Dear cluster users,
in the SSH Client PuTTY a vulnerability was found (CVE-2024-31497 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31497>), which allows an Attacker to gain access to the user private key.
This vulnerability only effects ECDSA keys, if RSA and ED25519 keys are not effected.
If you use PuTTY with ECDSA keys to conncet to the Cluster please follow the following steps in order remedy the issue:
* Update PuTTY to the version 0.81
* Create a new key pair
* In the authorized_keys file replace the public key of the key pair you have been using so far with the public key of the newly generated key pair
Please be aware that besides PuTTY the following programs are also efected by the vulnerability:
* Filzilla
* WinSCP
* TortoiseGit
* TortoiseSVN
Best regards
Your HPC support team