This manual documents PuTTY, and its companion utilities PSCP, PSFTP, Plink, Note to Unix users: this manual currently primarily documents the Windows. Contents. PuTTY User Manual (puttymanual). What to read next: Reduce Secure Shell risk. Get to know the NIST The NISTIR guideline from. manual documents PuTTY, and its companion utilities PSCP, PSFTP,. Plink, Pageant . command-line interface to the user, much like the 'Command Prompt' or.
|Language:||English, Spanish, French|
|Genre:||Politics & Laws|
|Distribution:||Free* [*Registration needed]|
Putty User Guide. Page 2. Page 1 of 2. Console Window – Putty. Putty is simply an SSH Client and does not have the same functionality as. WinSCP or. PuTTY User Manual - Free download as Word Doc .doc), PDF File .pdf), Text File .txt) or read online for free. The Centrify-enabled PuTTY User's Guide describes how to install and This guide is intended for users who want to use the Centrify-enabled PuTTY client.
You may distribute this documentation under the MIT licence. See appendix C for the licence text in full.
Some of the options that are available in the main configuration box are not shown in the cut-down Change Settings box. When you are in full-screen mode.
Note that this only prevents a casual user from using the scrollbar to view the information. When you select this. PuTTY will expand to fill the whole screen and its borders. It depends what you want the log for. This system menu option provides a convenient way to copy the whole contents of the terminal screen up to the last nonempty line and scrollback to the clipboard in one go.
This might be useful. This can happen. You can log all session output including the terminal control sequences. You can configure the scrollbar not to disappear in full-screen mode if you want to keep it. A VT-series terminal is a complex piece of software and can easily get into a state where all the text printed becomes unreadable.
Enter a log file name. To begin a session log. Now all you need is to find out which of them you want! In order to use this feature. If that needs changing. Now you should be able to log in to the SSH server as normal. To check that X forwarding has been successfully negotiated during. Later on. There are a lot of different character sets available.
This will probably install itself as display number 0 on your local machine. For more options relating to X11 forwarding. It should say something like this: If this is a problem for you. In order to use port forwarding to connect from your local machine to a port on a remote server.
Choose a port number on your local machine where PuTTY should listen for incoming connections. The details of your port forwarding. There are likely to be plenty of unused port numbers above Note that if your PC X server requires authentication to connect.
You can also use a local loopback address here. To do this. This will cause PuTTY to listen on the port you have specified. The source port for a forwarded connection usually does not accept connections from any machine except the SSH client or server machine itself for local and remote forwardings respectively. So in this example.
To check that PuTTY has set up the port forwarding correctly. Now start your session and log in. You can also forward ports in the other direction: Of course. Port forwarding will not be enabled until after you have logged in. There are controls in the Tunnels panel to change this: For this. An alternative way to forward local connections to remote hosts is to use dynamic proxying. You can also specify an IP address to listen on.
On Unix machines. NNTP the protocol used to transfer Usenet news. This feature is available for local-to-remote forwarded ports. This can be useful if the program connecting to the forwarded port doesn't allow you to change the port number it uses.
SMTP the protocol used to transfer e- mail. SSH1 is unable to support it for remote-to-local ports. Typically a Windows machine can be asked to listen on any single IP address in the Note that this feature is only available in the SSH 2 protocol. Really there is no actual protocol at all. You can then enter a host name and a port number.
For telnet sessions. PuTTY prefers to be told for certain. PuTTY will remove its registry entries and random seed file. In order to make a debugging connection to a service of this type. Options which are specific to a particular tool are covered in the chapter about that tool. You need double quotes around the session name if it contains spaces. This form of the option is deprecated. This section lists the available options in all tools.
If these details include a host name. These options are equivalent to the username selection box in the Connection panel of the PuTTY configuration box see section 4.
These options are equivalent to the protocol selection buttons in the Session panel of the PuTTY configuration box see section 4. If you are having trouble when making a connection. For this one you only have to pass the port number: To forward a local port say to a remote destination say popserver. See chapter 8 for details. For general information on port forwarding. Due to fundamental limitations of Telnet and Rlogin.
If you have a Telnet server running on port of a machine instead of port If you possibly can. On most Unix systems. This option is equivalent to the port number control in the Session panel of the PuTTY configuration box see section 4. These options are equivalent to the agent forwarding checkbox in the Auth panel of the PuTTY configuration box see section 4. These options are only meaningful if you are using SSH. Note that there is a security risk involved with enabling this option.
See chapter 9 for general information on Pageant. These options are equivalent to the X11 forwarding checkbox in the Tunnels panel of the PuTTY configuration box see section 4. For information on X11 forwarding. This option is only meaningful if you are using SSH. Chapter 4: Configuring PuTTY For general information on public-key authentication. You might want to use this option if you are only using the SSH connection for port forwarding.
This feature is only available in SSH protocol version 2 since the version 1 protocol assumes you will always want to run a shell. If you select Raw mode. Some options can also be changed in the middle of a session. If you select Telnet. Telnet and rlogin. PuTTY is configured using the control panel that comes up before you start a session. This chapter describes all the configuration options in PuTTY. A saved session contains all the information. The server name is often a good choice for a saved session name.
To reload a saved session: PuTTY needs to start exactly the session you want. Then come back to the Session panel. To save a session: The new settings will be saved over the top of the old ones To save the new settings under a different name. This ensures that when PuTTY is started up.
Come back to the Session panel. To start a saved session immediately: Your saved settings should all appear in the configuration panel. To delete a saved session: Your saved session name should now appear in the list box. Then make the changes you want. To save your default settings: If there is a specific host you want to store the details of how to connect to. To modify a saved session: The various terminal control codes that are typically sent down an interactive session alongside the printable text will be omitted.
If you are likely to want to copy and paste text out of the session after it has terminated. Saved sessions are stored in the Registry. This is the default option. In this mode. If you change your preferences and update Default Settings.
The options are. This controls whether the PuTTY session window disappears as soon as the session inside it terminates. The main option is a radio-button set that specifies whether PuTTY will log anything at all. Each saved session is independent of the Default Settings configuration. This might be a useful mode if you want to read a log file in a text editor and hope to be able to make sense of.
The third setting. In this mode which is only used by SSH connections. If you view the log file in a text editor. The precise replacements it will do are: There are a few special features in this box. PuTTY will insert details of the current session in the name of the file it actually opens. This is a particularly useful mode if you are experiencing problems with PuTTY's terminal handling: You might need this to debug a network-level problem.
You might want to automatically destroy the existing log file and start a new one with the same name.. They are only intended to deter casual nosiness.
This will usually substantially reduce the size of the resulting log file. This does not include X11 authentication data if using X11 forwarding. The following options allow particularly sensitive portions of unencrypted packets to be automatically left out of the log file. The next option may be of use to protect against this. This option is enabled by default. Finally the default option. This option is disabled by default. The server can send a control sequence that restricts the scrolling region of the display.
With auto wrap mode off. With auto wrap mode on. Auto wrap mode can be turned on and off by control sequences sent by the server. If you are running a full-screen application and you occasionally find the screen scrolling up when it looks as if it shouldn't.
With it turned off. It is unlikely you would need to change this option. DEC Origin Mode can be turned on and off by control sequences sent by the server. The LF character makes the cursor move one line down and might make the screen scroll.
First line of text Second line Third line If this happens to you. If you come across a server that does this. Some servers only send LF. First line of text Second line Third line 4. There exist applications that expect both kinds of behaviour. PuTTY can be configured to do either. The CR character makes the cursor return to the left-hand side of the screen.
CR and LF. Others believe the screen should be cleared to whatever the server has selected as a background colour. Background-colour erase can be turned on and off by control sequences sent by the server.
With this option disabled. If you accidentally write the contents of a binary file to your terminal. That feature is the. Blinking text can be turned on and off by control sequences sent by the server. With this option enabled. If you set the answerback string to be empty. PuTTY will instead display the text with a bolded background colour.
When blinking text is disabled and the server attempts to make some text blink. This is very distracting. PuTTY will automatically attempt to deduce whether or not local line editing is appropriate for the session you are working in. In its default mode. PuTTY will automatically attempt to deduce whether or not local echo is appropriate for the session you are working in. If you find it has made the wrong decision. Since it is hard to edit a line locally without being able to see it. PuTTY will let you edit a whole line at a time locally.
Some types of session need local line editing. Although some more advanced MUDs do occasionally turn local line editing on and turn local echo off. If you enable local line editing. If you make a mistake. They are simply sent to the server. This makes it ideal for use in raw mode or when connecting to MUDs or talkers. Some types of session need local echo. This should allow you to select from all the printers you have installed drivers for on your computer.
It is up to you to ensure your remote server knows what type of printer it is talking to. To enable remote-controlled printing.
When the remote server attempts to print some data. This is the default state.
Since PuTTY sends data to the printer raw. To disable remote printing again. PuTTY supports this feature as well. On other systems, the server's expectation might be fixed and you might have no choice but to configure PuTTY.
If you find an application on which the Home and End keys aren't working, you could try switching this option to see if it helps. This option affects the function keys F1 to F12 and the top row of the numeric keypad.
This matches the general behaviour of Digital's terminals. This mimics the Linux virtual console. If you don't know what any of this means, you probably don't need to fiddle with it. Application Cursor Keys mode is a way for the server to change the control sequences sent by the arrow keys. Application Cursor Keys mode can be turned on and off by the server, depending on the application.
PuTTY allows you to configure the initial state. Application Keypad mode is a way for the server to change the behaviour of the numeric keypad. In normal mode, the keypad behaves like a normal Windows keypad: Num Lock stops behaving like Num Lock and becomes another function key. Lock light still flashes on and off every time you press Num Lock, even when application mode is active and Num Lock is acting like a function key.
This is unavoidable. Application keypad mode can be turned on and off by the server, depending on the application. In this mode, the numeric keypad keys generate the NetHack movement commands hjklyubn. Better still, pressing Shift with the keypad keys generates the capital forms of the commands HJKLYUBN , which tells NetHack to keep moving you in the same direction until you encounter something interesting. For some reason, this feature only works properly when Num Lock is on.
We don't know why. DEC terminals have a Compose key, which provides an easy-to- remember way of typing accented characters. You press Compose and then type two more characters. Some old keyboards do not have an AltGr key, which can make it difficult to type some characters. PuTTY can be configured to treat. PuTTY's usual handling of the left Alt key is to prefix the Escape Control-[ character to whatever character sequence the rest of the keypress would generate.
If you uncheck this box. By default. To change what this sound is. In the default configuration. Ctrl-Alt will never act as a Compose key. So Alt- Ctrl-A would generate Escape. Ctrl-Alt will become a synonym for AltGr. This is not always what you want the terminal bell feature to do.
PuTTY includes a bell overload management feature. If you select this option. This produces a huge stream of non-text characters sent to the terminal. To try to avoid this behaviour. The change of colour will persist until you select the window. As a result of this the terminal often doesn't stop beeping for ten minutes.
Once the overload feature is active. This allows you to distinguish your PuTTY beeps from any other beeps on the system. After a period of five seconds during which no further bells are received. The Features configuration panel allows you to disable some of PuTTY's more advanced terminal features.
Some of these features can cause problems due to buggy or strangely configured server applications. Bell overload mode is always deactivated by any keypress in the terminal.
If you want this feature completely disabled. This means it can respond to large unexpected streams of data. Some applications enable these modes but then do not deal correctly with the modified keys. You can force these modes to be permanently disabled no matter what the server tries to do.
If you find PuTTY is doing this unexpectedly or inconveniently. Then at the end of the run. If you want your editor to run in the same screen as the rest of your terminal activity.
If a malicious application can write data to your terminal for example. If you find this feature inconvenient. With this box ticked. Some people prefer this not to happen. This is the same size as the ordinary terminal screen. Typically a screen-based program such as a text editor might switch the terminal to the alternate screen before starting up. Note that even if the application takes over the mouse. This feature is disabled by default. Of course you can also drag the window to a new size while a session is running.
Therefore this feature is disabled by default. In particular. If you find that accented characters are not showing up the way you expect them to. This allows an attacker to fake keypresses and potentially cause your server-side applications to do things you didn't want. This can apparently cause problems in some applications.
Some programs send these commands unexpectedly or inconveniently. BitchX an IRC client seems to have a habit of reconfiguring the character set to something other than the user intended.
If the application switches to the alternate screen see section 4. This is the default. If you are viewing part of the scrollback when the server sends more text to PuTTY. You can also make the screen revert when you press a key. You can separately configure whether the scrollbar is shown in full-screen mode and in normal modes. There are four options here: VTstyle terminal handling can only deal with fixed- width fonts.
As soon as you move the mouse. This works in any of the cursor modes. A block cursor becomes an empty box when the window loses focus. Try it and see if you like it. This makes the border a little bit thicker as well. This way. You will be offered a choice from all the fixed-width fonts installed on the system. It's hard to describe well.
If the server has not bothered to supply a window or icon title. PuTTY will put up a warning window asking if you really meant to close the window. You can also configure a completely blank gap between the text in the window and the border.
A window whose session has already terminated can always be closed without a warning. If you want to be able to close a window quickly.
This makes sense in a windowing system where the window becomes an icon when minimised. You can reduce it to zero.
If for some reason you want to see both titles. If you do this. If you want a different window title. By default this is set at one pixel. Dragon NaturallySpeaking requires it both to open the system menu via voice. Some accessibility programs for Windows may need this option enabling to be able to control PuTTY's window successfully. If it is disabled. For instance. See section 3. The full-screen feature is also available from the System menu.
Pressing Alt-Enter again will restore the previous window size. In particular Win is almost equivalent to ISO- PuTTY receives a stream of 8-bit bytes from the server. PuTTY will use it. The Winx series are defined by Microsoft. Not all server-side applications will support it. By default PuTTY will attempt to choose a character set that is right for your locale as reported by Windows.
The ISO series are all standard character sets that include various accented characters appropriate for different sets of languages. There are a lot of character sets to choose from. If you need support for a numeric code page which is not listed in the drop-down list. A few notable character sets are: PuTTY also supports Unicode mode. If the underlying version of Windows has the appropriate translation table installed. PuTTY will paste them in the form they appear on the screen: Currently this feature is not expected to work properly if your native keyboard layout is not US or UK.
In general you should probably try lots of options until you find one that your particular font supports. You should use this option if none of the other options works. This doesn't always work. This is unlikely to be the case with any standard Windows font. For good Unicode- supporting fonts this is probably the most reliable and functional option. PuTTY will write formatting information to the clipboard as well as the actual text you copy. Windows often only has two mouse buttons.
Currently the only effect of this will be that if you paste into say a word processor. In future it is likely that other formatting information bold. The X Window System uses a three-button mouse. This option can easily be inconvenient. This might be useful if you were trying to recreate the same box layout in another program.
Line-drawing characters that were received as Unicode code points will paste as Unicode always. If you do need to copy and paste. If you want to prevent the application from taking over the mouse at all.
We don't know of any applications that do this. This context menu is always available by holding down Ctrl and right-clicking. PuTTY has two modes of selecting text to be copied to the clipboard. When running one of these applications. This panel allows you to control precisely what is considered to be a word.
Class 1 contains most punctuation. So by modifying the assignment of characters to classes.
Character class definitions can be modified by control sequences sent by the server. PuTTY considers a single word to be any number of adjacent characters in the same class.
Then enter a class number in the edit box below. In order to adjust these assignments. Class 2 contains letters. Class 0 contains white space and control characters. It can either change the font for a bold version. If you are not getting the colours you ask for on an 8-bit display. If you uncheck the box. To modify one of the PuTTY colours. PuTTY can handle this two ways. Note that non-bold and bold text will be the same colour if this option is enabled. The RGB values for that colour will appear on the right-hand side of the list box.
You might want to change to indicating bold text by font changes see section 4. This control lets you choose which. By default the box is checked. Telnet and Rlogin protocols allow a text string to be sent down the connection describing the terminal. PuTTY allows you to set the cursor colour. If you're not sure whether a problem is due to the terminal type setting or not. If you find this is not doing what you want. You can also modify the precise shades used for the bold versions of these colours.
In order to send the right control sequences to each one.
To add an environment variable to the list transmitted down the connection. Some network routers and firewalls need to keep track of all. Many Telnet servers have stopped supporting this feature due to security flaws. Only the first is used in the Rlogin protocol. Newer SSH2 servers are more likely to support it than older ones.
To remove one from the list. In this box you can type that user name. The format is a pair of numbers separated by a comma. This option has no effect on Raw connections. Telnet and Rlogin protocols allow you to specify what user name you want to log in as. The value is usually meaningless in a network environment. This configuration data is not used in the SSHv1.
Some Telnet servers don't support this. Version 2 of the SSH protocol also provides a similar mechanism. This can cause PuTTY sessions to be unexpectedly closed by the firewall if no traffic is seen in the session for some time. Keepalives are only supported in Telnet and SSH. They help if you have a firewall which drops your connection after an idle period. Keepalives can make this sort of problem worse. For an alternative. Note that keepalives are not always helpful. Then when connectivity is restored.
Note that if you are using SSH1 and the server has a bug that makes it unable to deal with SSH1 ignore messages see section 4. The value is measured in seconds. If you find your firewall is cutting idle connections off.
If a session is idle. TCP keepalives may be more useful for ensuring that half-open connections are terminated than for keeping a connection alive. The idea of TCP keepalives is similar to application-level keepalives.
PuTTY's bandwidth usage will be slightly more efficient. If in doubt. TCP keepalives are provided for completeness. The main differences are: The interval between TCP keepalives is usually much longer.
TCP keepalives are disabled by default. If the operating system does not receive a response to a keepalive. With Nagle's algorithm enabled.
The Nagle algorithm is disabled by default. The settings in this panel affect the primary network connection forming your PuTTY session. It is very unlikely that this behaviour would ever cause problems. For example: PuTTY will do something it considers appropriate for each type of proxy. Telnet and HTTP proxies will have host names passed straight to them.
PuTTY will always pass host names straight to the proxy without trying to look them up first. SOCKS proxies will not. If the name is passed on to the proxy without PuTTY looking it up. Note that if you are doing DNS at the proxy. Note that if you save your session.
Note that if you are doing DNS at the proxy see section 4. You can specify a way to include a username and password in the Telnet proxy command see section 4. Authentication is not fully supported for all forms of proxy: With HTTP proxying. In this string. If the Telnet proxy server prompts for a username and password before commands can be sent. If your proxy needs a different command. BSD telnet implementations were already supporting the feature.
PuTTY starts to send negotiations as soon as the connection is opened. PuTTY can use two different strategies for negotiation: At the time the standard RFC was written. This feature should only be needed if you have trouble passing environment variables to quite an old server.
The obvious disadvantage of passive mode is that if the server is also operating in a passive mode. This switch allows you to choose which one PuTTY claims to be. The Telnet panel allows you to configure options that only apply to Telnet sessions. Most Telnet servers now support this. PuTTY will wait to negotiate until it sees a negotiation from the server.
BSD implementations did not change. Sadly there was a typing error in the standard when it was issued. For this reason PuTTY defaults to active mode. The problem was solved by issuing a second standard. If you are seeing surprising behaviour when you press Return in a Telnet session. Control-Z will send the Telnet special Suspend Process code. You probably shouldn't enable this unless you know what you're doing.
If you have confusing trouble with a firewall. Control-C will send the Telnet special Interrupt Process code. If you want to do this. In PuTTY. This only works because Unix systems contain a safeguard to stop a user from pretending to be another user in an Rlogin connection. Rlogin connections have to come from port numbers below Windows does not have this restriction: If you tick this box. PuTTY will attempt to use protocol 1 if the server you connect to does not offer protocol 2.
PuTTY will not attempt to run a shell or command after connecting to the remote server. You can do this by dragging the algorithms up and down in the list box or moving them using the Up and Down buttons to specify a preference order.
If you use this feature in Plink. This can help make the most of a low-bandwidth connection. As a result you may get two warnings similar to the one above. The first cipher supported by the server is single-DES. PuTTY currently supports the following algorithms: PuTTY supplies a preference order intended to reflect a reasonable preference in terms of security and speed. Do you want to continue with this connection?
This warns you that the first available encryption is not a very secure one. PuTTY will search down the list from the top until it finds an algorithm supported by the server. AES Rijndael. In SSH You will be presented with a challenge string which will be different every time and must supply the correct response in order to log in.
PuTTY will attempt these forms of authentication if the server is willing to try them. With this switch enabled. If you are not running Pageant. OpenSSH does not accept a change of username. PuTTY leaves this option enabled by default. If your server supports this. It is a flexible authentication method using an arbitrary sequence of requests and responses.
This is a simple password-style protocol: PuTTY try to find a sensible default in the environment. X11 forwarding allows you to securely give those applications access to a local X display on your PC.
If your X display is somewhere unusual. This data is invented. See chapter 8 for information about public key authentication in SSH. To enable X11 forwarding. If you know your server can cope with it. For this reason. Depending on the version of OpenSSH. PuTTY will by default not prompt you for your username more than once. The cookie data is sent over an unencrypted.
If you change it. In SSH v1. X11 connection. The port forwarding section in the Tunnels panel shows a list of all. This authentication mechanism will only work in SSH v2. This is a cryptographically authenticated protocol: You may find this feature causes problems with some SSH servers. For local forwardings.
By default no port forwardings are set up. For remote forwardings. Your forwarding details should appear in the list box. Connections received on the source port will be directed to this destination.
Note that most servers will not allow you to listen on port numbers less than To add a port forwarding: To remove a port forwarding. PuTTY will assume the server does not have the bug. Since most servers announce their software version number at the beginning of the SSH connection.
PuTTY will use the server's version number announcement to try to guess whether or not the server has the bug. Various existing servers have bugs in them. Each bug can be configured in three states: Either side is required to ignore the message whenever it receives it. PuTTY will attempt to detect which bugs it can expect to see in the server and automatically enable workarounds.
If this bug is enabled when talking to a correct server. This is technically a violation of the SSH1 specification. This is an SSH1-specific bug. If this bug is detected. This means that keepalives will stop working.
If Pageant is running and contains any SSH1 keys. PuTTY will go straight to password authentication. PuTTY will stop using ignore messages. In this sense. SSH2 is secure against this type of attack. PuTTY will have no choice but to send the user's password with no form of camouflage. PuTTY will compute its encryption keys in the same way as the buggy server. A typical symptom of this problem is that PuTTY dies unexpectedly at the beginning of the session.
This is an SSH2-specific bug. Versions 2. If your SSH2 sessions spontaneously close. This problem can cause various error messages.
SSH2 public-key authentication will fail. If public- key authentication mysteriously does not work but the Event Log see section 3. BAT' which imports the contents of a file into the Registry. RND' random seed file.