and not in the \q{Recently fixed} section, it probably \e{hasn't} been
implemented.
-\S{faq-ssh2}{Question} Does PuTTY support SSH v2?
+\S{faq-ssh2}{Question} Does PuTTY support SSH-2?
-Yes. SSH v2 support has been available in PuTTY since version 0.50.
+Yes. SSH-2 support has been available in PuTTY since version 0.50.
-Public key authentication (both RSA and DSA) in SSH v2 is new in
+Public key authentication (both RSA and DSA) in SSH-2 is new in
version 0.52.
\S{faq-ssh2-keyfmt}{Question} Does PuTTY support reading OpenSSH or
-\cw{ssh.com} SSHv2 private key files?
+\cw{ssh.com} SSH-2 private key files?
PuTTY doesn't support this natively, but as of 0.53
PuTTYgen can convert both OpenSSH and \cw{ssh.com} private key
files into PuTTY's format.
-\S{faq-ssh1}{Question} Does PuTTY support SSH v1?
+\S{faq-ssh1}{Question} Does PuTTY support SSH-1?
-Yes. SSH 1 support has always been available in PuTTY.
+Yes. SSH-1 support has always been available in PuTTY.
\S{faq-localecho}{Question} Does PuTTY support local echo?
so I don't have to change them every time?
Yes, all of PuTTY's settings can be saved in named session profiles.
+You can also change the default settings that are used for new sessions.
See \k{config-saving} in the documentation for how to do this.
\S{faq-disksettings}{Question} Does PuTTY support storing its
PuTTY also requires a random number seed file, to improve the
unpredictability of randomly chosen data needed as part of the SSH
-cryptography. This is stored by default in your Windows home
-directory (\c{%HOMEDRIVE%\\%HOMEPATH%}), or in the actual Windows
-directory (such as \c{C:\\WINDOWS}) if the home directory doesn't
-exist, for example if you're using Win95. If you want to change the
-location of the random number seed file, you can put your chosen
-pathname in the Registry, at
+cryptography. This is stored by default in a file called \i\c{PUTTY.RND}
+in your Windows home directory (\c{%HOMEDRIVE%\\%HOMEPATH%}), or in
+the actual Windows directory (such as \c{C:\\WINDOWS}) if the home
+directory doesn't exist, for example if you're using Win95. If you
+want to change the location of the random number seed file, you can
+put your chosen pathname in the Registry, at
\c HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\RandSeedFile
received on packet}?
One possible cause of this that used to be common is a bug in old
-SSH 2 servers distributed by \cw{ssh.com}. (This is not the only
+SSH-2 servers distributed by \cw{ssh.com}. (This is not the only
possible cause; see \k{errors-crc} in the documentation.)
-Version 2.3.0 and below of their SSH 2 server
+Version 2.3.0 and below of their SSH-2 server
constructs Message Authentication Codes in the wrong way, and
expects the client to construct them in the same wrong way. PuTTY
constructs the MACs correctly by default, and hence these old
If you are using PuTTY version 0.51 or below, you can enable the
workaround by going to the SSH panel and ticking the box labelled
-\q{Imitate SSH 2 MAC bug}. It's possible that you might have to do
+\q{Imitate SSH2 MAC bug}. It's possible that you might have to do
this with 0.52 as well, if a buggy server exists that PuTTY doesn't
know about.
\c http://www.microsoft.com/windows95/downloads/contents/
\c wuadmintools/s_wunetworkingtools/w95sockets2/
-\S{faq-outofmem}{Question} After trying to establish an SSH 2
+\S{faq-outofmem}{Question} After trying to establish an SSH-2
connection, PuTTY says \q{Out of memory} and dies.
If this happens just while the connection is starting up, this often
\W{http://support.microsoft.com/default.aspx?scid=kb;en-us;158474}{158474}
for more information.)
-On Windows NT or 2000, the registry key is
+On Windows NT, 2000, or XP, the registry key to create or change is
\c HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\
\c Parameters\TcpMaxDataRetransmissions
and it must be of type DWORD.
-(See MS Knowledge Base article
+(See MS Knowledge Base articles
\W{http://support.microsoft.com/default.aspx?scid=kb;en-us;120642}{120642}
+and
+\W{http://support.microsoft.com/default.aspx?scid=kb;en-us;314053}{314053}
for more information.)
Set the key's value to something like 10. This will cause Windows to
\e{OpenSSH 3.1p1:} configurations known to be broken (and symptoms):
-\b SSH 2 with AES cipher (PuTTY says "Assertion failed! Expression:
-(len & 15) == 0" in sshaes.c, or "Out of memory", or crashes)
+\b SSH-2 with AES cipher (PuTTY says \q{Assertion failed! Expression:
+(len & 15) == 0} in \cw{sshaes.c}, or \q{Out of memory}, or crashes)
-\b SSH 2 with 3DES (PuTTY says "Incorrect MAC received on packet")
+\b SSH-2 with 3DES (PuTTY says \q{Incorrect MAC received on packet})
-\b SSH 1 with Blowfish (PuTTY says "Incorrect CRC received on
-packet")
+\b SSH-1 with Blowfish (PuTTY says \q{Incorrect CRC received on
+packet})
-\b SSH 1 with 3DES
+\b SSH-1 with 3DES
-\e{OpenSSH 3.4p1:} as of 3.4p1, only the problem with SSH 1 and
+\e{OpenSSH 3.4p1:} as of 3.4p1, only the problem with SSH-1 and
Blowfish remains. Rebuild your server, apply the patch linked to from
bug 138 above, or use another cipher (e.g., 3DES) instead.
and workarounds with older versions of OpenSSH, although it's not
clear the underlying cause is the same.
-\S{faq-ssh2key-ssh1conn}{Question} Why do I see "Couldn't load private
-key from ..."? Why can PuTTYgen load my key but not PuTTY?
+\S{faq-ssh2key-ssh1conn}{Question} Why do I see \q{Couldn't load
+private key from ...}? Why can PuTTYgen load my key but not PuTTY?
It's likely that you've generated an SSH protocol 2 key with PuTTYgen,
-but you're trying to use it in an SSH 1 connection. SSH1 and SSH2 keys
+but you're trying to use it in an SSH-1 connection. SSH-1 and SSH-2 keys
have different formats, and (at least in 0.52) PuTTY's reporting of a
key in the wrong format isn't optimal.
-To connect using SSH 2 to a server that supports both versions, you
+To connect using SSH-2 to a server that supports both versions, you
need to change the configuration from the default (see \k{faq-ssh2}).
\S{faq-rh8-utf8}{Question} When I'm connected to a Red Hat Linux 8.0
about further occurrences. See \k{errors-connaborted} for our current
documentation of this error.
+\S{faq-rekey}{Question} My SSH-2 session \I{locking up, SSH-2
+sessions}locks up for a few seconds every so often.
+
+Recent versions of PuTTY automatically initiate \i{repeat key
+exchange} once per hour, to improve session security. If your client
+or server machine is slow, you may experience this as a delay of
+anything up to thirty seconds or so.
+
+These \I{delays, in SSH-2 sessions}delays are inconvenient, but they
+are there for your protection. If they really cause you a problem,
+you can choose to turn off periodic rekeying using the \q{Kex}
+configuration panel (see \k{config-ssh-kex}), but be aware that you
+will be sacrificing security for this. (Falling back to SSH-1 would
+also remove the delays, but would lose a \e{lot} more security
+still. We do not recommend it.)
+
\H{faq-secure} Security questions
\S{faq-publicpc}{Question} Is it safe for me to download PuTTY and
No, it isn't. PuTTY is almost completely composed of code written
from scratch for PuTTY. The only code we share with OpenSSH is the
-detector for SSH1 CRC compensation attacks, written by CORE SDI S.A.
+detector for SSH-1 CRC compensation attacks, written by CORE SDI S.A.
\S{faq-sillyputty}{Question} Where can I buy silly putty?