diff --git a/paramiko/rsakey.py b/paramiko/rsakey.py
index f7e40b645..212434046 100644
--- a/paramiko/rsakey.py
+++ b/paramiko/rsakey.py
@@ -128,10 +128,15 @@ def verify_ssh_sig(self, data, msg):
         if isinstance(key, rsa.RSAPrivateKey):
             key = key.public_key()
 
+        # pad received signature with leading zeros, key.verify() expects
+        # a signature of key_size bits (e.g. PuTTY doesn't pad)
+        sign = msg.get_binary()
+        diff = key.key_size - len(sign) * 8
+        if diff > 0:
+            sign = b"\x00" * ((diff + 7) // 8) + sign
+
         try:
-            key.verify(
-                msg.get_binary(), data, padding.PKCS1v15(), hashes.SHA1()
-            )
+            key.verify(sign, data, padding.PKCS1v15(), hashes.SHA1())
         except InvalidSignature:
             return False
         else: