3 This FAQ is published on the PuTTY web site, and also provided as an
4 appendix in the manual.
6 \H{faq-intro} Introduction
8 \S{faq-what}{Question} What is PuTTY?
10 PuTTY is a client program for the SSH, Telnet and Rlogin network
13 These protocols are all used to run a remote session on a computer,
14 over a network. PuTTY implements the client end of that session: the
15 end at which the session is displayed, rather than the end at which
18 In really simple terms: you run PuTTY on a Windows machine, and tell
19 it to connect to (for example) a Unix machine. PuTTY opens a window.
20 Then, anything you type into that window is sent straight to the
21 Unix machine, and everything the Unix machine sends back is
22 displayed in the window. So you can work on the Unix machine as if
23 you were sitting at its console, while actually sitting somewhere
26 \H{faq-support} Features supported in PuTTY
28 \I{supported features}In general, if you want to know if PuTTY supports
29 a particular feature, you should look for it on the
30 \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/}{PuTTY web site}.
34 \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html}{changes
35 page}, and see if you can find the feature on there. If a feature is
36 listed there, it's been implemented. If it's listed as a change made
37 \e{since} the latest version, it should be available in the
38 development snapshots, in which case testing will be very welcome.
41 \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/}{Wishlist
42 page}, and see if you can find the feature there. If it's on there,
43 and not in the \q{Recently fixed} section, it probably \e{hasn't} been
46 \S{faq-ssh2}{Question} Does PuTTY support SSH-2?
48 Yes. SSH-2 support has been available in PuTTY since version 0.50.
50 Public key authentication (both RSA and DSA) in SSH-2 is new in
53 \S{faq-ssh2-keyfmt}{Question} Does PuTTY support reading OpenSSH or
54 \cw{ssh.com} SSH-2 private key files?
56 PuTTY doesn't support this natively (see
57 \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/key-formats-natively.html}{the wishlist entry}
58 for reasons why not), but as of 0.53
59 PuTTYgen can convert both OpenSSH and \cw{ssh.com} private key
60 files into PuTTY's format.
62 \S{faq-ssh1}{Question} Does PuTTY support SSH-1?
64 Yes. SSH-1 support has always been available in PuTTY.
66 However, the SSH-1 protocol has many weaknesses and is no longer
67 considered secure; you should use SSH-2 instead if at all possible.
69 As of 0.68, PuTTY will no longer fall back to SSH-1 if the server
70 doesn't appear to support SSH-2; you must explicitly ask for SSH-1.
72 \S{faq-localecho}{Question} Does PuTTY support \i{local echo}?
74 Yes. Version 0.52 has proper support for local echo.
76 In version 0.51 and before, local echo could not be separated from
77 local line editing (where you type a line of text locally, and it is
78 not sent to the server until you press Return, so you have the
79 chance to edit it and correct mistakes \e{before} the server sees
80 it). New in version 0.52, local echo and local line editing are
81 separate options, and by default PuTTY will try to determine
82 automatically whether to enable them or not, based on which protocol
83 you have selected and also based on hints from the server. If you
84 have a problem with PuTTY's default choice, you can force each
85 option to be enabled or disabled as you choose. The controls are in
86 the Terminal panel, in the section marked \q{Line discipline
89 \S{faq-savedsettings}{Question} Does PuTTY support storing settings,
90 so I don't have to change them every time?
92 Yes, all of PuTTY's settings can be saved in named session profiles.
93 You can also change the default settings that are used for new sessions.
94 See \k{config-saving} in the documentation for how to do this.
96 \S{faq-disksettings}{Question} Does PuTTY support storing its
97 settings in a disk file?
99 Not at present, although \k{config-file} in the documentation gives
100 a method of achieving the same effect.
102 \S{faq-fullscreen}{Question} Does PuTTY support full-screen mode,
105 Yes; this is a new feature in version 0.52.
107 \S{faq-password-remember}{Question} Does PuTTY have the ability to
108 \i{remember my password} so I don't have to type it every time?
112 Remembering your password is a bad plan for obvious security
113 reasons: anyone who gains access to your machine while you're away
114 from your desk can find out the remembered password, and use it,
115 abuse it or change it.
117 In addition, it's not even \e{possible} for PuTTY to automatically
118 send your password in a Telnet session, because Telnet doesn't give
119 the client software any indication of which part of the login
120 process is the password prompt. PuTTY would have to guess, by
121 looking for words like \q{password} in the session data; and if your
122 login program is written in something other than English, this won't
125 In SSH, remembering your password would be possible in theory, but
126 there doesn't seem to be much point since SSH supports public key
127 authentication, which is more flexible and more secure. See
128 \k{pubkey} in the documentation for a full discussion of public key
131 \S{faq-hostkeys}{Question} Is there an option to turn off the
132 \I{verifying the host key}annoying host key prompts?
134 No, there isn't. And there won't be. Even if you write it yourself
135 and send us the patch, we won't accept it.
137 Those annoying host key prompts are the \e{whole point} of SSH.
138 Without them, all the cryptographic technology SSH uses to secure
139 your session is doing nothing more than making an attacker's job
140 slightly harder; instead of sitting between you and the server with
141 a packet sniffer, the attacker must actually subvert a router and
142 start modifying the packets going back and forth. But that's not all
143 that much harder than just sniffing; and without host key checking,
144 it will go completely undetected by client or server.
146 Host key checking is your guarantee that the encryption you put on
147 your data at the client end is the \e{same} encryption taken off the
148 data at the server end; it's your guarantee that it hasn't been
149 removed and replaced somewhere on the way. Host key checking makes
150 the attacker's job \e{astronomically} hard, compared to packet
151 sniffing, and even compared to subverting a router. Instead of
152 applying a little intelligence and keeping an eye on Bugtraq, the
153 attacker must now perform a brute-force attack against at least one
154 military-strength cipher. That insignificant host key prompt really
155 does make \e{that} much difference.
157 If you're having a specific problem with host key checking - perhaps
158 you want an automated batch job to make use of PSCP or Plink, and the
159 interactive host key prompt is hanging the batch process - then the
160 right way to fix it is to add the correct host key to the Registry in
161 advance, or if the Registry is not available, to use the \cw{-hostkey}
162 command-line option. That way, you retain the \e{important} feature of
163 host key checking: the right key will be accepted and the wrong ones
164 will not. Adding an option to turn host key checking off completely is
165 the wrong solution and we will not do it.
167 If you have host keys available in the common \i\c{known_hosts} format,
168 we have a script called
169 \W{https://git.tartarus.org/?p=simon/putty.git;a=blob;f=contrib/kh2reg.py;hb=HEAD}\c{kh2reg.py}
170 to convert them to a Windows .REG file, which can be installed ahead of
171 time by double-clicking or using \c{REGEDIT}.
173 \S{faq-server}{Question} Will you write an SSH server for the PuTTY
174 suite, to go with the client?
176 No. The only reason we might want to would be if we could easily
177 re-use existing code and significantly cut down the effort. We don't
178 believe this is the case; there just isn't enough common ground
179 between an SSH client and server to make it worthwhile.
181 If someone else wants to use bits of PuTTY in the process of writing
182 a Windows SSH server, they'd be perfectly welcome to of course, but
183 I really can't see it being a lot less effort for us to do that than
184 it would be for us to write a server from the ground up. We don't
185 have time, and we don't have motivation. The code is available if
186 anyone else wants to try it.
188 \S{faq-pscp-ascii}{Question} Can PSCP or PSFTP transfer files in
193 Until recently, this was a limitation of the file transfer protocols:
194 the SCP and SFTP protocols had no notion of transferring a file in
195 anything other than binary mode. (This is still true of SCP.)
197 The current draft protocol spec of SFTP proposes a means of
198 implementing ASCII transfer. At some point PSCP/PSFTP may implement
201 \H{faq-ports} Ports to other operating systems
203 The eventual goal is for PuTTY to be a multi-platform program, able
204 to run on at least Windows, Mac OS and Unix.
206 Porting will become easier once PuTTY has a generalised porting
207 layer, drawing a clear line between platform-dependent and
208 platform-independent code. The general intention was for this
209 porting layer to evolve naturally as part of the process of doing
210 the first port; a Unix port has now been released and the plan
211 seems to be working so far.
213 \S{faq-ports-general}{Question} What ports of PuTTY exist?
215 Currently, release versions of PuTTY tools only run on Windows
218 As of 0.68, the supplied PuTTY executables run on versions of Windows
219 from XP onwards, up to and including Windows 10; and we know of no
220 reason why PuTTY should not continue to work on future versions of
221 Windows. We provide 32-bit and 64-bit Windows executables; see
222 \k{faq-32bit-64bit} for discussion of the compatibility issues around
225 (We used to also provide executables for Windows for the Alpha
226 processor, but stopped after 0.58 due to lack of interest.)
228 In the development code, a partial port to Mac OS exists (see
231 Currently PuTTY does \e{not} run on Windows CE (see \k{faq-wince}).
233 We do not have release-quality ports for any other systems at the
234 present time. If anyone told you we had an Android port, or an iOS
235 port, or any other port of PuTTY, they were mistaken. We don't.
237 There are some third-party ports to various platforms, mentioned
239 \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/links.html}{Links page of our website}.
241 \S{faq-unix}{Question} \I{Unix version}Is there a port to Unix?
243 As of 0.54, there are Unix ports of most of the traditional PuTTY
244 tools, and also one entirely new application.
246 If you look at the source release, you should find a \c{unix}
247 subdirectory. There are a couple of ways of building it,
248 including the usual \c{configure}/\c{make}; see the file \c{README}
249 in the source distribution. This should build you Unix
250 ports of Plink, PuTTY itself, PuTTYgen, PSCP, PSFTP, Pageant, and also
251 \i\c{pterm} - an \cw{xterm}-type program which supports the same
252 terminal emulation as PuTTY.
254 If you don't have \i{Gtk}, you should still be able to build the
257 \S{faq-unix-why}{Question} What's the point of the Unix port? Unix
260 All sorts of little things. \c{pterm} is directly useful to anyone
261 who prefers PuTTY's terminal emulation to \c{xterm}'s, which at
262 least some people do. Unix Plink has apparently found a niche among
263 people who find the complexity of OpenSSL makes OpenSSH hard to
264 install (and who don't mind Plink not having as many features). Some
265 users want to generate a large number of SSH keys on Unix and then
266 copy them all into PuTTY, and the Unix PuTTYgen should allow them to
267 automate that conversion process.
269 There were development advantages as well; porting PuTTY to Unix was
270 a valuable path-finding effort for other future ports, and also
271 allowed us to use the excellent Linux tool
272 \W{http://valgrind.kde.org/}{Valgrind} to help with debugging, which
273 has already improved PuTTY's stability on \e{all} platforms.
275 However, if you're a Unix user and you can see no reason to switch
276 from OpenSSH to PuTTY/Plink, then you're probably right. We don't
277 expect our Unix port to be the right thing for everybody.
279 \S{faq-wince}{Question} Will there be a port to Windows CE or PocketPC?
281 We once did some work on such a port, but it only reached an early
282 stage, and certainly not a useful one. It's no longer being actively
285 \S{faq-win31}{Question} Is there a port to \i{Windows 3.1}?
287 PuTTY is a 32-bit application from the ground up, so it won't run on
288 Windows 3.1 as a native 16-bit program; and it would be \e{very}
289 hard to port it to do so, because of Windows 3.1's vile memory
290 allocation mechanisms.
292 However, it is possible in theory to compile the existing PuTTY
293 source in such a way that it will run under \i{Win32s} (an extension to
294 Windows 3.1 to let you run 32-bit programs). In order to do this
295 you'll need the right kind of C compiler - modern versions of Visual
296 C at least have stopped being backwards compatible to Win32s. Also,
297 the last time we tried this it didn't work very well.
299 \S{faq-mac-port}{Question} Will there be a port to the \I{Mac OS}Mac?
303 We attempted one around 2005, written as a native Cocoa application,
304 but it turned out to be very slow to redraw its window for some reason
305 we never got to the bottom of.
307 In 2015, after porting the GTK front end to work with GTK 3, we began
308 another attempt based on making small changes to the GTK code and
309 building it against the OS X Quartz version of GTK 3. This doesn't
310 seem to have the window redrawing problem any more, so it's already
311 got further than the last effort, but it is still substantially
314 If any OS X and/or GTK programming experts are keen to have a finished
315 version of this, we urge them to help out with some of the remaining
318 \S{faq-epoc}{Question} Will there be a port to EPOC?
320 I hope so, but given that ports aren't really progressing very fast
321 even on systems the developers \e{do} already know how to program
322 for, it might be a long time before any of us get round to learning
323 a new system and doing the port for that.
325 However, some of the work has been done by other people; see the
326 \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/links.html}{Links page of our website}
327 for various third-party ports.
329 \S{faq-iphone}{Question} Will there be a port to the iPhone?
331 We have no plans to write such a port ourselves; none of us has an
332 iPhone, and developing and publishing applications for it looks
333 awkward and expensive.
335 However, there is a third-party SSH client for the iPhone and
336 iPod\_Touch called \W{http://www.instantcocoa.com/products/pTerm/}{pTerm},
337 which is apparently based on PuTTY. (This is nothing to do with our
338 similarly-named \c{pterm}, which is a standalone terminal emulator for
339 Unix systems; see \k{faq-unix}.)
341 \H{faq-embedding} Embedding PuTTY in other programs
343 \S{faq-dll}{Question} Is the SSH or Telnet code available as a DLL?
345 No, it isn't. It would take a reasonable amount of rewriting for
346 this to be possible, and since the PuTTY project itself doesn't
347 believe in DLLs (they make installation more error-prone) none of us
348 has taken the time to do it.
350 Most of the code cleanup work would be a good thing to happen in
351 general, so if anyone feels like helping, we wouldn't say no.
354 \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/dll-frontend.html}{the wishlist entry}.
356 \S{faq-vb}{Question} Is the SSH or Telnet code available as a Visual
359 No, it isn't. None of the PuTTY team uses Visual Basic, and none of
360 us has any particular need to make SSH connections from a Visual
361 Basic application. In addition, all the preliminary work to turn it
362 into a DLL would be necessary first; and furthermore, we don't even
363 know how to write VB components.
365 If someone offers to do some of this work for us, we might consider
366 it, but unless that happens I can't see VB integration being
367 anywhere other than the very bottom of our priority list.
369 \S{faq-ipc}{Question} How can I use PuTTY to make an SSH connection
370 from within another program?
372 Probably your best bet is to use Plink, the command-line connection
373 tool. If you can start Plink as a second Windows process, and
374 arrange for your primary process to be able to send data to the
375 Plink process, and receive data from it, through pipes, then you
376 should be able to make SSH connections from your program.
378 This is what CVS for Windows does, for example.
380 \H{faq-details} Details of PuTTY's operation
382 \S{faq-term}{Question} What \i{terminal type} does PuTTY use?
384 For most purposes, PuTTY can be considered to be an \cw{xterm}
387 PuTTY also supports some terminal \i{control sequences} not supported by
388 the real \cw{xterm}: notably the Linux console sequences that
389 reconfigure the colour palette, and the title bar control sequences
390 used by \i\cw{DECterm} (which are different from the \cw{xterm} ones;
391 PuTTY supports both).
393 By default, PuTTY announces its terminal type to the server as
394 \c{xterm}. If you have a problem with this, you can reconfigure it
395 to say something else; \c{vt220} might help if you have trouble.
397 \S{faq-settings}{Question} Where does PuTTY store its data?
399 On Windows, PuTTY stores most of its data (saved sessions, SSH host
400 keys) in the \i{Registry}. The precise location is
402 \c HKEY_CURRENT_USER\Software\SimonTatham\PuTTY
404 and within that area, saved sessions are stored under \c{Sessions}
405 while host keys are stored under \c{SshHostKeys}.
407 PuTTY also requires a random number seed file, to improve the
408 unpredictability of randomly chosen data needed as part of the SSH
409 cryptography. This is stored by default in a file called \i\c{PUTTY.RND};
410 this is stored by default in the \q{Application Data} directory,
411 or failing that, one of a number of fallback locations. If you
412 want to change the location of the random number seed file, you can
413 put your chosen pathname in the Registry, at
415 \c HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\RandSeedFile
417 You can ask PuTTY to delete all this data; see \k{faq-cleanup}.
419 On Unix, PuTTY stores all of this data in a directory \cw{~/.putty}
422 \H{faq-howto} HOWTO questions
424 \S{faq-login}{Question} What login name / password should I use?
426 This is not a question you should be asking \e{us}.
428 PuTTY is a communications tool, for making connections to other
429 computers. We maintain the tool; we \e{don't} administer any computers
430 that you're likely to be able to use, in the same way that the people
431 who make web browsers aren't responsible for most of the content you can
432 view in them. \#{FIXME: less technical analogy?} We cannot help with
433 questions of this sort.
435 If you know the name of the computer you want to connect to, but don't
436 know what login name or password to use, you should talk to whoever
437 administers that computer. If you don't know who that is, see the next
438 question for some possible ways to find out.
440 \# FIXME: some people ask us to provide them with a login name
441 apparently as random members of the public rather than in the
442 belief that we run a server belonging to an organisation they already
443 have some relationship with. Not sure what to say to such people.
445 \S{faq-commands}{Question} \I{commands on the server}What commands
446 can I type into my PuTTY terminal window?
448 Again, this is not a question you should be asking \e{us}. You need
449 to read the manuals, or ask the administrator, of \e{the computer
450 you have connected to}.
452 PuTTY does not process the commands you type into it. It's only a
453 communications tool. It makes a connection to another computer; it
454 passes the commands you type to that other computer; and it passes
455 the other computer's responses back to you. Therefore, the precise
456 range of commands you can use will not depend on PuTTY, but on what
457 kind of computer you have connected to and what software is running
458 on it. The PuTTY team cannot help you with that.
460 (Think of PuTTY as being a bit like a telephone. If you phone
461 somebody up and you don't know what language to speak to make them
462 understand you, it isn't \e{the telephone company}'s job to find
463 that out for you. We just provide the means for you to get in touch;
464 making yourself understood is somebody else's problem.)
466 If you are unsure of where to start looking for the administrator of
467 your server, a good place to start might be to remember how you
468 found out the host name in the PuTTY configuration. If you were
469 given that host name by e-mail, for example, you could try asking
470 the person who sent you that e-mail. If your company's IT department
471 provided you with ready-made PuTTY saved sessions, then that IT
472 department can probably also tell you something about what commands
473 you can type during those sessions. But the PuTTY maintainer team
474 does not administer any server you are likely to be connecting to,
475 and cannot help you with questions of this type.
477 \S{faq-startmax}{Question} How can I make PuTTY start up \i{maximise}d?
479 Create a Windows shortcut to start PuTTY from, and set it as \q{Run
482 \S{faq-startsess}{Question} How can I create a \i{Windows shortcut} to
483 start a particular saved session directly?
485 To run a PuTTY session saved under the name \q{\cw{mysession}},
486 create a Windows shortcut that invokes PuTTY with a command line
489 \c \path\name\to\putty.exe -load "mysession"
491 (Note: prior to 0.53, the syntax was \c{@session}. This is now
492 deprecated and may be removed at some point.)
494 \S{faq-startssh}{Question} How can I start an SSH session straight
495 from the command line?
497 Use the command line \c{putty -ssh host.name}. Alternatively, create
498 a saved session that specifies the SSH protocol, and start the saved
499 session as shown in \k{faq-startsess}.
501 \S{faq-cutpaste}{Question} How do I \i{copy and paste} between PuTTY and
502 other Windows applications?
504 Copy and paste works similarly to the X Window System. You use the
505 left mouse button to select text in the PuTTY window. The act of
506 selection \e{automatically} copies the text to the clipboard: there
507 is no need to press Ctrl-Ins or Ctrl-C or anything else. In fact,
508 pressing Ctrl-C will send a Ctrl-C character to the other end of
509 your connection (just like it does the rest of the time), which may
510 have unpleasant effects. The \e{only} thing you need to do, to copy
511 text to the clipboard, is to select it.
513 To paste the clipboard contents into a PuTTY window, by default you
514 click the right mouse button. If you have a three-button mouse and
515 are used to X applications, you can configure pasting to be done by
516 the middle button instead, but this is not the default because most
517 Windows users don't have a middle button at all.
519 You can also paste by pressing Shift-Ins.
521 \S{faq-options}{Question} How do I use all PuTTY's features (public
522 keys, proxying, cipher selection, etc.) in PSCP, PSFTP and Plink?
524 Most major features (e.g., public keys, port forwarding) are available
525 through command line options. See the documentation.
527 Not all features are accessible from the command line yet, although
528 we'd like to fix this. In the meantime, you can use most of
529 PuTTY's features if you create a PuTTY saved session, and then use
530 the name of the saved session on the command line in place of a
531 hostname. This works for PSCP, PSFTP and Plink (but don't expect
532 port forwarding in the file transfer applications!).
534 \S{faq-pscp}{Question} How do I use PSCP.EXE? When I double-click it
535 gives me a command prompt window which then closes instantly.
537 PSCP is a command-line application, not a GUI application. If you
538 run it without arguments, it will simply print a help message and
541 To use PSCP properly, run it from a Command Prompt window. See
542 \k{pscp} in the documentation for more details.
544 \S{faq-pscp-spaces}{Question} \I{spaces in filenames}How do I use
545 PSCP to copy a file whose name has spaces in?
547 If PSCP is using the traditional SCP protocol, this is confusing. If
548 you're specifying a file at the local end, you just use one set of
549 quotes as you would normally do:
551 \c pscp "local filename with spaces" user@host:
552 \c pscp user@host:myfile "local filename with spaces"
554 But if the filename you're specifying is on the \e{remote} side, you
555 have to use backslashes and two sets of quotes:
557 \c pscp user@host:"\"remote filename with spaces\"" local_filename
558 \c pscp local_filename user@host:"\"remote filename with spaces\""
560 Worse still, in a remote-to-local copy you have to specify the local
561 file name explicitly, otherwise PSCP will complain that they don't
562 match (unless you specified the \c{-unsafe} option). The following
563 command will give an error message:
565 \c c:\>pscp user@host:"\"oo er\"" .
566 \c warning: remote host tried to write to a file called 'oo er'
567 \c when we requested a file called '"oo er"'.
569 Instead, you need to specify the local file name in full:
571 \c c:\>pscp user@host:"\"oo er\"" "oo er"
573 If PSCP is using the newer SFTP protocol, none of this is a problem,
574 and all filenames with spaces in are specified using a single pair
575 of quotes in the obvious way:
577 \c pscp "local file" user@host:
578 \c pscp user@host:"remote file" .
580 \S{faq-32bit-64bit}{Question} Should I run the 32-bit or the
583 If you're not sure, the \I{32-bit Windows}32-bit version is generally
584 the safe option. It will run perfectly well on all processors and on
585 all versions of Windows that PuTTY supports. PuTTY doesn't require to
586 run as a 64-bit application to work well, and having a 32-bit PuTTY on
587 a 64-bit system isn't likely to cause you any trouble.
589 The 64-bit version (first released in 0.68) will only run if you have
590 a 64-bit processor \e{and} a \I{64-bit Windows}64-bit edition of
591 Windows (both of these things are likely to be true of any recent
592 Windows PC). It will run somewhat faster (in particular, the
593 cryptography will be faster, especially during link setup), but it
594 will consume slightly more memory.
596 If you need to use an external \i{DLL} for GSSAPI authentication, that
597 DLL may only be available in a 32-bit or 64-bit form, and that will
598 dictate the version of PuTTY you need to use. (You will probably know
599 if you're doing this; see \k{config-ssh-auth-gssapi-libraries} in the
602 \H{faq-trouble} Troubleshooting
604 \S{faq-incorrect-mac}{Question} Why do I see \q{Incorrect MAC
607 One possible cause of this that used to be common is a bug in old
608 SSH-2 servers distributed by \cw{ssh.com}. (This is not the only
609 possible cause; see \k{errors-crc} in the documentation.)
610 Version 2.3.0 and below of their SSH-2 server
611 constructs Message Authentication Codes in the wrong way, and
612 expects the client to construct them in the same wrong way. PuTTY
613 constructs the MACs correctly by default, and hence these old
614 servers will fail to work with it.
616 If you are using PuTTY version 0.52 or better, this should work
617 automatically: PuTTY should detect the buggy servers from their
618 version number announcement, and automatically start to construct
619 its MACs in the same incorrect manner as they do, so it will be able
622 If you are using PuTTY version 0.51 or below, you can enable the
623 workaround by going to the SSH panel and ticking the box labelled
624 \q{Imitate SSH2 MAC bug}. It's possible that you might have to do
625 this with 0.52 as well, if a buggy server exists that PuTTY doesn't
628 In this context MAC stands for \ii{Message Authentication Code}. It's a
629 cryptographic term, and it has nothing at all to do with Ethernet
630 MAC (Media Access Control) addresses.
632 \S{faq-pscp-protocol}{Question} Why do I see \q{Fatal: Protocol
633 error: Expected control record} in PSCP?
635 This happens because PSCP was expecting to see data from the server
636 that was part of the PSCP protocol exchange, and instead it saw data
637 that it couldn't make any sense of at all.
639 This almost always happens because the \i{startup scripts} in your
640 account on the server machine are generating output. This is
641 impossible for PSCP, or any other SCP client, to work around. You
642 should never use startup files (\c{.bashrc}, \c{.cshrc} and so on)
643 which generate output in non-interactive sessions.
645 This is not actually a PuTTY problem. If PSCP fails in this way,
646 then all other SCP clients are likely to fail in exactly the same
647 way. The problem is at the server end.
649 \S{faq-colours}{Question} I clicked on a colour in the \ii{Colours}
650 panel, and the colour didn't change in my terminal.
652 That isn't how you're supposed to use the Colours panel.
654 During the course of a session, PuTTY potentially uses \e{all} the
655 colours listed in the Colours panel. It's not a question of using
656 only one of them and you choosing which one; PuTTY will use them
657 \e{all}. The purpose of the Colours panel is to let you adjust the
658 appearance of all the colours. So to change the colour of the
659 cursor, for example, you would select \q{Cursor Colour}, press the
660 \q{Modify} button, and select a new colour from the dialog box that
661 appeared. Similarly, if you want your session to appear in green,
662 you should select \q{Default Foreground} and press \q{Modify}.
663 Clicking on \q{ANSI Green} won't turn your session green; it will
664 only allow you to adjust the \e{shade} of green used when PuTTY is
665 instructed by the server to display green text.
667 \S{faq-winsock2}{Question} Plink on \i{Windows 95} says it can't find
670 Plink requires the extended Windows network library, WinSock version
671 2. This is installed as standard on Windows 98 and above, and on
672 Windows NT, and even on later versions of Windows 95; but early
673 Win95 installations don't have it.
675 In order to use Plink on these systems, you will need to download
677 \W{http://www.microsoft.com/windows95/downloads/contents/wuadmintools/s_wunetworkingtools/w95sockets2/}{WinSock 2 upgrade}:
679 \c http://www.microsoft.com/windows95/downloads/contents/
680 \c wuadmintools/s_wunetworkingtools/w95sockets2/
682 \S{faq-outofmem}{Question} After trying to establish an SSH-2
683 connection, PuTTY says \q{\ii{Out of memory}} and dies.
685 If this happens just while the connection is starting up, this often
686 indicates that for some reason the client and server have failed to
687 establish a session encryption key. Somehow, they have performed
688 calculations that should have given each of them the same key, but
689 have ended up with different keys; so data encrypted by one and
690 decrypted by the other looks like random garbage.
692 This causes an \q{out of memory} error because the first encrypted
693 data PuTTY expects to see is the length of an SSH message. Normally
694 this will be something well under 100 bytes. If the decryption has
695 failed, PuTTY will see a completely random length in the region of
696 two \e{gigabytes}, and will try to allocate enough memory to store
697 this non-existent message. This will immediately lead to it thinking
698 it doesn't have enough memory, and panicking.
700 If this happens to you, it is quite likely to still be a PuTTY bug
701 and you should report it (although it might be a bug in your SSH
702 server instead); but it doesn't necessarily mean you've actually run
705 \S{faq-outofmem2}{Question} When attempting a file transfer, either
706 PSCP or PSFTP says \q{\ii{Out of memory}} and dies.
708 This is almost always caused by your \i{login scripts} on the server
709 generating output. PSCP or PSFTP will receive that output when they
710 were expecting to see the start of a file transfer protocol, and
711 they will attempt to interpret the output as file-transfer protocol.
712 This will usually lead to an \q{out of memory} error for much the
713 same reasons as given in \k{faq-outofmem}.
715 This is a setup problem in your account on your server, \e{not} a
716 PSCP/PSFTP bug. Your login scripts should \e{never} generate output
717 during non-interactive sessions; secure file transfer is not the
718 only form of remote access that will break if they do.
720 On Unix, a simple fix is to ensure that all the parts of your login
721 script that might generate output are in \c{.profile} (if you use a
722 Bourne shell derivative) or \c{.login} (if you use a C shell).
723 Putting them in more general files such as \c{.bashrc} or \c{.cshrc}
724 is liable to lead to problems.
726 \S{faq-psftp-slow}{Question} PSFTP transfers files much slower than PSCP.
728 The throughput of PSFTP 0.54 should be much better than 0.53b and
729 prior; we've added code to the SFTP backend to queue several blocks
730 of data rather than waiting for an acknowledgement for each. (The
731 SCP backend did not suffer from this performance issue because SCP
732 is a much simpler protocol.)
734 \S{faq-bce}{Question} When I run full-colour applications, I see
735 areas of black space where colour ought to be, or vice versa.
737 You almost certainly need to change the \q{Use \i{background colour} to
738 erase screen} setting in the Terminal panel. If there is too much
739 black space (the commoner situation), you should enable it, while if
740 there is too much colour, you should disable it. (See \k{config-erase}.)
742 In old versions of PuTTY, this was disabled by default, and would not
743 take effect until you reset the terminal (see \k{faq-resetterm}).
744 Since 0.54, it is enabled by default, and changes take effect
747 \S{faq-resetterm}{Question} When I change some terminal settings,
750 Some of the terminal options (notably \ii{Auto Wrap} and
751 background-colour screen erase) actually represent the \e{default}
752 setting, rather than the currently active setting. The server can
753 send sequences that modify these options in mid-session, but when
754 the terminal is reset (by server action, or by you choosing \q{Reset
755 Terminal} from the System menu) the defaults are restored.
757 In versions 0.53b and prior, if you change one of these options in
758 the middle of a session, you will find that the change does not
759 immediately take effect. It will only take effect once you reset
762 In version 0.54, the behaviour has changed - changes to these
763 settings take effect immediately.
765 \S{faq-idleout}{Question} My PuTTY sessions unexpectedly close after
766 they are \I{idle connections}idle for a while.
768 Some types of \i{firewall}, and almost any router doing Network Address
769 Translation (\i{NAT}, also known as IP masquerading), will forget about
770 a connection through them if the connection does nothing for too
771 long. This will cause the connection to be rudely cut off when
774 You can try to combat this by telling PuTTY to send \e{keepalives}:
775 packets of data which have no effect on the actual session, but
776 which reassure the router or firewall that the network connection is
777 still active and worth remembering about.
779 Keepalives don't solve everything, unfortunately; although they
780 cause greater robustness against this sort of router, they can also
781 cause a \e{loss} of robustness against network dropouts. See
782 \k{config-keepalive} in the documentation for more discussion of
785 \S{faq-timeout}{Question} PuTTY's network connections time out too
786 quickly when \I{breaks in connectivity}network connectivity is
789 This is a Windows problem, not a PuTTY problem. The timeout value
790 can't be set on per application or per session basis. To increase
791 the TCP timeout globally, you need to tinker with the Registry.
793 On Windows 95, 98 or ME, the registry key you need to create or
796 \c HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\
797 \c MSTCP\MaxDataRetries
799 (it must be of type DWORD in Win95, or String in Win98/ME).
800 (See MS Knowledge Base article
801 \W{http://support.microsoft.com/default.aspx?scid=kb;en-us;158474}{158474}
802 for more information.)
804 On Windows NT, 2000, or XP, the registry key to create or change is
806 \c HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\
807 \c Parameters\TcpMaxDataRetransmissions
809 and it must be of type DWORD.
810 (See MS Knowledge Base articles
811 \W{http://support.microsoft.com/default.aspx?scid=kb;en-us;120642}{120642}
813 \W{http://support.microsoft.com/default.aspx?scid=kb;en-us;314053}{314053}
814 for more information.)
816 Set the key's value to something like 10. This will cause Windows to
817 try harder to keep connections alive instead of abandoning them.
819 \S{faq-puttyputty}{Question} When I \cw{cat} a binary file, I get
820 \q{PuTTYPuTTYPuTTY} on my command line.
824 This is designed behaviour; when PuTTY receives the character
825 Control-E from the remote server, it interprets it as a request to
826 identify itself, and so it sends back the string \q{\cw{PuTTY}} as
827 if that string had been entered at the keyboard. Control-E should
828 only be sent by programs that are prepared to deal with the
829 response. Writing a binary file to your terminal is likely to output
830 many Control-E characters, and cause this behaviour. Don't do it.
833 To mitigate the effects, you could configure the answerback string
834 to be empty (see \k{config-answerback}); but writing binary files to
835 your terminal is likely to cause various other unpleasant behaviour,
836 so this is only a small remedy.
838 \S{faq-wintitle}{Question} When I \cw{cat} a binary file, my \i{window
839 title} changes to a nonsense string.
843 It is designed behaviour that PuTTY should have the ability to
844 adjust the window title on instructions from the server. Normally
845 the control sequence that does this should only be sent
846 deliberately, by programs that know what they are doing and intend
847 to put meaningful text in the window title. Writing a binary file to
848 your terminal runs the risk of sending the same control sequence by
849 accident, and cause unexpected changes in the window title. Don't do
852 \S{faq-password-fails}{Question} My \i{keyboard} stops working once
853 PuTTY displays the \i{password prompt}.
855 No, it doesn't. PuTTY just doesn't display the password you type, so
856 that someone looking at your screen can't see what it is.
858 Unlike the Windows login prompts, PuTTY doesn't display the password
859 as a row of asterisks either. This is so that someone looking at
860 your screen can't even tell how \e{long} your password is, which
861 might be valuable information.
863 \S{faq-keyboard}{Question} One or more \I{keyboard}\i{function keys}
864 don't do what I expected in a server-side application.
866 If you've already tried all the relevant options in the PuTTY
867 Keyboard panel, you may need to mail the PuTTY maintainers and ask.
869 It is \e{not} usually helpful just to tell us which application,
870 which server operating system, and which key isn't working; in order
871 to replicate the problem we would need to have a copy of every
872 operating system, and every application, that anyone has ever
875 PuTTY responds to function key presses by sending a sequence of
876 control characters to the server. If a function key isn't doing what
877 you expect, it's likely that the character sequence your application
878 is expecting to receive is not the same as the one PuTTY is sending.
879 Therefore what we really need to know is \e{what} sequence the
880 application is expecting.
882 The simplest way to investigate this is to find some other terminal
883 environment, in which that function key \e{does} work; and then
884 investigate what sequence the function key is sending in that
885 situation. One reasonably easy way to do this on a \i{Unix} system is to
886 type the command \i\c{cat}, and then press the function key. This is
887 likely to produce output of the form \c{^[[11~}. You can also do
888 this in PuTTY, to find out what sequence the function key is
889 producing in that. Then you can mail the PuTTY maintainers and tell
890 us \q{I wanted the F1 key to send \c{^[[11~}, but instead it's
891 sending \c{^[OP}, can this be done?}, or something similar.
893 You should still read the
894 \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/feedback.html}{Feedback
895 page} on the PuTTY website (also provided as \k{feedback} in the
896 manual), and follow the guidelines contained in that.
898 \S{faq-openssh-bad-openssl}{Question} Since my SSH server was upgraded
899 to \i{OpenSSH} 3.1p1/3.4p1, I can no longer connect with PuTTY.
901 There is a known problem when OpenSSH has been built against an
902 incorrect version of OpenSSL; the quick workaround is to configure
903 PuTTY to use SSH protocol 2 and the Blowfish cipher.
905 For more details and OpenSSH patches, see
906 \W{http://bugzilla.mindrot.org/show_bug.cgi?id=138}{bug 138} in the
909 This is not a PuTTY-specific problem; if you try to connect with
910 another client you'll likely have similar problems. (Although PuTTY's
911 default cipher differs from many other clients.)
913 \e{OpenSSH 3.1p1:} configurations known to be broken (and symptoms):
915 \b SSH-2 with AES cipher (PuTTY says \q{Assertion failed! Expression:
916 (len & 15) == 0} in \cw{sshaes.c}, or \q{Out of memory}, or crashes)
918 \b SSH-2 with 3DES (PuTTY says \q{Incorrect MAC received on packet})
920 \b SSH-1 with Blowfish (PuTTY says \q{Incorrect CRC received on
925 \e{OpenSSH 3.4p1:} as of 3.4p1, only the problem with SSH-1 and
926 Blowfish remains. Rebuild your server, apply the patch linked to from
927 bug 138 above, or use another cipher (e.g., 3DES) instead.
929 \e{Other versions:} we occasionally get reports of the same symptom
930 and workarounds with older versions of OpenSSH, although it's not
931 clear the underlying cause is the same.
933 \S{faq-ssh2key-ssh1conn}{Question} Why do I see \q{Couldn't load
934 private key from ...}? Why can PuTTYgen load my key but not PuTTY?
936 It's likely that you've generated an SSH protocol 2 key with PuTTYgen,
937 but you're trying to use it in an SSH-1 connection. SSH-1 and SSH-2 keys
938 have different formats, and (at least in 0.52) PuTTY's reporting of a
939 key in the wrong format isn't optimal.
941 To connect using SSH-2 to a server that supports both versions, you
942 need to change the configuration from the default (see \k{faq-ssh2}).
944 \S{faq-rh8-utf8}{Question} When I'm connected to a \i{Red Hat Linux} 8.0
945 system, some characters don't display properly.
947 A common complaint is that hyphens in man pages show up as a-acute.
949 With release 8.0, Red Hat appear to have made \i{UTF-8} the default
950 character set. There appears to be no way for terminal emulators such
951 as PuTTY to know this (as far as we know, the appropriate escape
952 sequence to switch into UTF-8 mode isn't sent).
954 A fix is to configure sessions to RH8 systems to use UTF-8
955 translation - see \k{config-charset} in the documentation. (Note that
956 if you use \q{Change Settings}, changes may not take place immediately
957 - see \k{faq-resetterm}.)
959 If you really want to change the character set used by the server, the
960 right place is \c{/etc/sysconfig/i18n}, but this shouldn't be
963 \S{faq-screen}{Question} Since I upgraded to PuTTY 0.54, the
964 scrollback has stopped working when I run \c{screen}.
966 PuTTY's terminal emulator has always had the policy that when the
967 \q{\i{alternate screen}} is in use, nothing is added to the scrollback.
968 This is because the usual sorts of programs which use the alternate
969 screen are things like text editors, which tend to scroll back and
970 forth in the same document a lot; so (a) they would fill up the
971 scrollback with a large amount of unhelpfully disordered text, and
972 (b) they contain their \e{own} method for the user to scroll back to
973 the bit they were interested in. We have generally found this policy
974 to do the Right Thing in almost all situations.
976 Unfortunately, \c{screen} is one exception: it uses the alternate
977 screen, but it's still usually helpful to have PuTTY's scrollback
978 continue working. The simplest solution is to go to the Features
979 control panel and tick \q{Disable switching to alternate terminal
980 screen}. (See \k{config-features-altscreen} for more details.)
981 Alternatively, you can tell \c{screen} itself not to use the
982 alternate screen: the
983 \W{http://www4.informatik.uni-erlangen.de/~jnweiger/screen-faq.html}{\c{screen}
984 FAQ} suggests adding the line \cq{termcapinfo xterm ti@:te@} to your
987 The reason why this only started to be a problem in 0.54 is because
988 \c{screen} typically uses an unusual control sequence to switch to
989 the alternate screen, and previous versions of PuTTY did not support
992 \S{faq-alternate-localhost}{Question} Since I upgraded \i{Windows XP}
993 to Service Pack 2, I can't use addresses like \cw{127.0.0.2}.
995 Some people who ask PuTTY to listen on \i{localhost} addresses other
996 than \cw{127.0.0.1} to forward services such as \i{SMB} and \i{Windows
997 Terminal Services} have found that doing so no longer works since
998 they upgraded to WinXP SP2.
1000 This is apparently an issue with SP2 that is acknowledged by Microsoft
1001 in MS Knowledge Base article
1002 \W{http://support.microsoft.com/default.aspx?scid=kb;en-us;884020}{884020}.
1003 The article links to a fix you can download.
1005 (\e{However}, we've been told that SP2 \e{also} fixes the bug that
1006 means you need to use non-\cw{127.0.0.1} addresses to forward
1007 Terminal Services in the first place.)
1009 \S{faq-missing-slash}{Question} PSFTP commands seem to be missing a
1010 directory separator (slash).
1012 Some people have reported the following incorrect behaviour with
1017 \c Remote directory is /dir1/dir2
1018 \c psftp> get filename.ext
1020 \c /dir1/dir2filename.ext: no such file or directory
1022 This is not a bug in PSFTP. There is a known bug in some versions of
1023 portable \i{OpenSSH}
1024 (\W{http://bugzilla.mindrot.org/show_bug.cgi?id=697}{bug 697}) that
1025 causes these symptoms; it appears to have been introduced around
1026 3.7.x. It manifests only on certain platforms (AIX is what has been
1029 There is a patch for OpenSSH attached to that bug; it's also fixed in
1030 recent versions of portable OpenSSH (from around 3.8).
1032 \S{faq-connaborted}{Question} Do you want to hear about \q{Software
1033 caused connection abort}?
1035 In the documentation for PuTTY 0.53 and 0.53b, we mentioned that we'd
1036 like to hear about any occurrences of this error. Since the release
1037 of PuTTY 0.54, however, we've been convinced that this error doesn't
1038 indicate that PuTTY's doing anything wrong, and we don't need to hear
1039 about further occurrences. See \k{errors-connaborted} for our current
1040 documentation of this error.
1042 \S{faq-rekey}{Question} My SSH-2 session \I{locking up, SSH-2
1043 sessions}locks up for a few seconds every so often.
1045 Recent versions of PuTTY automatically initiate \i{repeat key
1046 exchange} once per hour, to improve session security. If your client
1047 or server machine is slow, you may experience this as a delay of
1048 anything up to thirty seconds or so.
1050 These \I{delays, in SSH-2 sessions}delays are inconvenient, but they
1051 are there for your protection. If they really cause you a problem,
1052 you can choose to turn off periodic rekeying using the \q{Kex}
1053 configuration panel (see \k{config-ssh-kex}), but be aware that you
1054 will be sacrificing security for this. (Falling back to SSH-1 would
1055 also remove the delays, but would lose a \e{lot} more security
1056 still. We do not recommend it.)
1058 \S{faq-xpwontrun}{Question} PuTTY fails to start up. Windows claims that
1059 \q{the application configuration is incorrect}.
1061 This is caused by a bug in certain versions of \i{Windows XP} which
1062 is triggered by PuTTY 0.58. This was fixed in 0.59. The
1063 \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/xp-wont-run}{\q{xp-wont-run}}
1064 entry in PuTTY's wishlist has more details.
1066 \S{faq-system32}{Question} When I put 32-bit PuTTY in
1067 \cw{C:\\WINDOWS\\\i{SYSTEM32}} on my \i{64-bit Windows} system,
1068 \i{\q{Duplicate Session}} doesn't work.
1070 The short answer is not to put the PuTTY executables in that location.
1072 On 64-bit systems, \cw{C:\\WINDOWS\\SYSTEM32} is intended to contain
1073 only 64-bit binaries; Windows' 32-bit binaries live in
1074 \cw{C:\\WINDOWS\\SYSWOW64}. When a 32-bit PuTTY executable runs
1075 on a 64-bit system, it cannot by default see the \q{real}
1076 \cw{C:\\WINDOWS\\SYSTEM32} at all, because the
1077 \W{http://msdn.microsoft.com/en-us/library/aa384187(v=vs.85).aspx}{File
1078 System Redirector} arranges that the running program sees the
1079 appropriate kind of binaries in \cw{SYSTEM32}. Thus, operations in
1080 the PuTTY suite that involve it accessing its own executables, such as
1081 \i{\q{New Session}} and \q{Duplicate Session}, will not work.
1083 \H{faq-secure} Security questions
1085 \S{faq-publicpc}{Question} Is it safe for me to download PuTTY and
1086 use it on a public PC?
1088 It depends on whether you trust that PC. If you don't trust the
1089 public PC, don't use PuTTY on it, and don't use any other software
1090 you plan to type passwords into either. It might be watching your
1091 keystrokes, or it might tamper with the PuTTY binary you download.
1092 There is \e{no} program safe enough that you can run it on an
1093 actively malicious PC and get away with typing passwords into it.
1095 If you do trust the PC, then it's probably OK to use PuTTY on it
1096 (but if you don't trust the network, then the PuTTY download might
1097 be tampered with, so it would be better to carry PuTTY with you on a
1100 \S{faq-cleanup}{Question} What does PuTTY leave on a system? How can
1101 I \i{clean up} after it?
1103 PuTTY will leave some Registry entries, and a random seed file, on
1104 the PC (see \k{faq-settings}). Windows 7 and up also remember some
1105 information about recently launched sessions for the \q{jump list}
1108 If you are using PuTTY on a public PC, or somebody else's PC, you
1109 might want to clean this information up when you leave. You can do
1110 that automatically, by running the command \c{putty -cleanup}. See
1111 \k{using-cleanup} in the documentation for more detail. (Note that
1112 this only removes settings for the currently logged-in user on
1113 \i{multi-user systems}.)
1115 If PuTTY was installed from the installer package, it will also
1116 appear in \q{Add/Remove Programs}. Current versions of the installer
1117 do not offer to remove the above-mentioned items, so if you want them
1118 removed you should run \c{putty -cleanup} before uninstalling.
1120 \S{faq-dsa}{Question} How come PuTTY now supports \i{DSA}, when the
1121 website used to say how insecure it was?
1123 DSA has a major weakness \e{if badly implemented}: it relies on a
1124 random number generator to far too great an extent. If the random
1125 number generator produces a number an attacker can predict, the DSA
1126 private key is exposed - meaning that the attacker can log in as you
1127 on all systems that accept that key.
1129 The PuTTY policy changed because the developers were informed of
1130 ways to implement DSA which do not suffer nearly as badly from this
1131 weakness, and indeed which don't need to rely on random numbers at
1132 all. For this reason we now believe PuTTY's DSA implementation is
1135 The recently added elliptic-curve signature methods are also DSA-style
1136 algorithms, so they have this same weakness in principle. Our ECDSA
1137 implementation uses the same defence as DSA, while our Ed25519
1138 implementation uses the similar system (but different in details) that
1139 the Ed25519 spec mandates.
1141 \S{faq-virtuallock}{Question} Couldn't Pageant use
1142 \cw{VirtualLock()} to stop private keys being written to disk?
1144 Unfortunately not. The \cw{VirtualLock()} function in the Windows
1145 API doesn't do a proper job: it may prevent small pieces of a
1146 process's memory from being paged to disk while the process is
1147 running, but it doesn't stop the process's memory as a whole from
1148 being swapped completely out to disk when the process is long-term
1149 inactive. And Pageant spends most of its time inactive.
1151 \H{faq-admin} Administrative questions
1153 \S{faq-domain}{Question} Would you like me to register you a nicer
1156 No, thank you. Even if you can find one (most of them seem to have
1157 been registered already, by people who didn't ask whether we
1158 actually wanted it before they applied), we're happy with the PuTTY
1159 web site being exactly where it is. It's not hard to find (just type
1160 \q{putty} into \W{http://www.google.com/}{google.com} and we're the
1161 first link returned), and we don't believe the administrative hassle
1162 of moving the site would be worth the benefit.
1164 In addition, if we \e{did} want a custom domain name, we would want
1165 to run it ourselves, so we knew for certain that it would continue
1166 to point where we wanted it, and wouldn't suddenly change or do
1167 strange things. Having it registered for us by a third party who we
1168 don't even know is not the best way to achieve this.
1170 \S{faq-webhosting}{Question} Would you like free web hosting for the
1173 We already have some, thanks.
1175 \S{faq-link}{Question} Would you link to my web site from the PuTTY
1178 Only if the content of your web page is of definite direct interest
1179 to PuTTY users. If your content is unrelated, or only tangentially
1180 related, to PuTTY, then the link would simply be advertising for
1183 One very nice effect of the Google ranking mechanism is that by and
1184 large, the most popular web sites get the highest rankings. This
1185 means that when an ordinary person does a search, the top item in
1186 the search is very likely to be a high-quality site or the site they
1187 actually wanted, rather than the site which paid the most money for
1190 The PuTTY web site is held in high esteem by Google, for precisely
1191 this reason: lots of people have linked to it simply because they
1192 like PuTTY, without us ever having to ask anyone to link to us. We
1193 feel that it would be an abuse of this esteem to use it to boost the
1194 ranking of random advertisers' web sites. If you want your web site
1195 to have a high Google ranking, we'd prefer that you achieve this the
1196 way we did - by being good enough at what you do that people will
1197 link to you simply because they like you.
1199 In particular, we aren't interested in trading links for money (see
1200 above), and we \e{certainly} aren't interested in trading links for
1201 other links (since we have no advertising on our web site, our
1202 Google ranking is not even directly worth anything to us). If we
1203 don't want to link to you for free, then we probably won't want to
1206 If you have software based on PuTTY, or specifically designed to
1207 interoperate with PuTTY, or in some other way of genuine interest to
1208 PuTTY users, then we will probably be happy to add a link to you on
1209 our Links page. And if you're running a particularly valuable mirror
1210 of the PuTTY web site, we might be interested in linking to you from
1213 \S{faq-sourceforge}{Question} Why don't you move PuTTY to
1216 Partly, because we don't want to move the web site location (see
1219 Also, security reasons. PuTTY is a security product, and as such it
1220 is particularly important to guard the code and the web site against
1221 unauthorised modifications which might introduce subtle security
1222 flaws. Therefore, we prefer that the Git repository, web site and
1223 FTP site remain where they are, under the direct control of system
1224 administrators we know and trust personally, rather than being run
1225 by a large organisation full of people we've never met and which is
1226 known to have had breakins in the past.
1228 No offence to SourceForge; I think they do a wonderful job. But
1229 they're not ideal for everyone, and in particular they're not ideal
1232 \S{faq-mailinglist1}{Question} Why can't I subscribe to the
1233 putty-bugs mailing list?
1235 Because you're not a member of the PuTTY core development team. The
1236 putty-bugs mailing list is not a general newsgroup-like discussion
1237 forum; it's a contact address for the core developers, and an
1238 \e{internal} mailing list for us to discuss things among ourselves.
1239 If we opened it up for everybody to subscribe to, it would turn into
1240 something more like a newsgroup and we would be completely
1241 overwhelmed by the volume of traffic. It's hard enough to keep up
1242 with the list as it is.
1244 \S{faq-mailinglist2}{Question} If putty-bugs isn't a
1245 general-subscription mailing list, what is?
1247 There isn't one, that we know of.
1249 If someone else wants to set up a mailing list or other forum for
1250 PuTTY users to help each other with common problems, that would be
1251 fine with us, though the PuTTY team would almost certainly not have the
1252 time to read it. It's probably better to use one of the established
1253 newsgroups for this purpose (see \k{feedback-other-fora}).
1255 \S{faq-donations}{Question} How can I donate to PuTTY development?
1257 Please, \e{please} don't feel you have to. PuTTY is completely free
1258 software, and not shareware. We think it's very important that
1259 \e{everybody} who wants to use PuTTY should be able to, whether they
1260 have any money or not; so the last thing we would want is for a
1261 PuTTY user to feel guilty because they haven't paid us any money. If
1262 you want to keep your money, please do keep it. We wouldn't dream of
1265 Having said all that, if you still really \e{want} to give us money,
1266 we won't argue :-) The easiest way for us to accept donations is if
1267 you send money to \cw{<anakin@pobox.com>} using PayPal
1268 (\W{http://www.paypal.com/}\cw{www.paypal.com}). If you don't like
1269 PayPal, talk to us; we can probably arrange some alternative means.
1271 Small donations (tens of dollars or tens of euros) will probably be
1272 spent on beer or curry, which helps motivate our volunteer team to
1273 continue doing this for the world. Larger donations will be spent on
1274 something that actually helps development, if we can find anything
1275 (perhaps new hardware, or a copy of Windows XP), but if we can't
1276 find anything then we'll just distribute the money among the
1277 developers. If you want to be sure your donation is going towards
1278 something worthwhile, ask us first. If you don't like these terms,
1279 feel perfectly free not to donate. We don't mind.
1281 \S{faq-permission}{Question} Can I have permission to put PuTTY on a
1282 cover disk / distribute it with other software / etc?
1284 Yes. For most things, you need not bother asking us explicitly for
1285 permission; our licence already grants you permission.
1287 See \k{feedback-permission} for more details.
1289 \S{faq-indemnity}{Question} Can you sign an agreement indemnifying
1290 us against security problems in PuTTY?
1294 A vendor of physical security products (e.g. locks) might plausibly
1295 be willing to accept financial liability for a product that failed
1296 to perform as advertised and resulted in damage (e.g. valuables
1297 being stolen). The reason they can afford to do this is because they
1298 sell a \e{lot} of units, and only a small proportion of them will
1299 fail; so they can meet their financial liability out of the income
1300 from all the rest of their sales, and still have enough left over to
1301 make a profit. Financial liability is intrinsically linked to
1302 selling your product for money.
1304 There are two reasons why PuTTY is not analogous to a physical lock
1305 in this context. One is that software products don't exhibit random
1306 variation: \e{if} PuTTY has a security hole (which does happen,
1307 although we do our utmost to prevent it and to respond quickly when
1308 it does), every copy of PuTTY will have the same hole, so it's
1309 likely to affect all the users at the same time. So even if our
1310 users were all paying us to use PuTTY, we wouldn't be able to
1311 \e{simultaneously} pay every affected user compensation in excess of
1312 the amount they had paid us in the first place. It just wouldn't
1315 The second, much more important, reason is that PuTTY users
1316 \e{don't} pay us. The PuTTY team does not have an income; it's a
1317 volunteer effort composed of people spending their spare time to try
1318 to write useful software. We aren't even a company or any kind of
1319 legally recognised organisation. We're just a bunch of people who
1320 happen to do some stuff in our spare time.
1322 Therefore, to ask us to assume financial liability is to ask us to
1323 assume a risk of having to pay it out of our own \e{personal}
1324 pockets: out of the same budget from which we buy food and clothes
1325 and pay our rent. That's more than we're willing to give. We're
1326 already giving a lot of our spare \e{time} to developing software
1327 for free; if we had to pay our own \e{money} to do it as well, we'd
1328 start to wonder why we were bothering.
1330 Free software fundamentally does not work on the basis of financial
1331 guarantees. Your guarantee of the software functioning correctly is
1332 simply that you have the source code and can check it before you use
1333 it. If you want to be sure there aren't any security holes, do a
1334 security audit of the PuTTY code, or hire a security engineer if you
1335 don't have the necessary skills yourself: instead of trying to
1336 ensure you can get compensation in the event of a disaster, try to
1337 ensure there isn't a disaster in the first place.
1339 If you \e{really} want financial security, see if you can find a
1340 security engineer who will take financial responsibility for the
1341 correctness of their review. (This might be less likely to suffer
1342 from the everything-failing-at-once problem mentioned above, because
1343 such an engineer would probably be reviewing a lot of \e{different}
1344 products which would tend to fail independently.) Failing that, see
1345 if you can persuade an insurance company to insure you against
1346 security incidents, and if the insurer demands it as a condition
1347 then get our code reviewed by a security engineer they're happy
1350 \S{faq-permission-form}{Question} Can you sign this form granting us
1351 permission to use/distribute PuTTY?
1353 If your form contains any clause along the lines of \q{the
1354 undersigned represents and warrants}, we're not going to sign it.
1355 This is particularly true if it asks us to warrant that PuTTY is
1356 secure; see \k{faq-indemnity} for more discussion of this. But it
1357 doesn't really matter what we're supposed to be warranting: even if
1358 it's something we already believe is true, such as that we don't
1359 infringe any third-party copyright, we will not sign a document
1360 accepting any legal or financial liability. This is simply because
1361 the PuTTY development project has no income out of which to satisfy
1362 that liability, or pay legal costs, should it become necessary. We
1363 cannot afford to be sued. We are assuring you that \e{we have done
1364 our best}; if that isn't good enough for you, tough.
1366 The existing PuTTY licence document already gives you permission to
1367 use or distribute PuTTY in pretty much any way which does not
1368 involve pretending you wrote it or suing us if it goes wrong. We
1369 think that really ought to be enough for anybody.
1371 See also \k{faq-permission-general} for another reason why we don't
1372 want to do this sort of thing.
1374 \S{faq-permission-future}{Question} Can you write us a formal notice
1375 of permission to use PuTTY?
1377 We could, in principle, but it isn't clear what use it would be. If
1378 you think there's a serious chance of one of the PuTTY copyright
1379 holders suing you (which we don't!), you would presumably want a
1380 signed notice from \e{all} of them; and we couldn't provide that
1381 even if we wanted to, because many of the copyright holders are
1382 people who contributed some code in the past and with whom we
1383 subsequently lost contact. Therefore the best we would be able to do
1384 \e{even in theory} would be to have the core development team sign
1385 the document, which wouldn't guarantee you that some other copyright
1386 holder might not sue.
1388 See also \k{faq-permission-general} for another reason why we don't
1389 want to do this sort of thing.
1391 \S{faq-permission-general}{Question} Can you sign \e{anything} for
1394 Not unless there's an incredibly good reason.
1396 We are generally unwilling to set a precedent that involves us
1397 having to enter into individual agreements with PuTTY users. We
1398 estimate that we have literally \e{millions} of users, and we
1399 absolutely would not have time to go round signing specific
1400 agreements with every one of them. So if you want us to sign
1401 something specific for you, you might usefully stop to consider
1402 whether there's anything special that distinguishes you from 999,999
1403 other users, and therefore any reason we should be willing to sign
1404 something for you without it setting such a precedent.
1406 If your company policy requires you to have an individual agreement
1407 with the supplier of any software you use, then your company policy
1408 is simply not well suited to using popular free software, and we
1409 urge you to consider this as a flaw in your policy.
1411 \S{faq-permission-assurance}{Question} If you won't sign anything,
1412 can you give us some sort of assurance that you won't make PuTTY
1413 closed-source in future?
1417 If what you want is an assurance that some \e{current version} of
1418 PuTTY which you've already downloaded will remain free, then you
1419 already have that assurance: it's called the PuTTY Licence. It
1420 grants you permission to use, distribute and copy the software to
1421 which it applies; once we've granted that permission (which we
1422 have), we can't just revoke it.
1424 On the other hand, if you want an assurance that \e{future} versions
1425 of PuTTY won't be closed-source, that's more difficult. We could in
1426 principle sign a document stating that we would never release a
1427 closed-source PuTTY, but that wouldn't assure you that we \e{would}
1428 keep releasing \e{open}-source PuTTYs: we would still have the
1429 option of ceasing to develop PuTTY at all, which would surely be
1430 even worse for you than making it closed-source! (And we almost
1431 certainly wouldn't \e{want} to sign a document guaranteeing that we
1432 would actually continue to do development work on PuTTY; we
1433 certainly wouldn't sign it for free. Documents like that are called
1434 contracts of employment, and are generally not signed except in
1435 return for a sizeable salary.)
1437 If we \e{were} to stop developing PuTTY, or to decide to make all
1438 future releases closed-source, then you would still be free to copy
1439 the last open release in accordance with the current licence, and in
1440 particular you could start your own fork of the project from that
1441 release. If this happened, I confidently predict that \e{somebody}
1442 would do that, and that some kind of a free PuTTY would continue to
1443 be developed. There's already precedent for that sort of thing
1444 happening in free software. We can't guarantee that somebody
1445 \e{other than you} would do it, of course; you might have to do it
1446 yourself. But we can assure you that there would be nothing
1447 \e{preventing} anyone from continuing free development if we
1450 (Finally, we can also confidently predict that if we made PuTTY
1451 closed-source and someone made an open-source fork, most people
1452 would switch to the latter. Therefore, it would be pretty stupid of
1455 \S{faq-export-cert}{Question} Can you provide us with export control
1456 information / FIPS certification for PuTTY?
1458 Some people have asked us for an Export Control Classification Number
1459 (ECCN) for PuTTY. We don't know whether we have one, and as a team of
1460 free software developers based in the UK we don't have the time,
1461 money, or effort to deal with US bureaucracy to investigate any
1462 further. We believe that PuTTY falls under 5D002 on the US Commerce
1463 Control List, but that shouldn't be taken as definitive. If you need
1464 to know more you should seek professional legal advice. The same
1465 applies to any other country's legal requirements and restrictions.
1467 Similarly, some people have asked us for FIPS certification of the
1468 PuTTY tools. Unless someone else is prepared to do the necessary work
1469 and pay any costs, we can't provide this.
1471 \S{faq-vendor}{Question} As one of our existing software vendors, can
1472 you just fill in this questionnaire for us?
1474 We periodically receive requests like this, from organisations which
1475 have apparently sent out a form letter to everyone listed in their big
1476 spreadsheet of \q{software vendors} requiring them all to answer some
1477 long list of questions about supported OS versions, paid support
1478 arrangements, compliance with assorted local regulations we haven't
1479 heard of, contact phone numbers, and other such administrivia. Many of
1480 the questions are obviously meaningless when applied to PuTTY (we
1481 don't provide any paid support in the first place!), most of the rest
1482 could have been answered with only a very quick look at our website,
1483 and some we are actively unwilling to answer (we are private
1484 individuals, why would we want to give out our home phone numbers to
1485 large corporations?).
1487 We don't make a habit of responding in full to these questionnaires,
1488 because \e{we are not a software vendor}.
1490 A software \e{vendor} is a company to which you are paying lots of
1491 money in return for some software. They know who you are, and they
1492 know you're paying them money; so they have an incentive to fill in
1493 your forms and questionnaires, to research any local regulations you
1494 cite if they don't already know about them, and generally to provide
1495 every scrap of information you might possibly need in the most
1496 convenient manner for you, because they want to keep being paid.
1498 But we are a team of free software developers, and that means your
1499 relationship with us is nothing like that at all. If you once
1500 downloaded our software from our website, that's great and we hope you
1501 found it useful, but it doesn't mean we have the least idea who you
1502 are, or any incentive to do lots of unpaid work to support our
1503 \q{relationship} with you.
1505 It's not that we are unwilling to \e{provide information}. We put as
1506 much of it as we can on our website for your convenience, and if you
1507 actually need to know some fact about PuTTY which you haven't been
1508 able to find on the website (and which is not obviously inapplicable
1509 to free software in the first place) then please do ask us, and we'll
1510 try to answer as best we can. But we put up the website and this FAQ
1511 precisely so that we \e{don't} have to keep answering the same
1512 questions over and over again, so we aren't prepared to fill in
1513 completely generic form-letter questionnaires for people who haven't
1514 done their best to find the answers here first.
1516 If you work for an organisation which you think might be at risk of
1517 making this mistake, we urge you to reorganise your list of software
1518 suppliers so that it clearly distinguishes paid vendors who know about
1519 you from free software developers who don't have any idea who you are.
1520 Then, only send out these mass mailings to the former.
1522 \S{faq-checksums}{Question} The \c{sha1sums} / \c{sha256sums} / etc
1523 files on your download page don't match the binaries.
1525 People report this every so often, and usually the reason turns out to
1526 be that they've matched up the wrong checksums file with the wrong
1529 The PuTTY download page contains more than one version of the
1530 software. There's a \e{latest release} version; there are the
1531 \e{development snapshots}; and when we're in the run-up to making a
1532 release, there are also \e{pre-release} builds of the upcoming new
1533 version. Each one has its own collection of binaries, and its own
1534 collection of checksums files to go with them.
1536 So if you've downloaded the release version of the actual program, you
1537 need the release version of the checksums too, otherwise you will see
1538 a mismatch. Similarly, the development snapshot binaries go with the
1539 development snapshot checksums, and so on. (We've colour-coded the
1540 download page in an effort to reduce this confusion a bit.)
1542 If you have double-checked that, and you still think there's a real
1543 mismatch, then please send us a report carefully quoting everything
1546 \b the exact URL you got your binary from
1548 \b the checksum of the binary after you downloaded
1550 \b the exact URL you got your checksums file from
1552 \b the checksum that file says the binary should have.
1554 \H{faq-misc} Miscellaneous questions
1556 \S{faq-openssh}{Question} Is PuTTY a port of \i{OpenSSH}, or based on
1559 No, it isn't. PuTTY is almost completely composed of code written
1560 from scratch for PuTTY. The only code we share with OpenSSH is the
1561 detector for SSH-1 CRC compensation attacks, written by CORE SDI
1562 S.A; we share no code at all with OpenSSL.
1564 \S{faq-sillyputty}{Question} Where can I buy silly putty?
1566 You're looking at the wrong web site; the only PuTTY we know about
1567 here is the name of a computer program.
1569 If you want the kind of putty you can buy as an executive toy, the
1570 PuTTY team can personally recommend Thinking Putty, which you can
1571 buy from Crazy Aaron's Putty World, at
1572 \W{http://www.puttyworld.com}\cw{www.puttyworld.com}.
1574 \S{faq-meaning}{Question} What does \q{PuTTY} mean?
1576 It's the name of a popular SSH and Telnet client. Any other meaning
1577 is in the eye of the beholder. It's been rumoured that \q{PuTTY}
1578 is the antonym of \q{\cw{getty}}, or that it's the stuff that makes your
1579 Windows useful, or that it's a kind of plutonium Teletype. We
1580 couldn't possibly comment on such allegations.
1582 \S{faq-pronounce}{Question} How do I pronounce \q{PuTTY}?
1584 Exactly like the English word \q{putty}, which we pronounce
1585 /\u02C8{'}p\u028C{V}ti/.