd f4 cf 52 04 90 9d
0000400 20 15 b8 08 06 d0 05 ae 55 34 8d e6 8e cf eb 97
0000420 14 c7 3b 67 43 69 29 9c 1d
0000431

As you can see the key are nearly the same expect that the exponent is prefixed by '00' in the ssh-keygen case because the exponent starts with 'b1' which would indicate a negative number to bigint.

I think capi_get_pubkey_blob() should be enhanced to add a leading zero to the exponent part of the key as it already does for the modulus.

I think I can provide a patch but I'm not sure if I will be able to build putty-cac on Windows.

I'm getting Artemis Trojan results for .65 plink, pscp, psftp exes. I assume these are false positives. I believe our current plan here is to submit the files to McAfee for review. Is anyone else getting the same results?

as stated here
i would request PKCS11 support for the latest version and compile with latest visual studio and keep Windows XP compatibility.
I currently use putty-vx4-bin but bin are outdated.
Or make available older release putty-CAC 0.62 with pkcs#11 support and Windows XP compatibility.

User report: ...our systems are secured to adhere to a higher
MAC - Message Authentication Code

Our severs are configured to only support:

hmac-ripemd160,hmac-sha2-256,hmac-sha2-512

The Putty-CAC only suports:

hmac-sha1,hmac-sha1-96,hmac-md5

Hi,
short question: is there any way to autoload a capi cert into pageant from command line?
a short attempt to just add "pageant.exe Users/MY/03573151..." (as shown in the key dialog when loaded) to the command line lead to a "couldn't load this key" messagebox.

best regards,
Björn

users have requested a command-line tool for extracting the ssh-keystring.

this is really a @jdantzler problem, but affects www.risacher.org since it is currently hosting it.

Problem: Using CAPI authentication from latest Putty doesn't attempt to send key (tested with all three flavors, downloaded Aug 22 or later from risacher.org/putty-cac). Adding it into pagent works. This worked in the 0.62 version.

Reproduce:

• Ensure no cert available in Pagent
• Launch putty.exe
  • Session:
    • Host: github.com
    • Close on exit: NEVER
  • Connection/SSH/CAPI
    • Attempt "CAPI Certificate" (key-only) auth (SSH2) : YES
    • Cert: Browse -> select cert
• Open
• Use git when prompted for a username
• Response:

Disconnected: No supported authentication methods available (server sent: publicKey)

Success:

• Launch pagent.exe
• Add CAPI cert to pagegnt via right click pagent in systray -> View Keys -> Add CAPI Cert -> select cert. Close pagent
• Launch putty.exe
  • Session:
    • Host: github.com
    • Close on exit: NEVER
• Open
• Use git when prompted for a username
• Response:

Authentication with public key "CAPI:User\MY\ " from agent
Server refused to allocate pty
Hi jbjonesjr! You've successfully authenticated, but GitHub does not provide shell access.

@jdantzler Just started up the windows executable version of pageant and there's only the Add Key and Remove Key buttons. Add CAPI Cert is not there

Doesn't work properly with CACKey middleware

[issue copied over from Forge.mil]

PuTTY-CAC behaves erratically when multiple readers and cards are present in my machine. Presently I have 3 card readers. In one I have my regular DoD CAC. In another I'm using an alternate token which contains one certificate. The third reader is empty. I am using ActivClient middleware (acpkcs211.dll). Basically what happens is in the pkcs11 configuration the Token labels show multiple cards. The number next to the card seems to randomly jump around after I've clicked the dropdown more than once. It also doesn't show anything under Certificate label. If I manually input both the correct Token and Certificate it still doesn't work.

Versions in use:
OS Windows 7
Putty-cac 0.66
pageant 0.67

Issue:
I have modified the Shortcut to pageant.exe, in order to load my capi cert at program startup.
Capi cert is added to pageant as expected.
But the first time i use putty in order to connect to a PKI secured server putty fails with a "Fatal Error" and states: "Pageant failed to answer challenge"
I dismiss the Error and just "refresh" the session and then pageant is immediately working and i am
presented the appropriate windows security window in order to enter my PKI PIN

The error is reproducable on my setup.

these features are new in 0.68 (released 2017-02-21):

Security fix: an integer overflow bug in the agent forwarding code. See vuln-agent-fwd-overflow.
Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory (on versions of Windows where they previously were). See vuln-indirect-dll-hijack.
Windows PuTTY no longer sets a restrictive process ACL by default, because this turned out to inconvenience too many legitimate applications such as NVDA and TortoiseGit. You can still manually request a restricted ACL using the command-line option -restrict-acl.
The Windows PuTTY tools now come in a 64-bit version.
The Windows PuTTY tools now have Windows's ASLR and DEP security features turned on.
Support for elliptic-curve cryptography (the NIST curves and 25519), for host keys, user authentication keys, and key exchange.
Support for importing and exporting OpenSSH's new private key format.
Host key preference policy change: PuTTY prefers host key formats for which it already knows the key.
Run-time option (from the system menu / Ctrl-right-click menu) to retrieve other host keys from the same server (which cross-certifies them using the session key established using an already-known key) and add them to the known host-keys database.
The Unix GUI PuTTY tools can now be built against GTK 3.
There is now a Unix version of Pageant.http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

These features are new in 0.67 (released 2016-03-05):

Security fix: a buffer overrun in the old-style SCP protocol when receiving the header of each file downloaded from the server is fixed. See vuln-pscp-sink-sscanf.
Windows PuTTY now sets its process ACL more restrictively, in an attempt to defend against malicious other processes reading sensitive data out of its memory.
Assorted other robustness fixes for crashes and memory leaks.
We have started using Authenticode to sign our Windows executables and installer.

Can't seem to get it to run successfully in Windows 10, official upstream works fine though. This might be more of an issue since I think they're trying to convert everyone over to Windows 10 soonish.

Sync with PuTTY 0.63

Hello,

is it possible to enter the pin via external pinpad on the smartcard reader?

As the title says.

However, this last time when I wanted to grab a screenshot - suddenly it doesn't happen?
It's happened every time I tested it up until now though.

Version was just downloaded today from http://risacher.org/putty-cac/, but the "File Version" is 0.0.0.0

I am running Release_0.68_1, which works when I am connected through CITRIX (for which I am very grateful). However, there is an issue after being connected for a while. At some point, putty-cac fails to connect to systems, and you get a "CAPI failed to sign data". A work around is to go to another app (e.g. ActivClient Agent), and do something that requires the user to input the PIN, such as looking at "Personal Data". After this, putty-cac again works for a while.

Here is the sanitized logs:
2017-04-13 20:03:35 Connecting to X.X.X.X port 22
2017-04-13 20:03:35 We claim version: SSH-2.0-PuTTY_
2017-04-13 20:03:35 Server version: SSH-2.0-OpenSSH_5.3
2017-04-13 20:03:35 We believe remote version has SSH-2 channel request bug
2017-04-13 20:03:35 Using SSH protocol version 2
2017-04-13 20:03:35 Doing Diffie-Hellman group exchange
2017-04-13 20:03:35 Doing Diffie-Hellman key exchange with hash SHA-256
2017-04-13 20:03:35 Server also has ssh-dss host key, but we don't know it
2017-04-13 20:03:35 Host key fingerprint is:
2017-04-13 20:03:35 ssh-rsa 2048 XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
2017-04-13 20:03:35 Initialised AES-256 SDCTR client->server encryption
2017-04-13 20:03:35 Initialised HMAC-SHA-256 client->server MAC algorithm
2017-04-13 20:03:35 Initialised AES-256 SDCTR server->client encryption
2017-04-13 20:03:35 Initialised HMAC-SHA-256 server->client MAC algorithm
2017-04-13 20:03:35 Use CAPI cert (User\MY\XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
2017-04-13 20:03:35 Offered public key
2017-04-13 20:03:35 Offer of public key accepted
2017-04-13 20:03:41 CAPI failed to sign data

Hi

I want to Setup PKCS#11 Settings. but after set PKSC#11 Library your software show list of token. then select token when leave token label and set certificate label token label automatically clear and certificate label is empty. please help me.
when i again select token label show E: NO SLOTS FOUND!
Best Regards
Ehsan Farahani

This latest round of windows patches appears to have had an adverse affect on pageant. Tested with .63 and .66, and with rolling back windows patches to resume functionality.

with KB4013429 (this was a March "Patch-Tuesday" Bundle) installed, you are prompted for your PIN on /every/ connection, both new sessions using putty-cac and remote sessions using agent forwarding.

PuTTY-CAC is based on a cvs snapshot of PuTTY that is older than the 0.62 release.

Pageant is not communicating with newer versions of WinSCP or TortoiseSVN. We are currently stuck on WinSCP 4.2.9 and TortoiseSVN 1.6.5. We really need to update our software, but doing so will break us from using Pageant for authentication. We are trying to use the CAPI cert feature with our CACs. I have already downloaded diff/patch files from here and recompiled the source code, but it seems the source code that is uploaded already has those changes. I am not sure if this is a simple fix or not, but if someone could have a look at it and see if it can be updated to fix these issues that would be great. Thanks.

As PKCS11 support is about terminating at 0.66-sync, PKCS11 related parts are better removing from a site https://www.risacher.org/putty-cac/ .

I am able to use the latest version of putty-cac on a physical system with our Linux servers, but when I connect to my organizations CITRIX portal onto a virtual Windows 7 system it does not.

I can configure on the virtual desktop putty-cac's CAPI setting with no problem, and it sees the certificates on the card successfully. The ssh-key is the same as if it was the physical box. However, when I try to connect it never asks for my PIN, and it reports this (I've obscured the public key, but it is correct):

Authenticating with public key "CAPI:User\MY\BC**************************************65"
Unable to load private key (Failed to load CAPI key)

New upstream version with a security fix available.

Our company's group policy is not letting us suppress the Unknown Publisher windows warning when launching programs from this repository. Is there a workaround or a possible to download "signed" windows executables?

@jdantzler Started up the windows executable version of Pageant v0.81 and there's only the Add Key and Remove Key buttons. Add CAPI Cert button is not there. This was already an issue in v0.80.
Is there an update available?

I have a card that holds more certificates. The issue I have is that the CAPI menu (presented on the "CAPI configuration" section of the home page) allows me to select only one. Is it any way that I can get more of those certificates (maybe there is a filtering by a certain attribute)?

While authentication via CAPI works when configured directly in putty-cac, it doesn't when pageant-cac is used and putty-cac is configured to use the Pageant (Disconnected: No supported authentication method available (Server send publickey))

Certificate was added to pageant via "Get CAPI Cert" button.

plink reports:

Pageant is running. Requesting keys.
Failed to get reply from pageant.

Is this related to http://winscp.net/forum/viewtopic.php?t=11910 ?

Andreas

in sshsh512.c
-uint64 wordblock[16];
+uint64 wordblock[16]={0};

and in SHA512_myINIT
+for(i=0;i<128;i++)

• s->block[i] = 0;

i test this case for sha512, but i found my result would be changed when i run it again