b18bcea3 |
1 | \versionid $Id: faq.but,v 1.39 2002/11/22 00:07:31 ben Exp $ |
8f1529bc |
2 | |
ee46ef84 |
3 | \A{faq} PuTTY FAQ |
4 | |
5 | This FAQ is published on the PuTTY web site, and also provided as an |
6 | appendix in the manual. |
7 | |
8 | \H{faq-support} Features supported in PuTTY |
9 | |
10 | In general, if you want to know if PuTTY supports a particular |
11 | feature, you should look for it on the |
12 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/}{PuTTY web site}. |
13 | In particular: |
14 | |
15 | \b try the |
16 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html}{changes |
17 | page}, and see if you can find the feature on there. If a feature is |
18 | listed there, it's been implemented. If it's listed as a change made |
19 | \e{since} the latest version, it should be available in the |
20 | development snapshots, in which case testing will be very welcome. |
21 | |
22 | \b try the |
23 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist.html}{Wishlist |
24 | page}, and see if you can find the feature there. If it's on there, |
25 | it probably \e{hasn't} been implemented. |
26 | |
a1d2976b |
27 | \S{faq-ssh2}{Question} Does PuTTY support SSH v2? |
ee46ef84 |
28 | |
29 | Yes. SSH v2 support has been available in PuTTY since version 0.50. |
30 | However, currently the \e{default} SSH protocol is v1; to select SSH |
31 | v2 if your server supports both, go to the SSH panel and change the |
04d41bf8 |
32 | \e{Preferred SSH protocol version} option. (The factory default will |
33 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ssh2-default.html}{change to v2} |
34 | in the next full release.) |
ee46ef84 |
35 | |
32c37ecd |
36 | Public key authentication (both RSA and DSA) in SSH v2 is new in |
37 | version 0.52. |
ee46ef84 |
38 | |
a1d2976b |
39 | \S{faq-ssh2-keyfmt}{Question} Does PuTTY support reading OpenSSH or |
ee46ef84 |
40 | \cw{ssh.com} SSHv2 private key files? |
41 | |
a58b605b |
42 | PuTTY doesn't support this natively, but as of 0.53 |
43 | PuTTYgen can convert both OpenSSH and \cw{ssh.com} private key |
44 | files into PuTTY's format. |
ee46ef84 |
45 | |
a1d2976b |
46 | \S{faq-ssh1}{Question} Does PuTTY support SSH v1? |
ee46ef84 |
47 | |
48 | Yes. SSH 1 support has always been available in PuTTY. |
49 | |
a1d2976b |
50 | \S{faq-localecho}{Question} Does PuTTY support local echo? |
ee46ef84 |
51 | |
32c37ecd |
52 | Yes. Version 0.52 has proper support for local echo. |
ee46ef84 |
53 | |
32c37ecd |
54 | In version 0.51 and before, local echo could not be separated from |
ee46ef84 |
55 | local line editing (where you type a line of text locally, and it is |
56 | not sent to the server until you press Return, so you have the |
57 | chance to edit it and correct mistakes \e{before} the server sees |
32c37ecd |
58 | it). New in version 0.52, local echo and local line editing are |
59 | separate options, and by default PuTTY will try to determine |
60 | automatically whether to enable them or not, based on which protocol |
61 | you have selected and also based on hints from the server. If you |
62 | have a problem with PuTTY's default choice, you can force each |
63 | option to be enabled or disabled as you choose. The controls are in |
64 | the Terminal panel, in the section marked \q{Line discipline |
65 | options}. |
ee46ef84 |
66 | |
a1d2976b |
67 | \S{faq-disksettings}{Question} Does PuTTY support storing its |
70706890 |
68 | settings in a disk file? |
ee46ef84 |
69 | |
70 | Not at present, although \k{config-file} in the documentation gives |
71 | a method of achieving the same effect. |
72 | |
a1d2976b |
73 | \S{faq-fullscreen}{Question} Does PuTTY support full-screen mode, |
70706890 |
74 | like a DOS box? |
ee46ef84 |
75 | |
32c37ecd |
76 | Yes; this is a new feature in version 0.52. |
ee46ef84 |
77 | |
babac7bd |
78 | \S{faq-password-remember}{Question} Does PuTTY have the ability to |
79 | remember my password so I don't have to type it every time? |
ee46ef84 |
80 | |
81 | No, it doesn't. |
82 | |
83 | Remembering your password is a bad plan for obvious security |
84 | reasons: anyone who gains access to your machine while you're away |
85 | from your desk can find out the remembered password, and use it, |
86 | abuse it or change it. |
87 | |
88 | In addition, it's not even \e{possible} for PuTTY to automatically |
89 | send your password in a Telnet session, because Telnet doesn't give |
90 | the client software any indication of which part of the login |
91 | process is the password prompt. PuTTY would have to guess, by |
92 | looking for words like \q{password} in the session data; and if your |
93 | login program is written in something other than English, this won't |
94 | work. |
95 | |
96 | In SSH, remembering your password would be possible in theory, but |
97 | there doesn't seem to be much point since SSH supports public key |
98 | authentication, which is more flexible and more secure. See |
99 | \k{pubkey} in the documentation for a full discussion of public key |
100 | authentication. |
101 | |
a1d2976b |
102 | \S{faq-hostkeys}{Question} Is there an option to turn off the |
70706890 |
103 | annoying host key prompts? |
cad566a9 |
104 | |
105 | No, there isn't. And there won't be. Even if you write it yourself |
106 | and send us the patch, we won't accept it. |
107 | |
108 | Those annoying host key prompts are the \e{whole point} of SSH. |
109 | Without them, all the cryptographic technology SSH uses to secure |
110 | your session is doing nothing more than making an attacker's job |
111 | slightly harder; instead of sitting between you and the server with |
112 | a packet sniffer, the attacker must actually subvert a router and |
113 | start modifying the packets going back and forth. But that's not all |
114 | that much harder than just sniffing; and without host key checking, |
115 | it will go completely undetected by client or server. |
116 | |
117 | Host key checking is your guarantee that the encryption you put on |
118 | your data at the client end is the \e{same} encryption taken off the |
119 | data at the server end; it's your guarantee that it hasn't been |
120 | removed and replaced somewhere on the way. Host key checking makes |
121 | the attacker's job \e{astronomically} hard, compared to packet |
122 | sniffing, and even compared to subverting a router. Instead of |
123 | applying a little intelligence and keeping an eye on Bugtraq, the |
124 | attacker must now perform a brute-force attack against at least one |
125 | military-strength cipher. That insignificant host key prompt really |
126 | does make \e{that} much difference. |
127 | |
128 | If you're having a specific problem with host key checking - perhaps |
129 | you want an automated batch job to make use of PSCP or Plink, and |
130 | the interactive host key prompt is hanging the batch process - then |
131 | the right way to fix it is to add the correct host key to the |
132 | Registry in advance. That way, you retain the \e{important} feature |
133 | of host key checking: the right key will be accepted and the wrong |
134 | ones will not. Adding an option to turn host key checking off |
135 | completely is the wrong solution and we will not do it. |
136 | |
a1d2976b |
137 | \S{faq-server}{Question} Will you write an SSH server for the PuTTY |
70706890 |
138 | suite, to go with the client? |
ae915483 |
139 | |
140 | No. The only reason we might want to would be if we could easily |
141 | re-use existing code and significantly cut down the effort. We don't |
142 | believe this is the case; there just isn't enough common ground |
143 | between an SSH client and server to make it worthwhile. |
144 | |
145 | If someone else wants to use bits of PuTTY in the process of writing |
146 | a Windows SSH server, they'd be perfectly welcome to of course, but |
147 | I really can't see it being a lot less effort for us to do that than |
148 | it would be for us to write a server from the ground up. We don't |
149 | have time, and we don't have motivation. The code is available if |
150 | anyone else wants to try it. |
151 | |
67325335 |
152 | \S{faq-pscp-ascii}{Question} Can PSCP or PSFTP transfer files in |
153 | ASCII mode? |
154 | |
155 | Unfortunately not. This is a limitation of the file transfer |
156 | protocols: the SCP and SFTP protocols have no notion of transferring |
157 | a file in anything other than binary mode. |
158 | |
159 | SFTP is designed to be extensible, so it's possible that an |
160 | extension might be proposed at some later date that implements ASCII |
161 | transfer. But the PuTTY team can't do anything about it until that |
162 | happens. |
163 | |
ee46ef84 |
164 | \H{faq-ports} Ports to other operating systems |
165 | |
166 | The eventual goal is for PuTTY to be a multi-platform program, able |
b18bcea3 |
167 | to run on at least Windows, Mac OS and Unix. |
ee46ef84 |
168 | |
169 | Porting will become easier once PuTTY has a generalised porting |
170 | layer, drawing a clear line between platform-dependent and |
59adac11 |
171 | platform-independent code. The general intention was for this |
172 | porting layer to evolve naturally as part of the process of doing |
173 | the first port; a Unix port is now under way and the plan seems to |
174 | be working so far. |
ee46ef84 |
175 | |
aff5267a |
176 | \S{faq-ports-general}{Question} What ports of PuTTY exist? |
177 | |
59adac11 |
178 | Currently, release versions of PuTTY only run on full Win32 systems. |
179 | This includes Windows 95, 98, and ME, and it includes Windows NT, |
b18bcea3 |
180 | Windows 2000 and Windows XP. In the development code, partial ports |
181 | to Unix (see \k{faq-unix}) and the Mac OS (see \k{faq-mac-port}). |
182 | are under way. |
aff5267a |
183 | |
59adac11 |
184 | Currently PuTTY does \e{not} run on Windows CE (see \k{faq-wince}), |
185 | and it does not quite run on the Win32s environment under Windows |
186 | 3.1 (see \k{faq-win31}). |
aff5267a |
187 | |
59adac11 |
188 | We do not have release-quality ports for any other systems at the |
189 | present time. If anyone told you we had a Mac port, or an iPaq port, |
190 | or any other port of PuTTY, they were mistaken. We don't. |
191 | |
192 | \S{faq-unix}{Question} Will there be a port to Unix? |
193 | |
194 | It's currently being worked on. If you look at the nightly source |
195 | snapshots, you should find a \c{unix} subdirectory, which should |
196 | build you a Unix port of Plink, and also \c{pterm} - an |
197 | \cw{xterm}-type program which supports the same terminal emulation |
198 | as PuTTY. |
199 | |
200 | It isn't yet clear whether we will bother combining the terminal |
201 | emulator and network back end into the same process, to provide a |
202 | Unix port of the full GUI form of PuTTY. It wouldn't be as useful a |
203 | thing on Unix as it would be on Windows; its major value would |
204 | probably be as a pathfinding effort for other ports. If anyone |
205 | really wants it, we'd be interested to know why :-) |
aff5267a |
206 | |
70cd2027 |
207 | \S{faq-wince}{Question} Will there be a port to Windows CE or PocketPC? |
ee46ef84 |
208 | |
209 | Probably not in the particularly near future. Despite sharing large |
210 | parts of the Windows API, in practice WinCE doesn't appear to be |
211 | significantly easier to port to than a totally different operating |
212 | system. |
213 | |
214 | However, PuTTY on portable devices would clearly be a useful thing, |
215 | so in the long term I hope there will be a WinCE port. |
216 | |
f82f00d0 |
217 | \S{faq-win31}{Question} Is there a port to Windows 3.1? |
218 | |
219 | PuTTY is a 32-bit application from the ground up, so it won't run on |
220 | Windows 3.1 as a native 16-bit program; and it would be \e{very} |
221 | hard to port it to do so, because of Windows 3.1's vile memory |
222 | allocation mechanisms. |
223 | |
224 | However, it is possible in theory to compile the existing PuTTY |
225 | source in such a way that it will run under Win32s (an extension to |
226 | Windows 3.1 to let you run 32-bit programs). In order to do this |
227 | you'll need the right kind of C compiler - modern versions of Visual |
228 | C at least have stopped being backwards compatible to Win32s. Also, |
229 | the last time we tried this it didn't work very well. |
230 | |
231 | If you're interested in running PuTTY under Windows 3.1, help and |
232 | testing in this area would be very welcome! |
233 | |
babac7bd |
234 | \S{faq-mac-port}{Question} Will there be a port to the Mac? |
ee46ef84 |
235 | |
b18bcea3 |
236 | Eventually. The terminal emulation code has been ported, as has the |
237 | saved-settings infrastructure, but networking and a configuration GUI |
238 | still need to be done before the port will be of any use. |
ee46ef84 |
239 | |
a1d2976b |
240 | \S{faq-epoc}{Question} Will there be a port to EPOC? |
ee46ef84 |
241 | |
242 | I hope so, but given that ports aren't really progressing very fast |
243 | even on systems the developers \e{do} already know how to program |
244 | for, it might be a long time before any of us get round to learning |
245 | a new system and doing the port for that. |
246 | |
247 | \H{faq-embedding} Embedding PuTTY in other programs |
248 | |
a1d2976b |
249 | \S{faq-dll}{Question} Is the SSH or Telnet code available as a DLL? |
ee46ef84 |
250 | |
251 | No, it isn't. It would take a reasonable amount of rewriting for |
252 | this to be possible, and since the PuTTY project itself doesn't |
253 | believe in DLLs (they make installation more error-prone) none of us |
254 | has taken the time to do it. |
255 | |
256 | Most of the code cleanup work would be a good thing to happen in |
257 | general, so if anyone feels like helping, we wouldn't say no. |
258 | |
a1d2976b |
259 | \S{faq-vb}{Question} Is the SSH or Telnet code available as a Visual |
70706890 |
260 | Basic component? |
ee46ef84 |
261 | |
262 | No, it isn't. None of the PuTTY team uses Visual Basic, and none of |
263 | us has any particular need to make SSH connections from a Visual |
264 | Basic application. In addition, all the preliminary work to turn it |
265 | into a DLL would be necessary first; and furthermore, we don't even |
266 | know how to write VB components. |
267 | |
268 | If someone offers to do some of this work for us, we might consider |
269 | it, but unless that happens I can't see VB integration being |
270 | anywhere other than the very bottom of our priority list. |
271 | |
a1d2976b |
272 | \S{faq-ipc}{Question} How can I use PuTTY to make an SSH connection |
70706890 |
273 | from within another program? |
ee46ef84 |
274 | |
275 | Probably your best bet is to use Plink, the command-line connection |
276 | tool. If you can start Plink as a second Windows process, and |
277 | arrange for your primary process to be able to send data to the |
278 | Plink process, and receive data from it, through pipes, then you |
279 | should be able to make SSH connections from your program. |
280 | |
281 | This is what CVS for Windows does, for example. |
282 | |
283 | \H{faq-details} Details of PuTTY's operation |
284 | |
a1d2976b |
285 | \S{faq-term}{Question} What terminal type does PuTTY use? |
ee46ef84 |
286 | |
287 | For most purposes, PuTTY can be considered to be an \cw{xterm} |
32c37ecd |
288 | terminal. |
ee46ef84 |
289 | |
290 | PuTTY also supports some terminal control sequences not supported by |
291 | the real \cw{xterm}: notably the Linux console sequences that |
292 | reconfigure the colour palette, and the title bar control sequences |
293 | used by \cw{DECterm} (which are different from the \cw{xterm} ones; |
294 | PuTTY supports both). |
295 | |
296 | By default, PuTTY announces its terminal type to the server as |
297 | \c{xterm}. If you have a problem with this, you can reconfigure it |
298 | to say something else; \c{vt220} might help if you have trouble. |
299 | |
a1d2976b |
300 | \S{faq-settings}{Question} Where does PuTTY store its data? |
ee46ef84 |
301 | |
302 | PuTTY stores most of its data (saved sessions, SSH host keys) in the |
303 | Registry. The precise location is |
304 | |
305 | \c HKEY_CURRENT_USER\Software\SimonTatham\PuTTY |
306 | |
307 | and within that area, saved sessions are stored under \c{Sessions} |
308 | while host keys are stored under \c{SshHostKeys}. |
309 | |
310 | PuTTY also requires a random number seed file, to improve the |
311 | unpredictability of randomly chosen data needed as part of the SSH |
312 | cryptography. This is stored by default in your Windows home |
313 | directory (\c{%HOMEDRIVE%\\%HOMEPATH%}), or in the actual Windows |
314 | directory (such as \c{C:\\WINDOWS}) if the home directory doesn't |
315 | exist, for example if you're using Win95. If you want to change the |
316 | location of the random number seed file, you can put your chosen |
317 | pathname in the Registry, at |
318 | |
319 | \c HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\RandSeedFile |
320 | |
321 | \H{faq-howto} HOWTO questions |
322 | |
a1d2976b |
323 | \S{faq-startmax}{Question} How can I make PuTTY start up maximised? |
ee46ef84 |
324 | |
325 | Create a Windows shortcut to start PuTTY from, and set it as \q{Run |
326 | Maximized}. |
327 | |
a1d2976b |
328 | \S{faq-startsess}{Question} How can I create a Windows shortcut to |
70706890 |
329 | start a particular saved session directly? |
ee46ef84 |
330 | |
331 | To run a PuTTY session saved under the name \q{\cw{mysession}}, |
332 | create a Windows shortcut that invokes PuTTY with a command line |
333 | like |
334 | |
a58b605b |
335 | \c \path\name\to\putty.exe -load mysession |
336 | |
337 | (Note: prior to 0.53, the syntax was \c{@session}. This is now |
338 | deprecated and may be removed at some point.) |
ee46ef84 |
339 | |
a1d2976b |
340 | \S{faq-startssh}{Question} How can I start an SSH session straight |
70706890 |
341 | from the command line? |
ee46ef84 |
342 | |
343 | Use the command line \c{putty -ssh host.name}. Alternatively, create |
344 | a saved session that specifies the SSH protocol, and start the saved |
345 | session as shown in \k{faq-startsess}. |
346 | |
a1d2976b |
347 | \S{faq-cutpaste}{Question} How do I copy and paste between PuTTY and |
70706890 |
348 | other Windows applications? |
ee46ef84 |
349 | |
350 | Copy and paste works similarly to the X Window System. You use the |
351 | left mouse button to select text in the PuTTY window. The act of |
352 | selection \e{automatically} copies the text to the clipboard: there |
353 | is no need to press Ctrl-Ins or Ctrl-C or anything else. In fact, |
354 | pressing Ctrl-C will send a Ctrl-C character to the other end of |
355 | your connection (just like it does the rest of the time), which may |
356 | have unpleasant effects. The \e{only} thing you need to do, to copy |
357 | text to the clipboard, is to select it. |
358 | |
359 | To paste the clipboard contents into a PuTTY window, by default you |
360 | click the right mouse button. If you have a three-button mouse and |
361 | are used to X applications, you can configure pasting to be done by |
362 | the middle button instead, but this is not the default because most |
363 | Windows users don't have a middle button at all. |
364 | |
365 | You can also paste by pressing Shift-Ins. |
366 | |
a1d2976b |
367 | \S{faq-tunnels}{Question} How do I use X forwarding and port |
70706890 |
368 | forwarding? I can't find the Tunnels panel. |
f2003e32 |
369 | |
32c37ecd |
370 | This is a new feature in version 0.52. You should upgrade. |
f2003e32 |
371 | |
a1d2976b |
372 | \S{faq-options}{Question} How do I use all PuTTY's features (public |
a58b605b |
373 | keys, proxying, cipher selection, etc.) in PSCP, PSFTP and Plink? |
374 | |
375 | Most major features (e.g., public keys, port forwarding) are available |
376 | through command line options. See the documentation. |
72be5b5e |
377 | |
a58b605b |
378 | Not all features are accessible from the command line yet, although |
379 | we'd like to fix this. In the meantime, you can use most of |
72be5b5e |
380 | PuTTY's features if you create a PuTTY saved session, and then use |
381 | the name of the saved session on the command line in place of a |
382 | hostname. This works for PSCP, PSFTP and Plink (but don't expect |
383 | port forwarding in the file transfer applications!). |
f2003e32 |
384 | |
a1d2976b |
385 | \S{faq-pscp}{Question} How do I use PSCP.EXE? When I double-click it |
70706890 |
386 | gives me a command prompt window which then closes instantly. |
ee46ef84 |
387 | |
388 | PSCP is a command-line application, not a GUI application. If you |
389 | run it without arguments, it will simply print a help message and |
390 | terminate. |
391 | |
392 | To use PSCP properly, run it from a Command Prompt window. See |
393 | \k{pscp} in the documentation for more details. |
394 | |
a1d2976b |
395 | \S{faq-pscp-spaces}{Question} How do I use PSCP to copy a file whose |
70706890 |
396 | name has spaces in? |
ee46ef84 |
397 | |
398 | If PSCP is using the traditional SCP protocol, this is confusing. If |
399 | you're specifying a file at the local end, you just use one set of |
400 | quotes as you would normally do: |
401 | |
402 | \c pscp "local filename with spaces" user@host: |
403 | \c pscp user@host:myfile "local filename with spaces" |
404 | |
405 | But if the filename you're specifying is on the \e{remote} side, you |
406 | have to use backslashes and two sets of quotes: |
407 | |
408 | \c pscp user@host:"\"remote filename with spaces\"" local_filename |
409 | \c pscp local_filename user@host:"\"remote filename with spaces\"" |
410 | |
411 | Worse still, in a remote-to-local copy you have to specify the local |
412 | file name explicitly, otherwise PSCP will complain that they don't |
413 | match (unless you specified the \c{-unsafe} option). The following |
414 | command will give an error message: |
415 | |
416 | \c c:\>pscp user@host:"\"oo er\"" . |
e9cee352 |
417 | \c warning: remote host tried to write to a file called 'oo er' |
418 | \c when we requested a file called '"oo er"'. |
ee46ef84 |
419 | |
e9cee352 |
420 | Instead, you need to specify the local file name in full: |
421 | |
422 | \c c:\>pscp user@host:"\"oo er\"" "oo er" |
423 | |
ee46ef84 |
424 | If PSCP is using the newer SFTP protocol, none of this is a problem, |
425 | and all filenames with spaces in are specified using a single pair |
426 | of quotes in the obvious way: |
427 | |
428 | \c pscp "local file" user@host: |
429 | \c pscp user@host:"remote file" . |
430 | |
431 | \H{faq-trouble} Troubleshooting |
432 | |
babac7bd |
433 | \S{faq-incorrect-mac}{Question} Why do I see \q{Incorrect MAC |
434 | received on packet}? |
ee46ef84 |
435 | |
436 | This is due to a bug in old SSH 2 servers distributed by |
437 | \cw{ssh.com}. Version 2.3.0 and below of their SSH 2 server |
438 | constructs Message Authentication Codes in the wrong way, and |
439 | expects the client to construct them in the same wrong way. PuTTY |
440 | constructs the MACs correctly by default, and hence these old |
441 | servers will fail to work with it. |
442 | |
32c37ecd |
443 | If you are using PuTTY version 0.52 or better, this should work |
444 | automatically: PuTTY should detect the buggy servers from their |
445 | version number announcement, and automatically start to construct |
446 | its MACs in the same incorrect manner as they do, so it will be able |
447 | to work with them. |
ee46ef84 |
448 | |
32c37ecd |
449 | If you are using PuTTY version 0.51 or below, you can enable the |
450 | workaround by going to the SSH panel and ticking the box labelled |
451 | \q{Imitate SSH 2 MAC bug}. It's possible that you might have to do |
452 | this with 0.52 as well, if a buggy server exists that PuTTY doesn't |
453 | know about. |
ee46ef84 |
454 | |
b7e2c163 |
455 | In this context MAC stands for Message Authentication Code. It's a |
456 | cryptographic term, and it has nothing at all to do with Ethernet |
457 | MAC (Media Access Control) addresses. |
458 | |
67325335 |
459 | \S{faq-pscp-protocol}{Question} Why do I see \q{Fatal: Protocol |
460 | error: Expected control record} in PSCP? |
461 | |
462 | This happens because PSCP was expecting to see data from the server |
463 | that was part of the PSCP protocol exchange, and instead it saw data |
464 | that it couldn't make any sense of at all. |
465 | |
466 | This almost always happens because the startup scripts in your |
467 | account on the server machine are generating output. This is |
468 | impossible for PSCP, or any other SCP client, to work around. You |
469 | should never use startup files (\c{.bashrc}, \c{.cshrc} and so on) |
470 | which generate output in non-interactive sessions. |
471 | |
472 | This is not actually a PuTTY problem. If PSCP fails in this way, |
473 | then all other SCP clients are likely to fail in exactly the same |
474 | way. The problem is at the server end. |
475 | |
a1d2976b |
476 | \S{faq-colours}{Question} I clicked on a colour in the Colours |
70706890 |
477 | panel, and the colour didn't change in my terminal. |
ee46ef84 |
478 | |
479 | That isn't how you're supposed to use the Colours panel. |
480 | |
481 | During the course of a session, PuTTY potentially uses \e{all} the |
482 | colours listed in the Colours panel. It's not a question of using |
483 | only one of them and you choosing which one; PuTTY will use them |
484 | \e{all}. The purpose of the Colours panel is to let you adjust the |
485 | appearance of all the colours. So to change the colour of the |
486 | cursor, for example, you would select \q{Cursor Colour}, press the |
487 | \q{Modify} button, and select a new colour from the dialog box that |
488 | appeared. Similarly, if you want your session to appear in green, |
489 | you should select \q{Default Foreground} and press \q{Modify}. |
490 | Clicking on \q{ANSI Green} won't turn your session green; it will |
491 | only allow you to adjust the \e{shade} of green used when PuTTY is |
492 | instructed by the server to display green text. |
493 | |
a1d2976b |
494 | \S{faq-winsock2}{Question} Plink on Windows 95 says it can't find |
70706890 |
495 | \cw{WS2_32.DLL}. |
ee46ef84 |
496 | |
497 | Plink requires the extended Windows network library, WinSock version |
498 | 2. This is installed as standard on Windows 98 and above, and on |
499 | Windows NT, and even on later versions of Windows 95; but early |
500 | Win95 installations don't have it. |
501 | |
502 | In order to use Plink on these systems, you will need to download |
503 | the |
504 | \W{http://www.microsoft.com/windows95/downloads/contents/wuadmintools/s_wunetworkingtools/w95sockets2/}{WinSock 2 upgrade}: |
505 | |
506 | \c http://www.microsoft.com/windows95/downloads/contents/wuadmintools/ |
507 | \c s_wunetworkingtools/w95sockets2/ |
508 | |
a1d2976b |
509 | \S{faq-rekey}{Question} My PuTTY sessions close after an hour and |
70706890 |
510 | tell me \q{Server failed host key check}. |
ee46ef84 |
511 | |
512 | This is a bug in all versions of PuTTY up to and including 0.51. SSH |
513 | v2 servers from \cw{ssh.com} will require the key exchange to be |
514 | repeated one hour after the start of the connection, and PuTTY will |
515 | get this wrong. |
516 | |
a58b605b |
517 | Upgrade to version 0.52 or better and the problem should go away. |
ee46ef84 |
518 | |
a1d2976b |
519 | \S{faq-outofmem}{Question} After trying to establish an SSH 2 |
70706890 |
520 | connection, PuTTY says \q{Out of memory} and dies. |
ee46ef84 |
521 | |
522 | If this happens just while the connection is starting up, this often |
523 | indicates that for some reason the client and server have failed to |
524 | establish a session encryption key. Somehow, they have performed |
525 | calculations that should have given each of them the same key, but |
526 | have ended up with different keys; so data encrypted by one and |
527 | decrypted by the other looks like random garbage. |
528 | |
529 | This causes an \q{out of memory} error because the first encrypted |
530 | data PuTTY expects to see is the length of an SSH message. Normally |
531 | this will be something well under 100 bytes. If the decryption has |
532 | failed, PuTTY will see a completely random length in the region of |
533 | two \e{gigabytes}, and will try to allocate enough memory to store |
534 | this non-existent message. This will immediately lead to it thinking |
535 | it doesn't have enough memory, and panicking. |
536 | |
537 | If this happens to you, it is quite likely to still be a PuTTY bug |
538 | and you should report it (although it might be a bug in your SSH |
539 | server instead); but it doesn't necessarily mean you've actually run |
540 | out of memory. |
541 | |
9accb45d |
542 | \S{faq-outofmem2}{Question} When attempting a file transfer, either |
543 | PSCP or PSFTP says \q{Out of memory} and dies. |
544 | |
545 | This is almost always caused by your login scripts on the server |
546 | generating output. PSCP or PSFTP will receive that output when they |
547 | were expecting to see the start of a file transfer protocol, and |
548 | they will attempt to interpret the output as file-transfer protocol. |
549 | This will usually lead to an \q{out of memory} error for much the |
550 | same reasons as given in \k{faq-outofmem}. |
551 | |
552 | This is a setup problem in your account on your server, \e{not} a |
553 | PSCP/PSFTP bug. Your login scripts should \e{never} generate output |
554 | during non-interactive sessions; secure file transfer is not the |
555 | only form of remote access that will break if they do. |
556 | |
557 | On Unix, a simple fix is to ensure that all the parts of your login |
558 | script that might generate output are in \c{.profile} (if you use a |
559 | Bourne shell derivative) or \c{.login} (if you use a C shell). |
560 | Putting them in more general files such as \c{.bashrc} or \c{.cshrc} |
561 | is liable to lead to problems. |
562 | |
563 | \S{faq-psftp-slow} PSFTP transfers files much slower than PSCP. |
564 | |
565 | We believe this is because the SFTP and SSH2 protocols are less |
566 | efficient at bulk data transfer than SCP and SSH1, because every |
567 | block of data transferred requires an acknowledgment from the far |
568 | end. It would in theory be possible to queue several blocks of data |
569 | to get round this speed problem, but as yet we haven't done the |
570 | coding. If you really want this fixed, feel free to offer to help. |
571 | |
a1d2976b |
572 | \S{faq-bce}{Question} When I run full-colour applications, I see |
70706890 |
573 | areas of black space where colour ought to be. |
f1453e5c |
574 | |
575 | You almost certainly need to enable the \q{Use background colour to |
576 | erase screen} setting in the Terminal panel. Note that if you do |
577 | this in mid-session, it won't take effect until you reset the |
578 | terminal (see \k{faq-resetterm}). |
579 | |
a1d2976b |
580 | \S{faq-resetterm}{Question} When I change some terminal settings, |
70706890 |
581 | nothing happens. |
f1453e5c |
582 | |
583 | Some of the terminal options (notably Auto Wrap and |
584 | background-colour screen erase) actually represent the \e{default} |
585 | setting, rather than the currently active setting. The server can |
586 | send sequences that modify these options in mid-session, but when |
587 | the terminal is reset (by server action, or by you choosing \q{Reset |
588 | Terminal} from the System menu) the defaults are restored. |
589 | |
590 | If you want to change one of these options in the middle of a |
591 | session, you will find that the change does not immediately take |
592 | effect. It will only take effect once you reset the terminal. |
593 | |
a1d2976b |
594 | \S{faq-altgr}{Question} I can't type characters that require the |
70706890 |
595 | AltGr key. |
ee46ef84 |
596 | |
32c37ecd |
597 | In PuTTY version 0.51, the AltGr key was broken. Upgrade to version |
a58b605b |
598 | 0.52 or better. |
ee46ef84 |
599 | |
a1d2976b |
600 | \S{faq-idleout}{Question} My PuTTY sessions unexpectedly close after |
70706890 |
601 | they are idle for a while. |
ee46ef84 |
602 | |
603 | Some types of firewall, and almost any router doing Network Address |
604 | Translation (NAT, also known as IP masquerading), will forget about |
605 | a connection through them if the connection does nothing for too |
606 | long. This will cause the connection to be rudely cut off when |
607 | contact is resumed. |
608 | |
609 | You can try to combat this by telling PuTTY to send \e{keepalives}: |
610 | packets of data which have no effect on the actual session, but |
611 | which reassure the router or firewall that the network connection is |
612 | still active and worth remembering about. |
613 | |
614 | Keepalives don't solve everything, unfortunately; although they |
615 | cause greater robustness against this sort of router, they can also |
616 | cause a \e{loss} of robustness against network dropouts. See |
617 | \k{config-keepalive} in the documentation for more discussion of |
618 | this. |
619 | |
a1d2976b |
620 | \S{faq-timeout}{Question} PuTTY's network connections time out too |
70706890 |
621 | quickly when network connectivity is temporarily lost. |
ee46ef84 |
622 | |
623 | This is a Windows problem, not a PuTTY problem. The timeout value |
624 | can't be set on per application or per session basis. To increase |
625 | the TCP timeout globally, you need to tinker with the Registry. |
626 | |
627 | On Windows 95, 98 or ME, the registry key you need to change is |
628 | |
629 | \c HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\ |
630 | \c MSTCP\MaxDataRetries |
631 | |
632 | (it must be of type DWORD in Win95, or String in Win98/ME). |
633 | |
634 | On Windows NT or 2000, the registry key is |
635 | |
636 | \c HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\ |
637 | \c Parameters\TcpMaxDataRetransmissions |
638 | |
639 | and it must be of type DWORD. |
640 | |
641 | Set the key's value to something like 10. This will cause Windows to |
642 | try harder to keep connections alive instead of abandoning them. |
643 | |
a1d2976b |
644 | \S{faq-puttyputty}{Question} When I \cw{cat} a binary file, I get |
ee46ef84 |
645 | `PuTTYPuTTYPuTTY' on my command line. |
646 | |
a5a6cb30 |
647 | Don't do that, then. |
ee46ef84 |
648 | |
649 | This is designed behaviour; when PuTTY receives the character |
650 | Control-E from the remote server, it interprets it as a request to |
651 | identify itself, and so it sends back the string \q{\cw{PuTTY}} as |
652 | if that string had been entered at the keyboard. Control-E should |
653 | only be sent by programs that are prepared to deal with the |
654 | response. Writing a binary file to your terminal is likely to output |
655 | many Control-E characters, and cause this behaviour. Don't do it. |
656 | It's a bad plan. |
657 | |
a5a6cb30 |
658 | To mitigate the effects, you could configure the answerback string |
659 | to be empty (see \k{config-answerback}); but writing binary files to |
660 | your terminal is likely to cause various other unpleasant behaviour, |
661 | so this is only a small remedy. |
662 | |
babac7bd |
663 | \S{faq-wintitle}{Question} When I \cw{cat} a binary file, my window |
664 | title changes to a nonsense string. |
ee46ef84 |
665 | |
a5a6cb30 |
666 | Don't do that, then. |
ee46ef84 |
667 | |
668 | It is designed behaviour that PuTTY should have the ability to |
669 | adjust the window title on instructions from the server. Normally |
670 | the control sequence that does this should only be sent |
671 | deliberately, by programs that know what they are doing and intend |
672 | to put meaningful text in the window title. Writing a binary file to |
673 | your terminal runs the risk of sending the same control sequence by |
674 | accident, and cause unexpected changes in the window title. Don't do |
675 | it. |
676 | |
babac7bd |
677 | \S{faq-password-fails}{Question} My keyboard stops working once |
678 | PuTTY displays the password prompt. |
59c1f1f6 |
679 | |
680 | No, it doesn't. PuTTY just doesn't display the password you type, so |
681 | that someone looking at your screen can't see what it is. |
682 | |
683 | Unlike the Windows login prompts, PuTTY doesn't display the password |
684 | as a row of asterisks either. This is so that someone looking at |
685 | your screen can't even tell how \e{long} your password is, which |
686 | might be valuable information. |
687 | |
b5bee048 |
688 | \S{faq-keyboard}{Question} One or more function keys don't do what I |
689 | expected in a server-side application. |
690 | |
691 | If you've already tried all the relevant options in the PuTTY |
692 | Keyboard panel, you may need to mail the PuTTY maintainers and ask. |
693 | |
694 | It is \e{not} usually helpful just to tell us which application, |
695 | which server operating system, and which key isn't working; in order |
696 | to replicate the problem we would need to have a copy of every |
697 | operating system, and every application, that anyone has ever |
698 | complained about. |
699 | |
700 | PuTTY responds to function key presses by sending a sequence of |
701 | control characters to the server. If a function key isn't doing what |
702 | you expect, it's likely that the character sequence your application |
703 | is expecting to receive is not the same as the one PuTTY is sending. |
704 | Therefore what we really need to know is \e{what} sequence the |
705 | application is expecting. |
706 | |
707 | The simplest way to investigate this is to find some other terminal |
708 | environment, in which that function key \e{does} work; and then |
709 | investigate what sequence the function key is sending in that |
710 | situation. One reasonably easy way to do this on a Unix system is to |
711 | type the command \c{cat}, and then press the function key. This is |
712 | likely to produce output of the form \c{^[[11~}. You can also do |
713 | this in PuTTY, to find out what sequence the function key is |
714 | producing in that. Then you can mail the PuTTY maintainers and tell |
715 | us \q{I wanted the F1 key to send \c{^[[11~}, but instead it's |
716 | sending \c{^[OP}, can this be done?}, or something similar. |
717 | |
718 | You should still read the |
719 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/feedback.html}{Feedback |
720 | page} on the PuTTY website (also provided as \k{feedback} in the |
721 | manual), and follow the guidelines contained in that. |
722 | |
941d39e2 |
723 | \S{faq-openssh-bad-openssl}{Question} Since my SSH server was upgraded |
724 | to OpenSSH 3.1p1/3.4p1, I can no longer connect with PuTTY. |
1d2a9c9c |
725 | |
726 | There is a known problem when OpenSSH has been built against an |
727 | incorrect version of OpenSSL; the quick workaround is to configure |
728 | PuTTY to use SSH protocol 2 and the Blowfish cipher. |
729 | |
941d39e2 |
730 | For more details and OpenSSH patches, see |
731 | \W{http://bugzilla.mindrot.org/show_bug.cgi?id=138}{bug 138} in the |
732 | OpenSSH BTS. |
733 | |
1d2a9c9c |
734 | This is not a PuTTY-specific problem; if you try to connect with |
941d39e2 |
735 | another client you'll likely have similar problems. (Although PuTTY's |
736 | default cipher differs from many other clients.) |
1d2a9c9c |
737 | |
941d39e2 |
738 | \e{OpenSSH 3.1p1:} configurations known to be broken (and symptoms): |
1d2a9c9c |
739 | |
740 | \b SSH 2 with AES cipher (PuTTY says "Assertion failed! Expression: |
741 | (len & 15) == 0" in sshaes.c, or "Out of memory", or crashes) |
742 | |
9712b085 |
743 | \b SSH 2 with 3DES (PuTTY says "Incorrect MAC received on packet") |
744 | |
1d2a9c9c |
745 | \b SSH 1 with Blowfish (PuTTY says "Incorrect CRC received on |
746 | packet") |
747 | |
748 | \b SSH 1 with 3DES |
749 | |
941d39e2 |
750 | \e{OpenSSH 3.4p1:} as of 3.4p1, only the problem with SSH 1 and |
751 | Blowfish remains. Rebuild your server, apply the patch linked to from |
752 | bug 138 above, or use another cipher (e.g., 3DES) instead. |
59f76022 |
753 | |
46ccbe20 |
754 | \e{Other versions:} we occasionally get reports of the same symptom |
755 | and workarounds with older versions of OpenSSH, although it's not |
756 | clear the underlying cause is the same. |
757 | |
1bb76745 |
758 | \S{faq-ssh2key-ssh1conn}{Question} Why do I see "Couldn't load private |
759 | key from ..."? Why can PuTTYgen load my key but not PuTTY? |
760 | |
761 | It's likely that you've generated an SSH protocol 2 key with PuTTYgen, |
762 | but you're trying to use it in an SSH 1 connection. SSH1 and SSH2 keys |
763 | have different formats, and (at least in 0.52) PuTTY's reporting of a |
764 | key in the wrong format isn't optimal. |
765 | |
766 | To connect using SSH 2 to a server that supports both versions, you |
767 | need to change the configuration from the default (see \k{faq-ssh2}). |
768 | |
ee46ef84 |
769 | \H{faq-secure} Security questions |
770 | |
a1d2976b |
771 | \S{faq-publicpc}{Question} Is it safe for me to download PuTTY and |
70706890 |
772 | use it on a public PC? |
ee46ef84 |
773 | |
774 | It depends on whether you trust that PC. If you don't trust the |
775 | public PC, don't use PuTTY on it, and don't use any other software |
776 | you plan to type passwords into either. It might be watching your |
777 | keystrokes, or it might tamper with the PuTTY binary you download. |
778 | There is \e{no} program safe enough that you can run it on an |
779 | actively malicious PC and get away with typing passwords into it. |
780 | |
781 | If you do trust the PC, then it's probably OK to use PuTTY on it |
782 | (but if you don't trust the network, then the PuTTY download might |
783 | be tampered with, so it would be better to carry PuTTY with you on a |
784 | floppy). |
785 | |
a1d2976b |
786 | \S{faq-cleanup}{Question} What does PuTTY leave on a system? How can |
70706890 |
787 | I clean up after it? |
ee46ef84 |
788 | |
789 | PuTTY will leave some Registry entries, and a random seed file, on |
790 | the PC (see \k{faq-settings}). If you are using PuTTY on a public |
791 | PC, or somebody else's PC, you might want to clean these up when you |
792 | leave. You can do that automatically, by running the command |
793 | \c{putty -cleanup}. |
794 | |
a1d2976b |
795 | \S{faq-dsa}{Question} How come PuTTY now supports DSA, when the |
70706890 |
796 | website used to say how insecure it was? |
ee46ef84 |
797 | |
798 | DSA has a major weakness \e{if badly implemented}: it relies on a |
799 | random number generator to far too great an extent. If the random |
800 | number generator produces a number an attacker can predict, the DSA |
801 | private key is exposed - meaning that the attacker can log in as you |
802 | on all systems that accept that key. |
803 | |
804 | The PuTTY policy changed because the developers were informed of |
805 | ways to implement DSA which do not suffer nearly as badly from this |
806 | weakness, and indeed which don't need to rely on random numbers at |
807 | all. For this reason we now believe PuTTY's DSA implementation is |
808 | probably OK. However, if you have the choice, we still recommend you |
809 | use RSA instead. |
810 | |
ee4b471f |
811 | \S{faq-virtuallock}{Question} Couldn't Pageant use |
812 | \cw{VirtualLock()} to stop private keys being written to disk? |
f9908cf7 |
813 | |
ee4b471f |
814 | Unfortunately not. The \cw{VirtualLock()} function in the Windows |
815 | API doesn't do a proper job: it may prevent small pieces of a |
816 | process's memory from being paged to disk while the process is |
817 | running, but it doesn't stop the process's memory as a whole from |
818 | being swapped completely out to disk when the process is long-term |
819 | inactive. And Pageant spends most of its time inactive. |
f9908cf7 |
820 | |
ee46ef84 |
821 | \H{faq-admin} Administrative questions |
822 | |
a1d2976b |
823 | \S{faq-domain}{Question} Would you like me to register you a nicer |
70706890 |
824 | domain name? |
ee46ef84 |
825 | |
826 | No, thank you. Even if you can find one (most of them seem to have |
827 | been registered already, by people who didn't ask whether we |
828 | actually wanted it before they applied), we're happy with the PuTTY |
829 | web site being exactly where it is. It's not hard to find (just type |
830 | \q{putty} into \W{http://www.google.com/}{google.com} and we're the |
831 | first link returned), and we don't believe the administrative hassle |
832 | of moving the site would be worth the benefit. |
833 | |
834 | In addition, if we \e{did} want a custom domain name, we would want |
835 | to run it ourselves, so we knew for certain that it would continue |
836 | to point where we wanted it, and wouldn't suddenly change or do |
837 | strange things. Having it registered for us by a third party who we |
838 | don't even know is not the best way to achieve this. |
839 | |
a1d2976b |
840 | \S{faq-webhosting}{Question} Would you like free web hosting for the |
70706890 |
841 | PuTTY web site? |
ee46ef84 |
842 | |
843 | We already have some, thanks. |
844 | |
a1d2976b |
845 | \S{faq-sourceforge}{Question} Why don't you move PuTTY to |
70706890 |
846 | SourceForge? |
ee46ef84 |
847 | |
848 | Partly, because we don't want to move the web site location (see |
849 | \k{faq-domain}). |
850 | |
851 | Also, security reasons. PuTTY is a security product, and as such it |
852 | is particularly important to guard the code and the web site against |
853 | unauthorised modifications which might introduce subtle security |
854 | flaws. Therefore, we prefer that the CVS repository, web site and |
855 | FTP site remain where they are, under the direct control of system |
856 | administrators we know and trust personally, rather than being run |
857 | by a large organisation full of people we've never met and which is |
858 | known to have had breakins in the past. |
859 | |
860 | No offence to SourceForge; I think they do a wonderful job. But |
861 | they're not ideal for everyone, and in particular they're not ideal |
862 | for us. |
863 | |
a1d2976b |
864 | \S{faq-mailinglist1}{Question} Why can't I subscribe to the |
70706890 |
865 | putty-bugs mailing list? |
ee46ef84 |
866 | |
867 | Because you're not a member of the PuTTY core development team. The |
868 | putty-bugs mailing list is not a general newsgroup-like discussion |
869 | forum; it's a contact address for the core developers, and an |
870 | \e{internal} mailing list for us to discuss things among ourselves. |
871 | If we opened it up for everybody to subscribe to, it would turn into |
872 | something more like a newsgroup and we would be completely |
873 | overwhelmed by the volume of traffic. It's hard enough to keep up |
874 | with the list as it is. |
875 | |
a1d2976b |
876 | \S{faq-mailinglist2}{Question} If putty-bugs isn't a |
70706890 |
877 | general-subscription mailing list, what is? |
ee46ef84 |
878 | |
879 | There isn't one, that we know of. |
880 | |
881 | If someone else wants to set up a mailing list for PuTTY users to |
882 | help each other with common problems, that would be fine with us; |
883 | but the PuTTY team would almost certainly not have the time to read |
884 | it, so any questions the list couldn't answer would have to be |
885 | forwarded on to us by the questioner. In any case, it's probably |
886 | better to use the established newsgroup \cw{comp.security.ssh} for |
887 | this purpose. |
888 | |
a1d2976b |
889 | \S{faq-donations}{Question} How can I donate to PuTTY development? |
ee46ef84 |
890 | |
891 | Please, \e{please} don't feel you have to. PuTTY is completely free |
892 | software, and not shareware. We think it's very important that |
893 | \e{everybody} who wants to use PuTTY should be able to, whether they |
894 | have any money or not; so the last thing we would want is for a |
895 | PuTTY user to feel guilty because they haven't paid us any money. If |
896 | you want to keep your money, please do keep it. We wouldn't dream of |
897 | asking for any. |
898 | |
899 | Having said all that, if you still really \e{want} to give us money, |
900 | we won't argue :-) The easiest way for us to accept donations is if |
901 | you go to \W{http://www.e-gold.com}\cw{www.e-gold.com}, and deposit |
902 | your donation in account number 174769. Then send us e-mail to let |
903 | us know you've done so (otherwise we might not notice for months!). |
9cd3f7b0 |
904 | Alternatively, if e-gold isn't convenient for you, you can donate to |
905 | \cw{<anakin@pobox.com>} using PayPal |
906 | (\W{http://www.paypal.com/}\cw{www.paypal.com}). |
ee46ef84 |
907 | |
908 | Small donations (tens of dollars or tens of euros) will probably be |
909 | spent on beer or curry, which helps motivate our volunteer team to |
910 | continue doing this for the world. Larger donations will be spent on |
911 | something that actually helps development, if we can find anything |
9cd3f7b0 |
912 | (perhaps new hardware, or a copy of Windows XP), but if we can't |
ee46ef84 |
913 | find anything then we'll just distribute the money among the |
914 | developers. If you want to be sure your donation is going towards |
915 | something worthwhile, ask us first. If you don't like these terms, |
916 | feel perfectly free not to donate. We don't mind. |
917 | |
f9908cf7 |
918 | \H{faq-misc} Miscellaneous questions |
919 | |
920 | \S{faq-openssh}{Question} Is PuTTY a port of OpenSSH, or based on |
921 | OpenSSH? |
922 | |
923 | No, it isn't. PuTTY is almost completely composed of code written |
924 | from scratch for PuTTY. The only code we share with OpenSSH is the |
925 | detector for SSH1 CRC compensation attacks, written by CORE SDI S.A. |
926 | |
606398fb |
927 | \S{faq-sillyputty}{Question} Where can I buy silly putty? |
928 | |
929 | You're looking at the wrong web site; the only PuTTY we know about |
930 | here is the name of a computer program. |
931 | |
932 | If you want the kind of putty you can buy as an executive toy, the |
933 | PuTTY team can personally recommend Thinking Putty, which you can |
934 | buy from Crazy Aaron's Putty World, at |
935 | \W{http://www.puttyworld.com}\cw{www.puttyworld.com}. |
936 | |
a1d2976b |
937 | \S{faq-pronounce}{Question} How do I pronounce PuTTY? |
ee46ef84 |
938 | |
939 | Exactly like the normal word \q{putty}. Just like the stuff you put |
940 | on window frames. (One of the reasons it's called PuTTY is because |
941 | it makes Windows usable. :-) |