PuTTY

PuTTY for Linux is an open source project that provides users with a very powerful graphical application for connecting to Telnet, SSH and Rlogin servers, which are used to run a remote session on a computer, over a network.

Features at a glance

The program features a single-window GUI (Graphical User Interface) that allows you to quickly connect to a SSH, Telnet, Rlogin, Serial or Raw server. Sessions can be easily saved for later usage.

Besides the putty command, the software is also distributed with the pscp SCP client, psftp SFTP client, puttytel Telnet-only client, plink (PuTTY Link) connection utility, and puttygen RSA and DSA key generation utility.

Among some of its basic features, we can mention session logging support, various options for the terminal emulator, including keyboard shortcuts and bell, ability to set the appearance and behaviour of the PuTTY window, as well as character encoding, mouse control, colors, and fonts.

Additionally, the application provides encryption options for the SSH protocol, and detailed configuration for the Serial, Rlogin and Telnet connection types. It can use IPv4 and IPv6 Internet protocols, supports TCP keepalive, and HTTP, SOCKS4, SOCKS5 and Telnet proxies.

Getting started with PuTTY

Once you input the hostname (IP address) and port of the respective server, and click the “Open” button, the application will open an XTerm terminal emulator and close the graphical window.

Whether the connection is successful or not, users will have to launch the application again if they want to reconnect to a certain server. By default, the SSH connection type is automatically selected every time a new instance of the application starts.

Supported operating systems

The application is officially supported on both Linux and Microsoft Windows operating systems. On Linux, it comes with the XTerm terminal emulator software. PuTTY is indeed one of the most acclaimed SSH and Telnet clients for the Linux and Window platforms.

What is new in this release:

• Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory, even a name we missed when we thought we'd fixed this in 0.69. See vuln-indirect-dll-hijack-3.
• Windows PuTTY should be able to print again, after our DLL hijacking defences broke that functionality.
• Windows PuTTY should be able to accept keyboard input outside the current code page, after our DLL hijacking defences broke that too.

What is new in version 0.69:

• Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory, even the names we missed when we thought we'd fixed this in 0.68. See vuln-indirect-dll-hijack-2.
• Windows PuTTY should work with MIT Kerberos again, after our DLL hijacking defences broke it.
• Jump lists should now appear again on the PuTTY shortcut in the Windows Start Menu.
• You can now explicitly configure SSH terminal mode settings not to be sent to the server, if your server objects to them.

What is new in version 0.68:

• Security fix: an integer overflow bug in the agent forwarding code. See vuln-agent-fwd-overflow.
• Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory (on versions of Windows where they previously were). See vuln-indirect-dll-hijack.
• Windows PuTTY no longer sets a restrictive process ACL by default, because this turned out to inconvenience too many legitimate applications such as NVDA and TortoiseGit. You can still manually request a restricted ACL using the command-line option -restrict-acl.
• The Windows PuTTY tools now come in a 64-bit version.
• The Windows PuTTY tools now have Windows's ASLR and DEP security features turned on.
• Support for elliptic-curve cryptography (the NIST curves and 25519), for host keys, user authentication keys, and key exchange.
• Support for importing and exporting OpenSSH's new private key format.
• Host key preference policy change: PuTTY prefers host key formats for which it already knows the key.
• Run-time option (from the system menu / Ctrl-right-click menu) to retrieve other host keys from the same server (which cross-certifies them using the session key established using an already-known key) and add them to the known host-keys database.
• The Unix GUI PuTTY tools can now be built against GTK 3.
• There is now a Unix version of Pageant.

What is new in version 0.67 Beta:

• Security fix: a buffer overrun in the old-style SCP protocol when receiving the header of each file downloaded from the server is fixed. See vuln-pscp-sink-sscanf.
• Windows PuTTY now sets its process ACL more restrictively, in an attempt to defend against malicious other processes reading sensitive data out of its memory.
• Assorted other robustness fixes for crashes and memory leaks.
• We have started using Authenticode to sign our Windows executables and installer.

What is new in version 0.66 Beta:

• Security fix: an escape sequence which used to make PuTTY's terminal code read and potentially write the wrong memory is fixed. See vuln-ech-overflow.
• Bug fix: better Unicode handling in Windows PuTTY keyboard messages, so it should now work better with WinCompose.
• Bug fix: jump lists on Windows 10 should now work.
• There's now a set of command-line options to enable session logging.
• &P in the log file name now substitutes in the port number from the configuration.

What is new in version 0.65 Beta:

• Incoming connections to PuTTY tools (to forwarded ports and to the connection-sharing socket) now log their source address or pid, where facilities exist to do so.
• Cryptography speedup on 64-bit Unix platforms by using gcc and clang's __uint128_t built-in type.
• Bug fix: the configuration dialog is no longer accidentally invisible in some Windows Vista display themes.
• Bug fix: the Windows PuTTY GUI no longer becomes unresponsive if the server sends a continuous flood of data. (Sorry! We fixed that once before, but it came back in 0.64.)
• Bug fix: PSFTP now returns a failure exit status if a command fails in a batch-mode script.
• Bug fix: ESC [ 13 t can no longer elicit an invalid escape sequence as a response.

What is new in version 0.64 Beta:

• Security fix: PuTTY no longer retains the private half of users' keys in memory by mistake after authenticating with them. See private-key-not-wiped-2. (Sorry! We thought we'd fixed that in 0.63, but missed one.)
• Support for SSH connection sharing, so that multiple instances of PuTTY to the same host can share a single SSH connection instead of all having to log in independently.
• Command-line and configuration option to specify the expected host key(s).
• Defaults change: PuTTY now defaults to SSH-2 only, instead of its previous default of SSH-2 preferred.
• Local socket errors in port-forwarded connections are now recorded in the PuTTY Event Log.
• Bug fix: repeat key exchanges in the middle of an SSH session now never cause an annoying interactive host key prompt.
• Bug fix: reset the bolded-text default setting back to what it used to be. (0.63 set it to something wrong, as a side effect of refactoring.)
• Bug fix: IPv6 literals are handled sensibly throughout the suite, if you enclose them in square brackets to prevent the colons being mistaken for a :port suffix.
• Bug fix: IPv6 dynamic port forwardings should work again.

What is new in version 0.63 Beta:

• This release fixes four security holes in 0.62 and before: vuln-modmul, vuln-signature-stringlen, vuln-bignum-division-by-zero, private-key-not-wiped. Other than that, there are mostly bug fixes from 0.62 and a few small features.

What is new in version 0.62:

• Security fix: PuTTY no longer retains passwords in memory by mistake.
• Bug fix: Pageant now talks to both new-style clients (0.61 and above) and old-style (0.60 and below).
• Bug fix: PuTTY no longer prints a spurious "Access denied" message when GSSAPI authentication fails.
• Bug fix: PSCP and PSFTP now honour nonstandard port numbers in SSH saved sessions.
• Bug fix: Pageant no longer leaks a file handle when an authentication fails.
• Bug fix: PuTTYtel no longer crashes when saving a session.
• Bug fix: PuTTY now draws underlines under the underlined text instead of sometimes putting them somewhere off to the right.
• Bug fix: PuTTY now should not draw VT100 line drawing characters at the wrong vertical offset.

What is new in version 0.61:

• PuTTY 0.61 is out, after over four years (sorry!), with new features, bug fixes, and compatibility updates for Windows 7 and various SSH server software.