39a938f7 |
1 | \define{versionidconfig} \versionid $Id$ |
8f1529bc |
2 | |
e5b0d077 |
3 | \C{config} Configuring PuTTY |
4 | |
421406a4 |
5 | This chapter describes all the \i{configuration options} in PuTTY. |
55ba634a |
6 | |
7 | PuTTY is configured using the control panel that comes up before you |
8 | start a session. Some options can also be changed in the middle of a |
d60c975d |
9 | session, by selecting \q{Change Settings} from the window menu. |
55ba634a |
10 | |
11 | \H{config-session} The Session panel |
12 | |
13 | The Session configuration panel contains the basic options you need |
14 | to specify in order to open a session at all, and also allows you to |
15 | save your settings to be reloaded later. |
16 | |
421406a4 |
17 | \S{config-hostname} The \i{host name} section |
55ba634a |
18 | |
70133c0e |
19 | \cfg{winhelp-topic}{session.hostname} |
20 | |
55ba634a |
21 | The top box on the Session panel, labelled \q{Specify your |
22 | connection by host name}, contains the details that need to be |
23 | filled in before PuTTY can open a session at all. |
24 | |
421406a4 |
25 | \b The \q{Host Name} box is where you type the name, or the \i{IP |
26 | address}, of the server you want to connect to. |
55ba634a |
27 | |
7374c779 |
28 | \b The \q{Connection type} radio buttons let you choose what type of |
421406a4 |
29 | connection you want to make: a \I{raw TCP connections}raw |
7374c779 |
30 | connection, a \i{Telnet} connection, an \i{Rlogin} connection, an |
31 | \i{SSH} connection, or a connection to a local \i{serial line}. (See |
32 | \k{which-one} for a summary of the differences between SSH, Telnet |
33 | and rlogin; see \k{using-rawprot} for an explanation of \q{raw} |
34 | connections; see \k{using-serial} for information about using a |
35 | serial line.) |
36 | |
37 | \b The \q{Port} box lets you specify which \i{port number} on the |
38 | server to connect to. If you select Telnet, Rlogin, or SSH, this box |
39 | will be filled in automatically to the usual value, and you will |
40 | only need to change it if you have an unusual server. If you select |
41 | Raw mode, you will almost certainly need to fill in the \q{Port} box |
42 | yourself. |
43 | |
44 | If you select \q{Serial} from the \q{Connection type} radio buttons, |
45 | the \q{Host Name} and \q{Port} boxes are replaced by \q{Serial line} |
46 | and \q{Speed}; see \k{config-serial} for more details of these. |
55ba634a |
47 | |
421406a4 |
48 | \S{config-saving} \ii{Loading and storing saved sessions} |
55ba634a |
49 | |
70133c0e |
50 | \cfg{winhelp-topic}{session.saved} |
51 | |
55ba634a |
52 | The next part of the Session configuration panel allows you to save |
53 | your preferred PuTTY options so they will appear automatically the |
54 | next time you start PuTTY. It also allows you to create \e{saved |
55 | sessions}, which contain a full set of configuration options plus a |
56 | host name and protocol. A saved session contains all the information |
57 | PuTTY needs to start exactly the session you want. |
58 | |
59 | \b To save your default settings: first set up the settings the way |
60 | you want them saved. Then come back to the Session panel. Select the |
421406a4 |
61 | \q{\i{Default Settings}} entry in the saved sessions list, with a single |
d60c975d |
62 | click. Then press the \q{Save} button. |
55ba634a |
63 | |
e0cff44d |
64 | If there is a specific host you want to store the details of how to |
65 | connect to, you should create a saved session, which will be |
66 | separate from the Default Settings. |
67 | |
55ba634a |
68 | \b To save a session: first go through the rest of the configuration |
69 | box setting up all the options you want. Then come back to the |
d60c975d |
70 | Session panel. Enter a name for the saved session in the \q{Saved |
55ba634a |
71 | Sessions} input box. (The server name is often a good choice for a |
d60c975d |
72 | saved session name.) Then press the \q{Save} button. Your saved |
55ba634a |
73 | session name should now appear in the list box. |
74 | |
3dc431eb |
75 | \lcont{ |
76 | You can also save settings in mid-session, from the \q{Change Settings} |
77 | dialog. Settings changed since the start of the session will be saved |
78 | with their current values; as well as settings changed through the |
79 | dialog, this includes changes in window size, window title changes |
80 | sent by the server, and so on. |
81 | } |
82 | |
55ba634a |
83 | \b To reload a saved session: single-click to select the session |
d60c975d |
84 | name in the list box, and then press the \q{Load} button. Your saved |
55ba634a |
85 | settings should all appear in the configuration panel. |
86 | |
87 | \b To modify a saved session: first load it as described above. Then |
5dce67f7 |
88 | make the changes you want. Come back to the Session panel, and press |
d60c975d |
89 | the \q{Save} button. The new settings will be saved over the top of |
3dc431eb |
90 | the old ones. |
5dce67f7 |
91 | |
92 | \lcont{ |
93 | To save the new settings under a different name, you can enter the new |
94 | name in the \q{Saved Sessions} box, or single-click to select a |
95 | session name in the list box to overwrite that session. To save |
96 | \q{Default Settings}, you must single-click the name before saving. |
97 | } |
55ba634a |
98 | |
99 | \b To start a saved session immediately: double-click on the session |
100 | name in the list box. |
101 | |
102 | \b To delete a saved session: single-click to select the session |
d60c975d |
103 | name in the list box, and then press the \q{Delete} button. |
55ba634a |
104 | |
105 | Each saved session is independent of the Default Settings |
106 | configuration. If you change your preferences and update Default |
107 | Settings, you must also update every saved session separately. |
108 | |
421406a4 |
109 | Saved sessions are stored in the \i{Registry}, at the location |
d39eea69 |
110 | |
111 | \c HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\Sessions |
112 | |
113 | If you need to store them in a file, you could try the method |
114 | described in \k{config-file}. |
115 | |
421406a4 |
116 | \S{config-closeonexit} \q{\ii{Close Window} on Exit} |
55ba634a |
117 | |
70133c0e |
118 | \cfg{winhelp-topic}{session.coe} |
119 | |
add788fc |
120 | Finally in the Session panel, there is an option labelled \q{Close |
421406a4 |
121 | Window on Exit}. This controls whether the PuTTY \i{terminal window} |
add788fc |
122 | disappears as soon as the session inside it terminates. If you are |
123 | likely to want to copy and paste text out of the session after it |
5dce67f7 |
124 | has terminated, or restart the session, you should arrange for this |
125 | option to be off. |
add788fc |
126 | |
127 | \q{Close Window On Exit} has three settings. \q{Always} means always |
128 | close the window on exit; \q{Never} means never close on exit |
5dce67f7 |
129 | (always leave the window open, but \I{inactive window}inactive). The |
130 | third setting, and the default one, is \q{Only on clean exit}. In this |
131 | mode, a session which terminates normally will cause its window to |
132 | close, but one which is aborted unexpectedly by network trouble or a |
133 | confusing message from the server will leave the window up. |
add788fc |
134 | |
135 | \H{config-logging} The Logging panel |
136 | |
70133c0e |
137 | \cfg{winhelp-topic}{logging.main} |
138 | |
421406a4 |
139 | The Logging configuration panel allows you to save \i{log file}s of your |
add788fc |
140 | PuTTY sessions, for debugging, analysis or future reference. |
141 | |
142 | The main option is a radio-button set that specifies whether PuTTY |
9711106b |
143 | will log anything at all. The options are: |
add788fc |
144 | |
9711106b |
145 | \b \q{None}. This is the default option; in this mode PuTTY will not |
146 | create a log file at all. |
add788fc |
147 | |
9711106b |
148 | \b \q{Printable output}. In this mode, a log file will be |
add788fc |
149 | created and written to, but only printable text will be saved into |
150 | it. The various terminal control codes that are typically sent down |
151 | an interactive session alongside the printable text will be omitted. |
152 | This might be a useful mode if you want to read a log file in a text |
153 | editor and hope to be able to make sense of it. |
154 | |
9711106b |
155 | \b \q{All session output}. In this mode, \e{everything} sent by |
add788fc |
156 | the server into your terminal session is logged. If you view the log |
157 | file in a text editor, therefore, you may well find it full of |
158 | strange control characters. This is a particularly useful mode if |
159 | you are experiencing problems with PuTTY's terminal handling: you |
160 | can record everything that went to the terminal, so that someone |
161 | else can replay the session later in slow motion and watch to see |
162 | what went wrong. |
163 | |
9711106b |
164 | \b \I{SSH packet log}\q{SSH packets}. In this mode (which is only used |
165 | by SSH connections), the SSH message packets sent over the encrypted |
166 | connection are written to the log file (as well as \i{Event Log} |
167 | entries). You might need this to debug a network-level problem, or |
168 | more likely to send to the PuTTY authors as part of a bug report. |
169 | \e{BE WARNED} that if you log in using a password, the password can |
170 | appear in the log file; see \k{config-logssh} for options that may |
171 | help to remove sensitive material from the log file before you send it |
172 | to anyone else. |
173 | |
174 | \b \q{SSH packets and raw data}. In this mode, as well as the |
175 | decrypted packets (as in the previous mode), the \e{raw} (encrypted, |
176 | compressed, etc) packets are \e{also} logged. This could be useful to |
177 | diagnose corruption in transit. (The same caveats as the previous mode |
178 | apply, of course.) |
00db133f |
179 | |
bcc94f67 |
180 | Note that the non-SSH logging options (\q{Printable output} and |
181 | \q{All session output}) only work with PuTTY proper; in programs |
182 | without terminal emulation (such as Plink), they will have no effect, |
183 | even if enabled via saved settings. |
184 | |
add788fc |
185 | \S{config-logfilename} \q{Log file name} |
186 | |
70133c0e |
187 | \cfg{winhelp-topic}{logging.filename} |
188 | |
add788fc |
189 | In this edit box you enter the name of the file you want to log the |
190 | session to. The \q{Browse} button will let you look around your file |
191 | system to find the right place to put the file; or if you already |
192 | know exactly where you want it to go, you can just type a pathname |
193 | into the edit box. |
194 | |
195 | There are a few special features in this box. If you use the \c{&} |
196 | character in the file name box, PuTTY will insert details of the |
197 | current session in the name of the file it actually opens. The |
198 | precise replacements it will do are: |
199 | |
200 | \b \c{&Y} will be replaced by the current year, as four digits. |
201 | |
202 | \b \c{&M} will be replaced by the current month, as two digits. |
203 | |
204 | \b \c{&D} will be replaced by the current day of the month, as two |
205 | digits. |
206 | |
207 | \b \c{&T} will be replaced by the current time, as six digits |
208 | (HHMMSS) with no punctuation. |
209 | |
210 | \b \c{&H} will be replaced by the host name you are connecting to. |
211 | |
212 | For example, if you enter the host name |
213 | \c{c:\\puttylogs\\log-&h-&y&m&d-&t.dat}, you will end up with files looking |
214 | like |
215 | |
216 | \c log-server1.example.com-20010528-110859.dat |
217 | \c log-unixbox.somewhere.org-20010611-221001.dat |
218 | |
219 | \S{config-logfileexists} \q{What to do if the log file already exists} |
220 | |
70133c0e |
221 | \cfg{winhelp-topic}{logging.exists} |
222 | |
add788fc |
223 | This control allows you to specify what PuTTY should do if it tries |
224 | to start writing to a log file and it finds the file already exists. |
225 | You might want to automatically destroy the existing log file and |
226 | start a new one with the same name. Alternatively, you might want to |
227 | open the existing log file and add data to the \e{end} of it. |
228 | Finally (the default option), you might not want to have any |
229 | automatic behaviour, but to ask the user every time the problem |
230 | comes up. |
55ba634a |
231 | |
421406a4 |
232 | \S{config-logflush} \I{log file, flushing}\q{Flush log file frequently} |
6d60c791 |
233 | |
234 | \cfg{winhelp-topic}{logging.flush} |
235 | |
236 | This option allows you to control how frequently logged data is |
237 | flushed to disc. By default, PuTTY will flush data as soon as it is |
238 | displayed, so that if you view the log file while a session is still |
239 | open, it will be up to date; and if the client system crashes, there's |
240 | a greater chance that the data will be preserved. |
241 | |
242 | However, this can incur a performance penalty. If PuTTY is running |
243 | slowly with logging enabled, you could try unchecking this option. Be |
244 | warned that the log file may not always be up to date as a result |
245 | (although it will of course be flushed when it is closed, for instance |
246 | at the end of a session). |
247 | |
421406a4 |
248 | \S{config-logssh} Options specific to \i{SSH packet log}ging |
9a10ecf4 |
249 | |
250 | These options only apply if SSH packet data is being logged. |
251 | |
252 | The following options allow particularly sensitive portions of |
253 | unencrypted packets to be automatically left out of the log file. |
254 | They are only intended to deter casual nosiness; an attacker could |
255 | glean a lot of useful information from even these obfuscated logs |
256 | (e.g., length of password). |
257 | |
258 | \S2{config-logssh-omitpw} \q{Omit known password fields} |
259 | |
260 | \cfg{winhelp-topic}{logging.ssh.omitpassword} |
261 | |
9711106b |
262 | When checked, decrypted password fields are removed from the log of |
263 | transmitted packets. (This includes any user responses to |
264 | challenge-response authentication methods such as |
265 | \q{keyboard-interactive}.) This does not include X11 authentication |
266 | data if using X11 forwarding. |
9a10ecf4 |
267 | |
268 | Note that this will only omit data that PuTTY \e{knows} to be a |
269 | password. However, if you start another login session within your |
270 | PuTTY session, for instance, any password used will appear in the |
271 | clear in the packet log. The next option may be of use to protect |
272 | against this. |
273 | |
274 | This option is enabled by default. |
275 | |
276 | \S2{config-logssh-omitdata} \q{Omit session data} |
277 | |
278 | \cfg{winhelp-topic}{logging.ssh.omitdata} |
279 | |
9711106b |
280 | When checked, all decrypted \q{session data} is omitted; this is |
281 | defined as data in terminal sessions and in forwarded channels (TCP, |
282 | X11, and authentication agent). This will usually substantially reduce |
283 | the size of the resulting log file. |
9a10ecf4 |
284 | |
285 | This option is disabled by default. |
286 | |
55ba634a |
287 | \H{config-terminal} The Terminal panel |
288 | |
289 | The Terminal configuration panel allows you to control the behaviour |
421406a4 |
290 | of PuTTY's \i{terminal emulation}. |
55ba634a |
291 | |
292 | \S{config-autowrap} \q{Auto wrap mode initially on} |
293 | |
70133c0e |
294 | \cfg{winhelp-topic}{terminal.autowrap} |
295 | |
421406a4 |
296 | \ii{Auto wrap mode} controls what happens when text printed in a PuTTY |
55ba634a |
297 | window reaches the right-hand edge of the window. |
298 | |
299 | With auto wrap mode on, if a long line of text reaches the |
300 | right-hand edge, it will wrap over on to the next line so you can |
301 | still see all the text. With auto wrap mode off, the cursor will |
302 | stay at the right-hand edge of the screen, and all the characters in |
303 | the line will be printed on top of each other. |
304 | |
305 | If you are running a full-screen application and you occasionally |
306 | find the screen scrolling up when it looks as if it shouldn't, you |
307 | could try turning this option off. |
308 | |
421406a4 |
309 | Auto wrap mode can be turned on and off by \i{control sequence}s sent by |
64734920 |
310 | the server. This configuration option controls the \e{default} |
311 | state, which will be restored when you reset the terminal (see |
312 | \k{reset-terminal}). However, if you modify this option in |
313 | mid-session using \q{Change Settings}, it will take effect |
314 | immediately. |
55ba634a |
315 | |
316 | \S{config-decom} \q{DEC Origin Mode initially on} |
317 | |
70133c0e |
318 | \cfg{winhelp-topic}{terminal.decom} |
319 | |
421406a4 |
320 | \i{DEC Origin Mode} is a minor option which controls how PuTTY |
321 | interprets cursor-position \i{control sequence}s sent by the server. |
55ba634a |
322 | |
421406a4 |
323 | The server can send a control sequence that restricts the \i{scrolling |
324 | region} of the display. For example, in an editor, the server might |
55ba634a |
325 | reserve a line at the top of the screen and a line at the bottom, |
326 | and might send a control sequence that causes scrolling operations |
327 | to affect only the remaining lines. |
328 | |
421406a4 |
329 | With DEC Origin Mode on, \i{cursor coordinates} are counted from the top |
55ba634a |
330 | of the scrolling region. With it turned off, cursor coordinates are |
331 | counted from the top of the whole screen regardless of the scrolling |
332 | region. |
333 | |
334 | It is unlikely you would need to change this option, but if you find |
335 | a full-screen application is displaying pieces of text in what looks |
336 | like the wrong part of the screen, you could try turning DEC Origin |
337 | Mode on to see whether that helps. |
338 | |
2f8d6d43 |
339 | DEC Origin Mode can be turned on and off by control sequences sent |
64734920 |
340 | by the server. This configuration option controls the \e{default} |
341 | state, which will be restored when you reset the terminal (see |
342 | \k{reset-terminal}). However, if you modify this option in |
343 | mid-session using \q{Change Settings}, it will take effect |
344 | immediately. |
55ba634a |
345 | |
346 | \S{config-crlf} \q{Implicit CR in every LF} |
347 | |
70133c0e |
348 | \cfg{winhelp-topic}{terminal.lfhascr} |
349 | |
421406a4 |
350 | Most servers send two control characters, \i{CR} and \i{LF}, to start a |
351 | \i{new line} of the screen. The CR character makes the cursor return to the |
55ba634a |
352 | left-hand side of the screen. The LF character makes the cursor move |
353 | one line down (and might make the screen scroll). |
354 | |
355 | Some servers only send LF, and expect the terminal to move the |
356 | cursor over to the left automatically. If you come across a server |
421406a4 |
357 | that does this, you will see a \I{stair-stepping}stepped effect on the |
358 | screen, like this: |
55ba634a |
359 | |
360 | \c First line of text |
361 | \c Second line |
362 | \c Third line |
363 | |
364 | If this happens to you, try enabling the \q{Implicit CR in every LF} |
365 | option, and things might go back to normal: |
366 | |
367 | \c First line of text |
368 | \c Second line |
369 | \c Third line |
370 | |
7612f22f |
371 | \S{config-lfcr} \q{Implicit LF in every CR} |
372 | |
373 | \cfg{winhelp-topic}{terminal.crhaslf} |
374 | |
375 | Most servers send two control characters, \i{CR} and \i{LF}, to start a |
376 | \i{new line} of the screen. The CR character makes the cursor return to the |
377 | left-hand side of the screen. The LF character makes the cursor move |
378 | one line down (and might make the screen scroll). |
379 | |
380 | Some servers only send CR, and so the newly |
381 | written line is overwritten by the following line. This option causes |
382 | a line feed so that all lines are displayed. |
383 | |
421406a4 |
384 | \S{config-erase} \q{Use \i{background colour} to erase screen} |
55ba634a |
385 | |
70133c0e |
386 | \cfg{winhelp-topic}{terminal.bce} |
387 | |
55ba634a |
388 | Not all terminals agree on what colour to turn the screen when the |
421406a4 |
389 | server sends a \q{\i{clear screen}} sequence. Some terminals believe the |
55ba634a |
390 | screen should always be cleared to the \e{default} background |
391 | colour. Others believe the screen should be cleared to whatever the |
392 | server has selected as a background colour. |
393 | |
394 | There exist applications that expect both kinds of behaviour. |
395 | Therefore, PuTTY can be configured to do either. |
396 | |
397 | With this option disabled, screen clearing is always done in the |
398 | default background colour. With this option enabled, it is done in |
399 | the \e{current} background colour. |
400 | |
421406a4 |
401 | Background-colour erase can be turned on and off by \i{control |
402 | sequences} sent by the server. This configuration option controls the |
64734920 |
403 | \e{default} state, which will be restored when you reset the |
404 | terminal (see \k{reset-terminal}). However, if you modify this |
405 | option in mid-session using \q{Change Settings}, it will take effect |
406 | immediately. |
2f8d6d43 |
407 | |
421406a4 |
408 | \S{config-blink} \q{Enable \i{blinking text}} |
55ba634a |
409 | |
70133c0e |
410 | \cfg{winhelp-topic}{terminal.blink} |
411 | |
55ba634a |
412 | The server can ask PuTTY to display text that blinks on and off. |
413 | This is very distracting, so PuTTY allows you to turn blinking text |
414 | off completely. |
415 | |
2f8d6d43 |
416 | When blinking text is disabled and the server attempts to make some |
421406a4 |
417 | text blink, PuTTY will instead display the text with a \I{background |
418 | colour, bright}bolded background colour. |
2f8d6d43 |
419 | |
421406a4 |
420 | Blinking text can be turned on and off by \i{control sequence}s sent by |
64734920 |
421 | the server. This configuration option controls the \e{default} |
422 | state, which will be restored when you reset the terminal (see |
423 | \k{reset-terminal}). However, if you modify this option in |
424 | mid-session using \q{Change Settings}, it will take effect |
425 | immediately. |
2f8d6d43 |
426 | |
421406a4 |
427 | \S{config-answerback} \q{\ii{Answerback} to ^E} |
a5a6cb30 |
428 | |
70133c0e |
429 | \cfg{winhelp-topic}{terminal.answerback} |
430 | |
a5a6cb30 |
431 | This option controls what PuTTY will send back to the server if the |
421406a4 |
432 | server sends it the ^E \i{enquiry character}. Normally it just sends |
a5a6cb30 |
433 | the string \q{PuTTY}. |
434 | |
2f8d6d43 |
435 | If you accidentally write the contents of a binary file to your |
436 | terminal, you will probably find that it contains more than one ^E |
437 | character, and as a result your next command line will probably read |
438 | \q{PuTTYPuTTYPuTTY...} as if you had typed the answerback string |
439 | multiple times at the keyboard. If you set the answerback string to |
440 | be empty, this problem should go away, but doing so might cause |
441 | other problems. |
442 | |
fa5d6e5e |
443 | Note that this is \e{not} the feature of PuTTY which the server will |
444 | typically use to determine your terminal type. That feature is the |
e81024f9 |
445 | \q{\ii{Terminal-type} string} in the Connection panel; see |
fa5d6e5e |
446 | \k{config-termtype} for details. |
447 | |
808c1216 |
448 | You can include control characters in the answerback string using |
449 | \c{^C} notation. (Use \c{^~} to get a literal \c{^}.) |
450 | |
421406a4 |
451 | \S{config-localecho} \q{\ii{Local echo}} |
55ba634a |
452 | |
70133c0e |
453 | \cfg{winhelp-topic}{terminal.localecho} |
454 | |
add788fc |
455 | With local echo disabled, characters you type into the PuTTY window |
456 | are not echoed in the window \e{by PuTTY}. They are simply sent to |
421406a4 |
457 | the server. (The \e{server} might choose to \I{remote echo}echo them |
458 | back to you; this can't be controlled from the PuTTY control panel.) |
55ba634a |
459 | |
add788fc |
460 | Some types of session need local echo, and many do not. In its |
461 | default mode, PuTTY will automatically attempt to deduce whether or |
462 | not local echo is appropriate for the session you are working in. If |
463 | you find it has made the wrong decision, you can use this |
464 | configuration option to override its choice: you can force local |
465 | echo to be turned on, or force it to be turned off, instead of |
466 | relying on the automatic detection. |
55ba634a |
467 | |
421406a4 |
468 | \S{config-localedit} \q{\ii{Local line editing}} |
55ba634a |
469 | |
70133c0e |
470 | \cfg{winhelp-topic}{terminal.localedit} |
471 | |
add788fc |
472 | Normally, every character you type into the PuTTY window is sent |
473 | immediately to the server the moment you type it. |
474 | |
475 | If you enable local line editing, this changes. PuTTY will let you |
476 | edit a whole line at a time locally, and the line will only be sent |
477 | to the server when you press Return. If you make a mistake, you can |
478 | use the Backspace key to correct it before you press Return, and the |
479 | server will never see the mistake. |
480 | |
481 | Since it is hard to edit a line locally without being able to see |
421406a4 |
482 | it, local line editing is mostly used in conjunction with \i{local echo} |
add788fc |
483 | (\k{config-localecho}). This makes it ideal for use in raw mode |
421406a4 |
484 | \#{FIXME} or when connecting to \i{MUD}s or \i{talker}s. (Although some more |
add788fc |
485 | advanced MUDs do occasionally turn local line editing on and turn |
486 | local echo off, in order to accept a password from the user.) |
487 | |
488 | Some types of session need local line editing, and many do not. In |
489 | its default mode, PuTTY will automatically attempt to deduce whether |
490 | or not local line editing is appropriate for the session you are |
491 | working in. If you find it has made the wrong decision, you can use |
492 | this configuration option to override its choice: you can force |
493 | local line editing to be turned on, or force it to be turned off, |
494 | instead of relying on the automatic detection. |
55ba634a |
495 | |
421406a4 |
496 | \S{config-printing} \ii{Remote-controlled printing} |
b44b307a |
497 | |
498 | \cfg{winhelp-topic}{terminal.printing} |
499 | |
500 | A lot of VT100-compatible terminals support printing under control |
501 | of the remote server. PuTTY supports this feature as well, but it is |
502 | turned off by default. |
503 | |
504 | To enable remote-controlled printing, choose a printer from the |
505 | \q{Printer to send ANSI printer output to} drop-down list box. This |
506 | should allow you to select from all the printers you have installed |
507 | drivers for on your computer. Alternatively, you can type the |
508 | network name of a networked printer (for example, |
509 | \c{\\\\printserver\\printer1}) even if you haven't already |
510 | installed a driver for it on your own machine. |
511 | |
512 | When the remote server attempts to print some data, PuTTY will send |
513 | that data to the printer \e{raw} - without translating it, |
514 | attempting to format it, or doing anything else to it. It is up to |
515 | you to ensure your remote server knows what type of printer it is |
516 | talking to. |
517 | |
518 | Since PuTTY sends data to the printer raw, it cannot offer options |
519 | such as portrait versus landscape, print quality, or paper tray |
520 | selection. All these things would be done by your PC printer driver |
521 | (which PuTTY bypasses); if you need them done, you will have to find |
522 | a way to configure your remote server to do them. |
523 | |
524 | To disable remote printing again, choose \q{None (printing |
525 | disabled)} from the printer selection list. This is the default |
526 | state. |
527 | |
55ba634a |
528 | \H{config-keyboard} The Keyboard panel |
529 | |
1630bb61 |
530 | The Keyboard configuration panel allows you to control the behaviour |
e81024f9 |
531 | of the \i{keyboard} in PuTTY. The correct state for many of these |
532 | settings depends on what the server to which PuTTY is connecting |
533 | expects. With a \i{Unix} server, this is likely to depend on the |
534 | \i\c{termcap} or \i\c{terminfo} entry it uses, which in turn is likely to |
535 | be controlled by the \q{\ii{Terminal-type} string} setting in the Connection |
536 | panel; see \k{config-termtype} for details. If none of the settings here |
537 | seems to help, you may find \k{faq-keyboard} to be useful. |
1630bb61 |
538 | |
421406a4 |
539 | \S{config-backspace} Changing the action of the \ii{Backspace key} |
55ba634a |
540 | |
70133c0e |
541 | \cfg{winhelp-topic}{keyboard.backspace} |
542 | |
1630bb61 |
543 | Some terminals believe that the Backspace key should send the same |
421406a4 |
544 | thing to the server as \i{Control-H} (ASCII code 8). Other terminals |
1630bb61 |
545 | believe that the Backspace key should send ASCII code 127 (usually |
421406a4 |
546 | known as \i{Control-?}) so that it can be distinguished from Control-H. |
1630bb61 |
547 | This option allows you to choose which code PuTTY generates when you |
548 | press Backspace. |
549 | |
c6ccd5c2 |
550 | If you are connecting over SSH, PuTTY by default tells the server |
551 | the value of this option (see \k{config-ttymodes}), so you may find |
552 | that the Backspace key does the right thing either way. Similarly, |
553 | if you are connecting to a \i{Unix} system, you will probably find that |
421406a4 |
554 | the Unix \i\c{stty} command lets you configure which the server |
c6ccd5c2 |
555 | expects to see, so again you might not need to change which one PuTTY |
1630bb61 |
556 | generates. On other systems, the server's expectation might be fixed |
557 | and you might have no choice but to configure PuTTY. |
558 | |
559 | If you do have the choice, we recommend configuring PuTTY to |
560 | generate Control-? and configuring the server to expect it, because |
561 | that allows applications such as \c{emacs} to use Control-H for |
562 | help. |
563 | |
5dce67f7 |
564 | (Typing \i{Shift-Backspace} will cause PuTTY to send whichever code |
565 | isn't configured here as the default.) |
566 | |
157a4a1c |
567 | \S{config-homeend} Changing the action of the \i{Home and End keys} |
55ba634a |
568 | |
70133c0e |
569 | \cfg{winhelp-topic}{keyboard.homeend} |
570 | |
421406a4 |
571 | The Unix terminal emulator \i\c{rxvt} disagrees with the rest of the |
1630bb61 |
572 | world about what character sequences should be sent to the server by |
573 | the Home and End keys. |
574 | |
421406a4 |
575 | \i\c{xterm}, and other terminals, send \c{ESC [1~} for the Home key, |
1630bb61 |
576 | and \c{ESC [4~} for the End key. \c{rxvt} sends \c{ESC [H} for the |
577 | Home key and \c{ESC [Ow} for the End key. |
578 | |
579 | If you find an application on which the Home and End keys aren't |
580 | working, you could try switching this option to see if it helps. |
581 | |
421406a4 |
582 | \S{config-funkeys} Changing the action of the \i{function keys} and |
583 | \i{keypad} |
55ba634a |
584 | |
70133c0e |
585 | \cfg{winhelp-topic}{keyboard.funkeys} |
586 | |
1630bb61 |
587 | This option affects the function keys (F1 to F12) and the top row of |
588 | the numeric keypad. |
589 | |
590 | \b In the default mode, labelled \c{ESC [n~}, the function keys |
591 | generate sequences like \c{ESC [11~}, \c{ESC [12~} and so on. This |
592 | matches the general behaviour of Digital's terminals. |
593 | |
594 | \b In Linux mode, F6 to F12 behave just like the default mode, but |
595 | F1 to F5 generate \c{ESC [[A} through to \c{ESC [[E}. This mimics the |
421406a4 |
596 | \i{Linux virtual console}. |
1630bb61 |
597 | |
421406a4 |
598 | \b In \I{xterm}Xterm R6 mode, F5 to F12 behave like the default mode, but F1 |
1630bb61 |
599 | to F4 generate \c{ESC OP} through to \c{ESC OS}, which are the |
600 | sequences produced by the top row of the \e{keypad} on Digital's |
601 | terminals. |
602 | |
421406a4 |
603 | \b In \i{VT400} mode, all the function keys behave like the default |
1630bb61 |
604 | mode, but the actual top row of the numeric keypad generates \c{ESC |
605 | OP} through to \c{ESC OS}. |
606 | |
421406a4 |
607 | \b In \i{VT100+} mode, the function keys generate \c{ESC OP} through to |
350ee898 |
608 | \c{ESC O[} |
609 | |
421406a4 |
610 | \b In \i{SCO} mode, the function keys F1 to F12 generate \c{ESC [M} |
350ee898 |
611 | through to \c{ESC [X}. Together with shift, they generate \c{ESC [Y} |
612 | through to \c{ESC [j}. With control they generate \c{ESC [k} through |
613 | to \c{ESC [v}, and with shift and control together they generate |
614 | \c{ESC [w} through to \c{ESC [\{}. |
615 | |
1630bb61 |
616 | If you don't know what any of this means, you probably don't need to |
617 | fiddle with it. |
618 | |
421406a4 |
619 | \S{config-appcursor} Controlling \i{Application Cursor Keys} mode |
55ba634a |
620 | |
70133c0e |
621 | \cfg{winhelp-topic}{keyboard.appcursor} |
622 | |
1630bb61 |
623 | Application Cursor Keys mode is a way for the server to change the |
624 | control sequences sent by the arrow keys. In normal mode, the arrow |
625 | keys send \c{ESC [A} through to \c{ESC [D}. In application mode, |
626 | they send \c{ESC OA} through to \c{ESC OD}. |
627 | |
628 | Application Cursor Keys mode can be turned on and off by the server, |
629 | depending on the application. PuTTY allows you to configure the |
0d2086c5 |
630 | initial state. |
631 | |
632 | You can also disable application cursor keys mode completely, using |
633 | the \q{Features} configuration panel; see |
634 | \k{config-features-application}. |
1630bb61 |
635 | |
421406a4 |
636 | \S{config-appkeypad} Controlling \i{Application Keypad} mode |
55ba634a |
637 | |
70133c0e |
638 | \cfg{winhelp-topic}{keyboard.appkeypad} |
639 | |
1630bb61 |
640 | Application Keypad mode is a way for the server to change the |
641 | behaviour of the numeric keypad. |
642 | |
643 | In normal mode, the keypad behaves like a normal Windows keypad: |
421406a4 |
644 | with \i{NumLock} on, the number keys generate numbers, and with NumLock |
1630bb61 |
645 | off they act like the arrow keys and Home, End etc. |
646 | |
647 | In application mode, all the keypad keys send special control |
648 | sequences, \e{including} Num Lock. Num Lock stops behaving like Num |
649 | Lock and becomes another function key. |
650 | |
651 | Depending on which version of Windows you run, you may find the Num |
652 | Lock light still flashes on and off every time you press Num Lock, |
653 | even when application mode is active and Num Lock is acting like a |
654 | function key. This is unavoidable. |
655 | |
656 | Application keypad mode can be turned on and off by the server, |
657 | depending on the application. PuTTY allows you to configure the |
0d2086c5 |
658 | initial state. |
659 | |
660 | You can also disable application keypad mode completely, using the |
661 | \q{Features} configuration panel; see |
662 | \k{config-features-application}. |
1630bb61 |
663 | |
421406a4 |
664 | \S{config-nethack} Using \i{NetHack keypad mode} |
55ba634a |
665 | |
70133c0e |
666 | \cfg{winhelp-topic}{keyboard.nethack} |
667 | |
1630bb61 |
668 | PuTTY has a special mode for playing NetHack. You can enable it by |
669 | selecting \q{NetHack} in the \q{Initial state of numeric keypad} |
670 | control. |
671 | |
672 | In this mode, the numeric keypad keys 1-9 generate the NetHack |
673 | movement commands (\cw{hjklyubn}). The 5 key generates the \c{.} |
674 | command (do nothing). |
675 | |
a988ce30 |
676 | In addition, pressing Shift or Ctrl with the keypad keys generate |
677 | the Shift- or Ctrl-keys you would expect (e.g. keypad-7 generates |
678 | \cq{y}, so Shift-keypad-7 generates \cq{Y} and Ctrl-keypad-7 |
679 | generates Ctrl-Y); these commands tell NetHack to keep moving you in |
680 | the same direction until you encounter something interesting. |
1630bb61 |
681 | |
421406a4 |
682 | For some reason, this feature only works properly when \i{Num Lock} is |
1630bb61 |
683 | on. We don't know why. |
684 | |
421406a4 |
685 | \S{config-compose} Enabling a DEC-like \ii{Compose key} |
55ba634a |
686 | |
70133c0e |
687 | \cfg{winhelp-topic}{keyboard.compose} |
688 | |
1630bb61 |
689 | DEC terminals have a Compose key, which provides an easy-to-remember |
421406a4 |
690 | way of typing \i{accented characters}. You press Compose and then type |
1630bb61 |
691 | two more characters. The two characters are \q{combined} to produce |
692 | an accented character. The choices of character are designed to be |
693 | easy to remember; for example, composing \q{e} and \q{`} produces |
694 | the \q{\u00e8{e-grave}} character. |
695 | |
421406a4 |
696 | If your keyboard has a Windows \i{Application key}, it acts as a Compose |
697 | key in PuTTY. Alternatively, if you enable the \q{\i{AltGr} acts as |
3b7825af |
698 | Compose key} option, the AltGr key will become a Compose key. |
1630bb61 |
699 | |
421406a4 |
700 | \S{config-ctrlalt} \q{Control-Alt is different from \i{AltGr}} |
b5752f1b |
701 | |
70133c0e |
702 | \cfg{winhelp-topic}{keyboard.ctrlalt} |
703 | |
add788fc |
704 | Some old keyboards do not have an AltGr key, which can make it |
705 | difficult to type some characters. PuTTY can be configured to treat |
706 | the key combination Ctrl + Left Alt the same way as the AltGr key. |
b5752f1b |
707 | |
add788fc |
708 | By default, this checkbox is checked, and the key combination Ctrl + |
709 | Left Alt does something completely different. PuTTY's usual handling |
710 | of the left Alt key is to prefix the Escape (Control-\cw{[}) |
711 | character to whatever character sequence the rest of the keypress |
712 | would generate. For example, Alt-A generates Escape followed by |
713 | \c{a}. So Alt-Ctrl-A would generate Escape, followed by Control-A. |
b5752f1b |
714 | |
add788fc |
715 | If you uncheck this box, Ctrl-Alt will become a synonym for AltGr, |
716 | so you can use it to type extra graphic characters if your keyboard |
717 | has any. |
b5752f1b |
718 | |
3b7825af |
719 | (However, Ctrl-Alt will never act as a Compose key, regardless of the |
720 | setting of \q{AltGr acts as Compose key} described in |
721 | \k{config-compose}.) |
722 | |
a5a6cb30 |
723 | \H{config-bell} The Bell panel |
724 | |
421406a4 |
725 | The Bell panel controls the \i{terminal bell} feature: the server's |
a5a6cb30 |
726 | ability to cause PuTTY to beep at you. |
727 | |
728 | In the default configuration, when the server sends the character |
421406a4 |
729 | with ASCII code 7 (Control-G), PuTTY will play the \i{Windows Default |
730 | Beep} sound. This is not always what you want the terminal bell |
a5a6cb30 |
731 | feature to do; the Bell panel allows you to configure alternative |
732 | actions. |
733 | |
734 | \S{config-bellstyle} \q{Set the style of bell} |
735 | |
70133c0e |
736 | \cfg{winhelp-topic}{bell.style} |
737 | |
a5a6cb30 |
738 | This control allows you to select various different actions to occur |
739 | on a terminal bell: |
740 | |
421406a4 |
741 | \b Selecting \q{None} \I{terminal bell, disabling}disables the bell |
742 | completely. In this mode, the server can send as many Control-G |
743 | characters as it likes and nothing at all will happen. |
a5a6cb30 |
744 | |
fe8abbf4 |
745 | \b \q{Make default system alert sound} is the default setting. It |
746 | causes the Windows \q{Default Beep} sound to be played. To change |
747 | what this sound is, or to test it if nothing seems to be happening, |
748 | use the Sound configurer in the Windows Control Panel. |
749 | |
421406a4 |
750 | \b \q{\ii{Visual bell}} is a silent alternative to a beeping computer. In |
fe8abbf4 |
751 | this mode, when the server sends a Control-G, the whole PuTTY window |
752 | will flash white for a fraction of a second. |
a5a6cb30 |
753 | |
421406a4 |
754 | \b \q{Beep using the \i{PC speaker}} is self-explanatory. |
cfe9ce14 |
755 | |
421406a4 |
756 | \b \q{Play a custom \i{sound file}} allows you to specify a particular |
a5a6cb30 |
757 | sound file to be used by PuTTY alone, or even by a particular |
758 | individual PuTTY session. This allows you to distinguish your PuTTY |
759 | beeps from any other beeps on the system. If you select this option, |
760 | you will also need to enter the name of your sound file in the edit |
761 | control \q{Custom sound file to play as a bell}. |
762 | |
421406a4 |
763 | \S{config-belltaskbar} \q{\ii{Taskbar}/\I{window caption}caption |
764 | indication on bell} |
a5a6cb30 |
765 | |
70133c0e |
766 | \cfg{winhelp-topic}{bell.taskbar} |
767 | |
a5a6cb30 |
768 | This feature controls what happens to the PuTTY window's entry in |
769 | the Windows Taskbar if a bell occurs while the window does not have |
770 | the input focus. |
771 | |
772 | In the default state (\q{Disabled}) nothing unusual happens. |
773 | |
774 | If you select \q{Steady}, then when a bell occurs and the window is |
775 | not in focus, the window's Taskbar entry and its title bar will |
776 | change colour to let you know that PuTTY session is asking for your |
777 | attention. The change of colour will persist until you select the |
778 | window, so you can leave several PuTTY windows minimised in your |
779 | terminal, go away from your keyboard, and be sure not to have missed |
780 | any important beeps when you get back. |
781 | |
782 | \q{Flashing} is even more eye-catching: the Taskbar entry will |
783 | continuously flash on and off until you select the window. |
784 | |
421406a4 |
785 | \S{config-bellovl} \q{Control the \i{bell overload} behaviour} |
a5a6cb30 |
786 | |
70133c0e |
787 | \cfg{winhelp-topic}{bell.overload} |
788 | |
a5a6cb30 |
789 | A common user error in a terminal session is to accidentally run the |
790 | Unix command \c{cat} (or equivalent) on an inappropriate file type, |
791 | such as an executable, image file, or ZIP file. This produces a huge |
792 | stream of non-text characters sent to the terminal, which typically |
793 | includes a lot of bell characters. As a result of this the terminal |
794 | often doesn't stop beeping for ten minutes, and everybody else in |
795 | the office gets annoyed. |
796 | |
797 | To try to avoid this behaviour, or any other cause of excessive |
798 | beeping, PuTTY includes a bell overload management feature. In the |
799 | default configuration, receiving more than five bell characters in a |
800 | two-second period will cause the overload feature to activate. Once |
421406a4 |
801 | the overload feature is active, further bells will \I{terminal bell, |
802 | disabling} have no effect at all, so the rest of your binary file |
803 | will be sent to the screen in silence. After a period of five seconds |
804 | during which no further bells are received, the overload feature will |
805 | turn itself off again and bells will be re-enabled. |
a5a6cb30 |
806 | |
807 | If you want this feature completely disabled, you can turn it off |
808 | using the checkbox \q{Bell is temporarily disabled when over-used}. |
809 | |
810 | Alternatively, if you like the bell overload feature but don't agree |
811 | with the settings, you can configure the details: how many bells |
812 | constitute an overload, how short a time period they have to arrive |
813 | in to do so, and how much silent time is required before the |
814 | overload feature will deactivate itself. |
815 | |
2cb50250 |
816 | Bell overload mode is always deactivated by any keypress in the |
817 | terminal. This means it can respond to large unexpected streams of |
818 | data, but does not interfere with ordinary command-line activities |
819 | that generate beeps (such as filename completion). |
820 | |
0d2086c5 |
821 | \H{config-features} The Features panel |
822 | |
421406a4 |
823 | PuTTY's \i{terminal emulation} is very highly featured, and can do a lot |
0d2086c5 |
824 | of things under remote server control. Some of these features can |
825 | cause problems due to buggy or strangely configured server |
826 | applications. |
827 | |
828 | The Features configuration panel allows you to disable some of |
829 | PuTTY's more advanced terminal features, in case they cause trouble. |
830 | |
831 | \S{config-features-application} Disabling application keypad and cursor keys |
832 | |
833 | \cfg{winhelp-topic}{features.application} |
834 | |
421406a4 |
835 | \I{Application Keypad}Application keypad mode (see |
836 | \k{config-appkeypad}) and \I{Application Cursor Keys}application |
0d2086c5 |
837 | cursor keys mode (see \k{config-appcursor}) alter the behaviour of |
838 | the keypad and cursor keys. Some applications enable these modes but |
839 | then do not deal correctly with the modified keys. You can force |
840 | these modes to be permanently disabled no matter what the server |
841 | tries to do. |
842 | |
421406a4 |
843 | \S{config-features-mouse} Disabling \cw{xterm}-style \i{mouse reporting} |
c0d36a72 |
844 | |
845 | \cfg{winhelp-topic}{features.mouse} |
846 | |
421406a4 |
847 | PuTTY allows the server to send \i{control codes} that let it take over |
848 | the mouse and use it for purposes other than \i{copy and paste}. |
c0d36a72 |
849 | Applications which use this feature include the text-mode web |
421406a4 |
850 | browser \i\c{links}, the Usenet newsreader \i\c{trn} version 4, and the |
851 | file manager \i\c{mc} (Midnight Commander). |
c0d36a72 |
852 | |
853 | If you find this feature inconvenient, you can disable it using the |
854 | \q{Disable xterm-style mouse reporting} control. With this box |
855 | ticked, the mouse will \e{always} do copy and paste in the normal |
856 | way. |
857 | |
858 | Note that even if the application takes over the mouse, you can |
859 | still manage PuTTY's copy and paste by holding down the Shift key |
860 | while you select and paste, unless you have deliberately turned this |
861 | feature off (see \k{config-mouseshift}). |
862 | |
421406a4 |
863 | \S{config-features-resize} Disabling remote \i{terminal resizing} |
0d2086c5 |
864 | |
865 | \cfg{winhelp-topic}{features.resize} |
866 | |
867 | PuTTY has the ability to change the terminal's size and position in |
868 | response to commands from the server. If you find PuTTY is doing |
869 | this unexpectedly or inconveniently, you can tell PuTTY not to |
870 | respond to those server commands. |
871 | |
421406a4 |
872 | \S{config-features-altscreen} Disabling switching to the \i{alternate screen} |
0d2086c5 |
873 | |
874 | \cfg{winhelp-topic}{features.altscreen} |
875 | |
876 | Many terminals, including PuTTY, support an \q{alternate screen}. |
877 | This is the same size as the ordinary terminal screen, but separate. |
878 | Typically a screen-based program such as a text editor might switch |
879 | the terminal to the alternate screen before starting up. Then at the |
880 | end of the run, it switches back to the primary screen, and you see |
881 | the screen contents just as they were before starting the editor. |
882 | |
883 | Some people prefer this not to happen. If you want your editor to |
884 | run in the same screen as the rest of your terminal activity, you |
885 | can disable the alternate screen feature completely. |
886 | |
421406a4 |
887 | \S{config-features-retitle} Disabling remote \i{window title} changing |
0d2086c5 |
888 | |
889 | \cfg{winhelp-topic}{features.retitle} |
890 | |
891 | PuTTY has the ability to change the window title in response to |
892 | commands from the server. If you find PuTTY is doing this |
893 | unexpectedly or inconveniently, you can tell PuTTY not to respond to |
894 | those server commands. |
895 | |
e65096f2 |
896 | \S{config-features-qtitle} Response to remote \i{window title} querying |
7fcdebd3 |
897 | |
898 | \cfg{winhelp-topic}{features.qtitle} |
899 | |
900 | PuTTY can optionally provide the xterm service of allowing server |
901 | applications to find out the local window title. This feature is |
902 | disabled by default, but you can turn it on if you really want it. |
903 | |
421406a4 |
904 | NOTE that this feature is a \e{potential \i{security hazard}}. If a |
7fcdebd3 |
905 | malicious application can write data to your terminal (for example, |
906 | if you merely \c{cat} a file owned by someone else on the server |
907 | machine), it can change your window title (unless you have disabled |
908 | this as mentioned in \k{config-features-retitle}) and then use this |
909 | service to have the new window title sent back to the server as if |
910 | typed at the keyboard. This allows an attacker to fake keypresses |
911 | and potentially cause your server-side applications to do things you |
912 | didn't want. Therefore this feature is disabled by default, and we |
e65096f2 |
913 | recommend you do not set it to \q{Window title} unless you \e{really} |
914 | know what you are doing. |
915 | |
916 | There are three settings for this option: |
917 | |
918 | \dt \q{None} |
919 | |
920 | \dd PuTTY makes no response whatsoever to the relevant escape |
921 | sequence. This may upset server-side software that is expecting some |
922 | sort of response. |
923 | |
924 | \dt \q{Empty string} |
925 | |
926 | \dd PuTTY makes a well-formed response, but leaves it blank. Thus, |
927 | server-side software that expects a response is kept happy, but an |
928 | attacker cannot influence the response string. This is probably the |
929 | setting you want if you have no better ideas. |
930 | |
931 | \dt \q{Window title} |
932 | |
933 | \dd PuTTY responds with the actual window title. This is dangerous for |
934 | the reasons described above. |
7fcdebd3 |
935 | |
421406a4 |
936 | \S{config-features-dbackspace} Disabling \i{destructive backspace} |
0d2086c5 |
937 | |
938 | \cfg{winhelp-topic}{features.dbackspace} |
939 | |
940 | Normally, when PuTTY receives character 127 (^?) from the server, it |
941 | will perform a \q{destructive backspace}: move the cursor one space |
942 | left and delete the character under it. This can apparently cause |
943 | problems in some applications, so PuTTY provides the ability to |
944 | configure character 127 to perform a normal backspace (without |
945 | deleting a character) instead. |
946 | |
421406a4 |
947 | \S{config-features-charset} Disabling remote \i{character set} |
0d2086c5 |
948 | configuration |
949 | |
950 | \cfg{winhelp-topic}{features.charset} |
951 | |
952 | PuTTY has the ability to change its character set configuration in |
953 | response to commands from the server. Some programs send these |
9eaf90bf |
954 | commands unexpectedly or inconveniently. In particular, \i{BitchX} (an |
0d2086c5 |
955 | IRC client) seems to have a habit of reconfiguring the character set |
956 | to something other than the user intended. |
957 | |
958 | If you find that accented characters are not showing up the way you |
959 | expect them to, particularly if you're running BitchX, you could try |
960 | disabling the remote character set configuration commands. |
961 | |
421406a4 |
962 | \S{config-features-shaping} Disabling \i{Arabic text shaping} |
f0fccd51 |
963 | |
964 | \cfg{winhelp-topic}{features.arabicshaping} |
965 | |
966 | PuTTY supports shaping of Arabic text, which means that if your |
421406a4 |
967 | server sends text written in the basic \i{Unicode} Arabic alphabet then |
f0fccd51 |
968 | it will convert it to the correct display forms before printing it |
969 | on the screen. |
970 | |
971 | If you are using full-screen software which was not expecting this |
972 | to happen (especially if you are not an Arabic speaker and you |
973 | unexpectedly find yourself dealing with Arabic text files in |
974 | applications which are not Arabic-aware), you might find that the |
421406a4 |
975 | \i{display becomes corrupted}. By ticking this box, you can disable |
f0fccd51 |
976 | Arabic text shaping so that PuTTY displays precisely the characters |
977 | it is told to display. |
978 | |
979 | You may also find you need to disable bidirectional text display; |
34ef39bd |
980 | see \k{config-features-bidi}. |
f0fccd51 |
981 | |
421406a4 |
982 | \S{config-features-bidi} Disabling \i{bidirectional text} display |
f0fccd51 |
983 | |
984 | \cfg{winhelp-topic}{features.bidi} |
985 | |
986 | PuTTY supports bidirectional text display, which means that if your |
987 | server sends text written in a language which is usually displayed |
421406a4 |
988 | from right to left (such as \i{Arabic} or \i{Hebrew}) then PuTTY will |
f0fccd51 |
989 | automatically flip it round so that it is displayed in the right |
990 | direction on the screen. |
991 | |
992 | If you are using full-screen software which was not expecting this |
993 | to happen (especially if you are not an Arabic speaker and you |
994 | unexpectedly find yourself dealing with Arabic text files in |
995 | applications which are not Arabic-aware), you might find that the |
421406a4 |
996 | \i{display becomes corrupted}. By ticking this box, you can disable |
f0fccd51 |
997 | bidirectional text display, so that PuTTY displays text from left to |
998 | right in all situations. |
999 | |
1000 | You may also find you need to disable Arabic text shaping; |
34ef39bd |
1001 | see \k{config-features-shaping}. |
f0fccd51 |
1002 | |
55ba634a |
1003 | \H{config-window} The Window panel |
1004 | |
1630bb61 |
1005 | The Window configuration panel allows you to control aspects of the |
421406a4 |
1006 | \i{PuTTY window}. |
1630bb61 |
1007 | |
421406a4 |
1008 | \S{config-winsize} Setting the \I{window size}size of the PuTTY window |
55ba634a |
1009 | |
70133c0e |
1010 | \cfg{winhelp-topic}{window.size} |
1011 | |
b8e45023 |
1012 | The \q{\ii{Columns}} and \q{\ii{Rows}} boxes let you set the PuTTY |
421406a4 |
1013 | window to a precise size. Of course you can also \I{window resizing}drag |
1014 | the window to a new size while a session is running. |
1630bb61 |
1015 | |
a5a6cb30 |
1016 | \S{config-winsizelock} What to do when the window is resized |
add788fc |
1017 | |
70133c0e |
1018 | \cfg{winhelp-topic}{window.resize} |
1019 | |
add788fc |
1020 | These options allow you to control what happens when the user tries |
421406a4 |
1021 | to \I{window resizing}resize the PuTTY window using its window furniture. |
add788fc |
1022 | |
5dce67f7 |
1023 | There are four options here: |
add788fc |
1024 | |
5dce67f7 |
1025 | \b \q{Change the number of rows and columns}: the font size will not |
1026 | change. (This is the default.) |
add788fc |
1027 | |
5dce67f7 |
1028 | \b \q{Change the size of the font}: the number of rows and columns in |
421406a4 |
1029 | the terminal will stay the same, and the \i{font size} will change. |
add788fc |
1030 | |
5dce67f7 |
1031 | \b \q{Change font size when maximised}: when the window is resized, |
1032 | the number of rows and columns will change, \e{except} when the window |
5af30f3e |
1033 | is \i{maximise}d (or restored), when the font size will change. (In |
1034 | this mode, holding down the Alt key while resizing will also cause the |
1035 | font size to change.) |
a5a6cb30 |
1036 | |
5dce67f7 |
1037 | \b \q{Forbid resizing completely}: the terminal will refuse to be |
1038 | resized at all. |
1630bb61 |
1039 | |
421406a4 |
1040 | \S{config-scrollback} Controlling \i{scrollback} |
55ba634a |
1041 | |
70133c0e |
1042 | \cfg{winhelp-topic}{window.scrollback} |
1043 | |
fc5a8711 |
1044 | These options let you configure the way PuTTY keeps text after it |
1045 | scrolls off the top of the screen (see \k{using-scrollback}). |
1630bb61 |
1046 | |
1047 | The \q{Lines of scrollback} box lets you configure how many lines of |
a5a6cb30 |
1048 | text PuTTY keeps. The \q{Display scrollbar} options allow you to |
421406a4 |
1049 | hide the \i{scrollbar} (although you can still view the scrollback using |
01fe3d80 |
1050 | the keyboard as described in \k{using-scrollback}). You can separately |
421406a4 |
1051 | configure whether the scrollbar is shown in \i{full-screen} mode and in |
01fe3d80 |
1052 | normal modes. |
1630bb61 |
1053 | |
1054 | If you are viewing part of the scrollback when the server sends more |
1055 | text to PuTTY, the screen will revert to showing the current |
1056 | terminal contents. You can disable this behaviour by turning off |
1057 | \q{Reset scrollback on display activity}. You can also make the |
1058 | screen revert when you press a key, by turning on \q{Reset |
1059 | scrollback on keypress}. |
1060 | |
ec3f19be |
1061 | \S{config-erasetoscrollback} \q{Push erased text into scrollback} |
876e5d5e |
1062 | |
1063 | \cfg{winhelp-topic}{window.erased} |
1064 | |
1065 | When this option is enabled, the contents of the terminal screen |
1066 | will be pushed into the scrollback when a server-side application |
1067 | clears the screen, so that your scrollback will contain a better |
1068 | record of what was on your screen in the past. |
1069 | |
421406a4 |
1070 | If the application switches to the \i{alternate screen} (see |
876e5d5e |
1071 | \k{config-features-altscreen} for more about this), then the |
1072 | contents of the primary screen will be visible in the scrollback |
1073 | until the application switches back again. |
1074 | |
1075 | This option is enabled by default. |
1076 | |
55ba634a |
1077 | \H{config-appearance} The Appearance panel |
1078 | |
1630bb61 |
1079 | The Appearance configuration panel allows you to control aspects of |
421406a4 |
1080 | the appearance of \I{PuTTY window}PuTTY's window. |
1630bb61 |
1081 | |
421406a4 |
1082 | \S{config-cursor} Controlling the appearance of the \i{cursor} |
55ba634a |
1083 | |
70133c0e |
1084 | \cfg{winhelp-topic}{appearance.cursor} |
1085 | |
26c8f51a |
1086 | The \q{Cursor appearance} option lets you configure the cursor to be |
1087 | a block, an underline, or a vertical line. A block cursor becomes an |
1088 | empty box when the window loses focus; an underline or a vertical |
1089 | line becomes dotted. |
1090 | |
421406a4 |
1091 | The \q{\ii{Cursor blinks}} option makes the cursor blink on and off. This |
26c8f51a |
1092 | works in any of the cursor modes. |
55ba634a |
1093 | |
421406a4 |
1094 | \S{config-font} Controlling the \i{font} used in the terminal window |
55ba634a |
1095 | |
70133c0e |
1096 | \cfg{winhelp-topic}{appearance.font} |
1097 | |
421406a4 |
1098 | This option allows you to choose what font, in what \I{font size}size, |
14ce9887 |
1099 | the PuTTY terminal window uses to display the text in the session. |
1100 | |
1101 | By default, you will be offered a choice from all the fixed-width |
1102 | fonts installed on the system, since VT100-style terminal handling |
1103 | expects a fixed-width font. If you tick the box marked \q{Allow |
1104 | selection of variable-pitch fonts}, however, PuTTY will offer |
1105 | variable-width fonts as well: if you select one of these, the font |
1106 | will be coerced into fixed-size character cells, which will probably |
1107 | not look very good (but can work OK with some fonts). |
26c8f51a |
1108 | |
421406a4 |
1109 | \S{config-mouseptr} \q{Hide \i{mouse pointer} when typing in window} |
add788fc |
1110 | |
70133c0e |
1111 | \cfg{winhelp-topic}{appearance.hidemouse} |
1112 | |
add788fc |
1113 | If you enable this option, the mouse pointer will disappear if the |
1114 | PuTTY window is selected and you press a key. This way, it will not |
1115 | obscure any of the text in the window while you work in your |
1116 | session. As soon as you move the mouse, the pointer will reappear. |
1117 | |
1118 | This option is disabled by default, so the mouse pointer remains |
1119 | visible at all times. |
1120 | |
421406a4 |
1121 | \S{config-winborder} Controlling the \i{window border} |
add788fc |
1122 | |
70133c0e |
1123 | \cfg{winhelp-topic}{appearance.border} |
1124 | |
add788fc |
1125 | PuTTY allows you to configure the appearance of the window border to |
1126 | some extent. |
1127 | |
1128 | The checkbox marked \q{Sunken-edge border} changes the appearance of |
1129 | the window border to something more like a DOS box: the inside edge |
1130 | of the border is highlighted as if it sank down to meet the surface |
1131 | inside the window. This makes the border a little bit thicker as |
1132 | well. It's hard to describe well. Try it and see if you like it. |
1133 | |
1134 | You can also configure a completely blank gap between the text in |
1135 | the window and the border, using the \q{Gap between text and window |
1136 | edge} control. By default this is set at one pixel. You can reduce |
1137 | it to zero, or increase it further. |
1138 | |
a5a6cb30 |
1139 | \H{config-behaviour} The Behaviour panel |
1140 | |
1141 | The Behaviour configuration panel allows you to control aspects of |
421406a4 |
1142 | the behaviour of \I{PuTTY window}PuTTY's window. |
a5a6cb30 |
1143 | |
421406a4 |
1144 | \S{config-title} Controlling the \i{window title} |
fe8abbf4 |
1145 | |
1146 | \cfg{winhelp-topic}{appearance.title} |
1147 | |
1148 | The \q{Window title} edit box allows you to set the title of the |
421406a4 |
1149 | PuTTY window. By default the window title will contain the \i{host name} |
fe8abbf4 |
1150 | followed by \q{PuTTY}, for example \c{server1.example.com - PuTTY}. |
1151 | If you want a different window title, this is where to set it. |
1152 | |
421406a4 |
1153 | PuTTY allows the server to send \c{xterm} \i{control sequence}s which |
bc0bbee2 |
1154 | modify the title of the window in mid-session (unless this is disabled - |
1155 | see \k{config-features-retitle}); the title string set here |
1156 | is therefore only the \e{initial} window title. |
1157 | |
421406a4 |
1158 | As well as the \e{window} title, there is also an \c{xterm} |
1159 | sequence to modify the \I{icon title}title of the window's \e{icon}. |
fe8abbf4 |
1160 | This makes sense in a windowing system where the window becomes an |
1161 | icon when minimised, such as Windows 3.1 or most X Window System |
1162 | setups; but in the Windows 95-like user interface it isn't as |
1163 | applicable. |
1164 | |
1165 | By default, PuTTY only uses the server-supplied \e{window} title, and |
1166 | ignores the icon title entirely. If for some reason you want to see |
1167 | both titles, check the box marked \q{Separate window and icon titles}. |
421406a4 |
1168 | If you do this, PuTTY's window title and Taskbar \I{window caption}caption will |
1169 | change into the server-supplied icon title if you \i{minimise} the PuTTY |
fe8abbf4 |
1170 | window, and change back to the server-supplied window title if you |
1171 | restore it. (If the server has not bothered to supply a window or |
1172 | icon title, none of this will happen.) |
1173 | |
421406a4 |
1174 | \S{config-warnonclose} \q{Warn before \i{closing window}} |
a5a6cb30 |
1175 | |
70133c0e |
1176 | \cfg{winhelp-topic}{behaviour.closewarn} |
1177 | |
421406a4 |
1178 | If you press the \i{Close button} in a PuTTY window that contains a |
a5a6cb30 |
1179 | running session, PuTTY will put up a warning window asking if you |
1180 | really meant to close the window. A window whose session has already |
1181 | terminated can always be closed without a warning. |
1182 | |
1183 | If you want to be able to close a window quickly, you can disable |
1184 | the \q{Warn before closing window} option. |
1185 | |
421406a4 |
1186 | \S{config-altf4} \q{Window closes on \i{ALT-F4}} |
a5a6cb30 |
1187 | |
70133c0e |
1188 | \cfg{winhelp-topic}{behaviour.altf4} |
1189 | |
421406a4 |
1190 | By default, pressing ALT-F4 causes the \I{closing window}window to |
1191 | close (or a warning box to appear; see \k{config-warnonclose}). If you |
1192 | disable the \q{Window closes on ALT-F4} option, then pressing ALT-F4 |
1193 | will simply send a key sequence to the server. |
a5a6cb30 |
1194 | |
421406a4 |
1195 | \S{config-altspace} \q{\ii{System menu} appears on \i{ALT-Space}} |
a5a6cb30 |
1196 | |
70133c0e |
1197 | \cfg{winhelp-topic}{behaviour.altspace} |
1198 | |
a5a6cb30 |
1199 | If this option is enabled, then pressing ALT-Space will bring up the |
1200 | PuTTY window's menu, like clicking on the top left corner. If it is |
1201 | disabled, then pressing ALT-Space will just send \c{ESC SPACE} to |
1202 | the server. |
1203 | |
421406a4 |
1204 | Some \i{accessibility} programs for Windows may need this option |
a5a6cb30 |
1205 | enabling to be able to control PuTTY's window successfully. For |
421406a4 |
1206 | instance, \i{Dragon NaturallySpeaking} requires it both to open the |
a5a6cb30 |
1207 | system menu via voice, and to close, minimise, maximise and restore |
1208 | the window. |
1209 | |
421406a4 |
1210 | \S{config-altonly} \q{\ii{System menu} appears on \i{Alt} alone} |
a5a6cb30 |
1211 | |
70133c0e |
1212 | \cfg{winhelp-topic}{behaviour.altonly} |
1213 | |
a5a6cb30 |
1214 | If this option is enabled, then pressing and releasing ALT will |
1215 | bring up the PuTTY window's menu, like clicking on the top left |
1216 | corner. If it is disabled, then pressing and releasing ALT will have |
1217 | no effect. |
1218 | |
421406a4 |
1219 | \S{config-alwaysontop} \q{Ensure window is \i{always on top}} |
a5a6cb30 |
1220 | |
70133c0e |
1221 | \cfg{winhelp-topic}{behaviour.alwaysontop} |
1222 | |
a5a6cb30 |
1223 | If this option is enabled, the PuTTY window will stay on top of all |
1224 | other windows. |
1225 | |
421406a4 |
1226 | \S{config-fullscreen} \q{\ii{Full screen} on Alt-Enter} |
a5a6cb30 |
1227 | |
70133c0e |
1228 | \cfg{winhelp-topic}{behaviour.altenter} |
1229 | |
a5a6cb30 |
1230 | If this option is enabled, then pressing Alt-Enter will cause the |
2f8d6d43 |
1231 | PuTTY window to become full-screen. Pressing Alt-Enter again will |
1232 | restore the previous window size. |
1233 | |
421406a4 |
1234 | The full-screen feature is also available from the \ii{System menu}, even |
2f8d6d43 |
1235 | when it is configured not to be available on the Alt-Enter key. See |
1236 | \k{using-fullscreen}. |
a5a6cb30 |
1237 | |
55ba634a |
1238 | \H{config-translation} The Translation panel |
1239 | |
1630bb61 |
1240 | The Translation configuration panel allows you to control the |
421406a4 |
1241 | translation between the \i{character set} understood by the server and |
1630bb61 |
1242 | the character set understood by PuTTY. |
1243 | |
add788fc |
1244 | \S{config-charset} Controlling character set translation |
1245 | |
70133c0e |
1246 | \cfg{winhelp-topic}{translation.codepage} |
1247 | |
add788fc |
1248 | During an interactive session, PuTTY receives a stream of 8-bit |
1249 | bytes from the server, and in order to display them on the screen it |
b44d65f4 |
1250 | needs to know what character set to interpret them in. Similarly, |
1251 | PuTTY needs to know how to translate your keystrokes into the encoding |
1252 | the server expects. Unfortunately, there is no satisfactory |
1253 | mechanism for PuTTY and the server to communicate this information, |
1254 | so it must usually be manually configured. |
1255 | |
1256 | There are a lot of character sets to choose from. The \q{Remote |
1257 | character set} option lets you select one. By default PuTTY will |
1258 | attempt to choose a character set that is right for your \i{locale} as |
1259 | reported by Windows; if it gets it wrong, you can select a different |
1260 | one using this control. |
add788fc |
1261 | |
1262 | A few notable character sets are: |
1263 | |
421406a4 |
1264 | \b The \i{ISO-8859} series are all standard character sets that include |
add788fc |
1265 | various accented characters appropriate for different sets of |
1266 | languages. |
55ba634a |
1267 | |
421406a4 |
1268 | \b The \i{Win125x} series are defined by Microsoft, for similar |
add788fc |
1269 | purposes. In particular Win1252 is almost equivalent to ISO-8859-1, |
1270 | but contains a few extra characters such as matched quotes and the |
1271 | Euro symbol. |
55ba634a |
1272 | |
add788fc |
1273 | \b If you want the old IBM PC character set with block graphics and |
421406a4 |
1274 | line-drawing characters, you can select \q{\i{CP437}}. |
add788fc |
1275 | |
421406a4 |
1276 | \b PuTTY also supports \i{Unicode} mode, in which the data coming from |
b44d65f4 |
1277 | the server is interpreted as being in the \i{UTF-8} encoding of Unicode, |
1278 | and keystrokes are sent UTF-8 encoded. If you select \q{UTF-8} as a |
1279 | character set you can use this mode. Not all server-side applications |
1280 | will support it. |
add788fc |
1281 | |
421406a4 |
1282 | If you need support for a numeric \i{code page} which is not listed in |
d8262877 |
1283 | the drop-down list, such as code page 866, then you can try entering |
421406a4 |
1284 | its name manually (\c{\i{CP866}} for example) in the list box. If the |
d8262877 |
1285 | underlying version of Windows has the appropriate translation table |
1286 | installed, PuTTY will use it. |
6c8727b2 |
1287 | |
421406a4 |
1288 | \S{config-cjk-ambig-wide} \q{Treat \i{CJK} ambiguous characters as wide} |
74790953 |
1289 | |
1290 | \cfg{winhelp-topic}{translation.cjkambigwide} |
1291 | |
1292 | There are \I{East Asian Ambiguous characters}some Unicode characters |
421406a4 |
1293 | whose \I{character width}width is not well-defined. In most contexts, such |
1294 | characters should be treated as single-width for the purposes of \I{wrapping, |
1295 | terminal}wrapping and so on; however, in some CJK contexts, they are better |
1296 | treated as double-width for historical reasons, and some server-side |
1297 | applications may expect them to be displayed as such. Setting this option |
1298 | will cause PuTTY to take the double-width interpretation. |
74790953 |
1299 | |
1300 | If you use legacy CJK applications, and you find your lines are |
1301 | wrapping in the wrong places, or you are having other display |
1302 | problems, you might want to play with this setting. |
1303 | |
421406a4 |
1304 | This option only has any effect in \i{UTF-8} mode (see \k{config-charset}). |
74790953 |
1305 | |
421406a4 |
1306 | \S{config-cyr} \q{\i{Caps Lock} acts as \i{Cyrillic} switch} |
add788fc |
1307 | |
70133c0e |
1308 | \cfg{winhelp-topic}{translation.cyrillic} |
1309 | |
add788fc |
1310 | This feature allows you to switch between a US/UK keyboard layout |
1311 | and a Cyrillic keyboard layout by using the Caps Lock key, if you |
421406a4 |
1312 | need to type (for example) \i{Russian} and English side by side in the |
add788fc |
1313 | same document. |
1314 | |
1315 | Currently this feature is not expected to work properly if your |
1316 | native keyboard layout is not US or UK. |
1317 | |
421406a4 |
1318 | \S{config-linedraw} Controlling display of \i{line-drawing characters} |
add788fc |
1319 | |
70133c0e |
1320 | \cfg{winhelp-topic}{translation.linedraw} |
1321 | |
421406a4 |
1322 | VT100-series terminals allow the server to send \i{control sequence}s that |
f80d4744 |
1323 | shift temporarily into a separate character set for drawing simple |
1324 | lines and boxes. However, there are a variety of ways in which PuTTY |
1325 | can attempt to find appropriate characters, and the right one to use |
421406a4 |
1326 | depends on the locally configured \i{font}. In general you should probably |
f80d4744 |
1327 | try lots of options until you find one that your particular font |
1328 | supports. |
1329 | |
1330 | \b \q{Use Unicode line drawing code points} tries to use the box |
421406a4 |
1331 | characters that are present in \i{Unicode}. For good Unicode-supporting |
f80d4744 |
1332 | fonts this is probably the most reliable and functional option. |
1333 | |
1334 | \b \q{Poor man's line drawing} assumes that the font \e{cannot} |
1335 | generate the line and box characters at all, so it will use the |
1336 | \c{+}, \c{-} and \c{|} characters to draw approximations to boxes. |
1337 | You should use this option if none of the other options works. |
add788fc |
1338 | |
1339 | \b \q{Font has XWindows encoding} is for use with fonts that have a |
1340 | special encoding, where the lowest 32 character positions (below the |
1341 | ASCII printable range) contain the line-drawing characters. This is |
1342 | unlikely to be the case with any standard Windows font; it will |
1343 | probably only apply to custom-built fonts or fonts that have been |
1344 | automatically converted from the X Window System. |
1345 | |
1346 | \b \q{Use font in both ANSI and OEM modes} tries to use the same |
1347 | font in two different character sets, to obtain a wider range of |
1348 | characters. This doesn't always work; some fonts claim to be a |
1349 | different size depending on which character set you try to use. |
1350 | |
1351 | \b \q{Use font in OEM mode only} is more reliable than that, but can |
1352 | miss out other characters from the main character set. |
1353 | |
421406a4 |
1354 | \S{config-linedrawpaste} Controlling \i{copy and paste} of line drawing |
add788fc |
1355 | characters |
1356 | |
70133c0e |
1357 | \cfg{winhelp-topic}{selection.linedraw} |
1358 | |
add788fc |
1359 | By default, when you copy and paste a piece of the PuTTY screen that |
931e13e1 |
1360 | contains VT100 line and box drawing characters, PuTTY will paste |
421406a4 |
1361 | them in the form they appear on the screen: either \i{Unicode} line |
931e13e1 |
1362 | drawing code points, or the \q{poor man's} line-drawing characters |
00381fc7 |
1363 | \c{+}, \c{-} and \c{|}. The checkbox \q{Copy and paste VT100 line |
1364 | drawing chars as lqqqk} disables this feature, so line-drawing |
421406a4 |
1365 | characters will be pasted as the \i{ASCII} characters that were printed |
00381fc7 |
1366 | to produce them. This will typically mean they come out mostly as |
1367 | \c{q} and \c{x}, with a scattering of \c{jklmntuvw} at the corners. |
1368 | This might be useful if you were trying to recreate the same box |
1369 | layout in another program, for example. |
931e13e1 |
1370 | |
1371 | Note that this option only applies to line-drawing characters which |
1372 | \e{were} printed by using the VT100 mechanism. Line-drawing |
f80d4744 |
1373 | characters that were received as Unicode code points will paste as |
1374 | Unicode always. |
add788fc |
1375 | |
00381fc7 |
1376 | \H{config-selection} The Selection panel |
1377 | |
421406a4 |
1378 | The Selection panel allows you to control the way \i{copy and paste} |
00381fc7 |
1379 | work in the PuTTY window. |
1380 | |
421406a4 |
1381 | \S{config-rtfpaste} Pasting in \i{Rich Text Format} |
a5a6cb30 |
1382 | |
70133c0e |
1383 | \cfg{winhelp-topic}{selection.rtf} |
1384 | |
a5a6cb30 |
1385 | If you enable \q{Paste to clipboard in RTF as well as plain text}, |
1386 | PuTTY will write formatting information to the clipboard as well as |
f395fb46 |
1387 | the actual text you copy. The effect of this is |
a5a6cb30 |
1388 | that if you paste into (say) a word processor, the text will appear |
f395fb46 |
1389 | in the word processor in the same \i{font}, \i{colour}, and style |
1390 | (e.g. bold, underline) PuTTY was using to display it. |
a5a6cb30 |
1391 | |
1392 | This option can easily be inconvenient, so by default it is |
1393 | disabled. |
1394 | |
55ba634a |
1395 | \S{config-mouse} Changing the actions of the mouse buttons |
1396 | |
70133c0e |
1397 | \cfg{winhelp-topic}{selection.buttons} |
1398 | |
16fcd521 |
1399 | PuTTY's copy and paste mechanism is by default modelled on the Unix |
1400 | \c{xterm} application. The X Window System uses a three-button mouse, |
421406a4 |
1401 | and the convention is that the \i{left button} \I{selecting text}selects, |
1402 | the \i{right button} extends an existing selection, and the |
1403 | \i{middle button} pastes. |
add788fc |
1404 | |
16fcd521 |
1405 | Windows often only has two mouse buttons, so in PuTTY's default |
1406 | configuration (\q{Compromise}), the \e{right} button pastes, and the |
421406a4 |
1407 | \e{middle} button (if you have one) \I{adjusting a selection}extends |
1408 | a selection. |
add788fc |
1409 | |
421406a4 |
1410 | If you have a \i{three-button mouse} and you are already used to the |
add788fc |
1411 | \c{xterm} arrangement, you can select it using the \q{Action of |
1412 | mouse buttons} control. |
1413 | |
16fcd521 |
1414 | Alternatively, with the \q{Windows} option selected, the middle |
421406a4 |
1415 | button extends, and the right button brings up a \i{context menu} (on |
16fcd521 |
1416 | which one of the options is \q{Paste}). (This context menu is always |
1417 | available by holding down Ctrl and right-clicking, regardless of the |
1418 | setting of this option.) |
1419 | |
add788fc |
1420 | \S{config-mouseshift} \q{Shift overrides application's use of mouse} |
1421 | |
70133c0e |
1422 | \cfg{winhelp-topic}{selection.shiftdrag} |
1423 | |
421406a4 |
1424 | PuTTY allows the server to send \i{control codes} that let it |
1425 | \I{mouse reporting}take over the mouse and use it for purposes other |
1426 | than \i{copy and paste}. |
add788fc |
1427 | Applications which use this feature include the text-mode web |
1428 | browser \c{links}, the Usenet newsreader \c{trn} version 4, and the |
1429 | file manager \c{mc} (Midnight Commander). |
1430 | |
1431 | When running one of these applications, pressing the mouse buttons |
1432 | no longer performs copy and paste. If you do need to copy and paste, |
1433 | you can still do so if you hold down Shift while you do your mouse |
1434 | clicks. |
1435 | |
1436 | However, it is possible in theory for applications to even detect |
1437 | and make use of Shift + mouse clicks. We don't know of any |
1438 | applications that do this, but in case someone ever writes one, |
1439 | unchecking the \q{Shift overrides application's use of mouse} |
1440 | checkbox will cause Shift + mouse clicks to go to the server as well |
1441 | (so that mouse-driven copy and paste will be completely disabled). |
1442 | |
c0d36a72 |
1443 | If you want to prevent the application from taking over the mouse at |
1444 | all, you can do this using the Features control panel; see |
1445 | \k{config-features-mouse}. |
1446 | |
a5a6cb30 |
1447 | \S{config-rectselect} Default selection mode |
1448 | |
70133c0e |
1449 | \cfg{winhelp-topic}{selection.rect} |
1450 | |
a5a6cb30 |
1451 | As described in \k{using-selection}, PuTTY has two modes of |
1452 | selecting text to be copied to the clipboard. In the default mode |
1453 | (\q{Normal}), dragging the mouse from point A to point B selects to |
1454 | the end of the line containing A, all the lines in between, and from |
1455 | the very beginning of the line containing B. In the other mode |
1456 | (\q{Rectangular block}), dragging the mouse between two points |
1457 | defines a rectangle, and everything within that rectangle is copied. |
1458 | |
1459 | Normally, you have to hold down Alt while dragging the mouse to |
1460 | select a rectangular block. Using the \q{Default selection mode} |
421406a4 |
1461 | control, you can set \i{rectangular selection} as the default, and then |
a5a6cb30 |
1462 | you have to hold down Alt to get the \e{normal} behaviour. |
1463 | |
421406a4 |
1464 | \S{config-charclasses} Configuring \i{word-by-word selection} |
55ba634a |
1465 | |
70133c0e |
1466 | \cfg{winhelp-topic}{selection.charclasses} |
1467 | |
add788fc |
1468 | PuTTY will select a word at a time in the terminal window if you |
421406a4 |
1469 | \i{double-click} to begin the drag. This panel allows you to control |
add788fc |
1470 | precisely what is considered to be a word. |
1471 | |
1472 | Each character is given a \e{class}, which is a small number |
1473 | (typically 0, 1 or 2). PuTTY considers a single word to be any |
1474 | number of adjacent characters in the same class. So by modifying the |
1475 | assignment of characters to classes, you can modify the word-by-word |
1476 | selection behaviour. |
1477 | |
421406a4 |
1478 | In the default configuration, the \i{character classes} are: |
add788fc |
1479 | |
421406a4 |
1480 | \b Class 0 contains \i{white space} and control characters. |
add788fc |
1481 | |
421406a4 |
1482 | \b Class 1 contains most \i{punctuation}. |
add788fc |
1483 | |
1484 | \b Class 2 contains letters, numbers and a few pieces of punctuation |
1485 | (the double quote, minus sign, period, forward slash and |
1486 | underscore). |
1487 | |
1488 | So, for example, if you assign the \c{@} symbol into character class |
1489 | 2, you will be able to select an e-mail address with just a double |
1490 | click. |
1491 | |
1492 | In order to adjust these assignments, you start by selecting a group |
1493 | of characters in the list box. Then enter a class number in the edit |
1494 | box below, and press the \q{Set} button. |
1495 | |
1496 | This mechanism currently only covers ASCII characters, because it |
1497 | isn't feasible to expand the list to cover the whole of Unicode. |
1498 | |
421406a4 |
1499 | Character class definitions can be modified by \i{control sequence}s |
64734920 |
1500 | sent by the server. This configuration option controls the |
1501 | \e{default} state, which will be restored when you reset the |
1502 | terminal (see \k{reset-terminal}). However, if you modify this |
1503 | option in mid-session using \q{Change Settings}, it will take effect |
1504 | immediately. |
7b74af11 |
1505 | |
55ba634a |
1506 | \H{config-colours} The Colours panel |
1507 | |
421406a4 |
1508 | The Colours panel allows you to control PuTTY's use of \i{colour}. |
1630bb61 |
1509 | |
421406a4 |
1510 | \S{config-ansicolour} \q{Allow terminal to specify \i{ANSI colours}} |
c6f1b8ed |
1511 | |
1512 | \cfg{winhelp-topic}{colours.ansi} |
1513 | |
1514 | This option is enabled by default. If it is disabled, PuTTY will |
421406a4 |
1515 | ignore any \i{control sequence}s sent by the server to request coloured |
c6f1b8ed |
1516 | text. |
1517 | |
1518 | If you have a particularly garish application, you might want to |
1519 | turn this option off and make PuTTY only use the default foreground |
1520 | and background colours. |
1521 | |
421406a4 |
1522 | \S{config-xtermcolour} \q{Allow terminal to use xterm \i{256-colour mode}} |
cecb13f6 |
1523 | |
1524 | \cfg{winhelp-topic}{colours.xterm256} |
1525 | |
1526 | This option is enabled by default. If it is disabled, PuTTY will |
1527 | ignore any control sequences sent by the server which use the |
1528 | extended 256-colour mode supported by recent versions of \cw{xterm}. |
1529 | |
fa29f284 |
1530 | If you have an application which is supposed to use 256-colour mode |
1531 | and it isn't working, you may find you need to tell your server that |
1532 | your terminal supports 256 colours. On Unix, you do this by ensuring |
421406a4 |
1533 | that the setting of \i\cw{TERM} describes a 256-colour-capable |
fa29f284 |
1534 | terminal. You can check this using a command such as \c{infocmp}: |
1535 | |
1536 | \c $ infocmp | grep colors |
1537 | \c colors#256, cols#80, it#8, lines#24, pairs#256, |
1538 | \e bbbbbbbbbb |
1539 | |
1540 | If you do not see \cq{colors#256} in the output, you may need to |
1541 | change your terminal setting. On modern Linux machines, you could |
1542 | try \cq{xterm-256color}. |
1543 | |
863c5362 |
1544 | \S{config-boldcolour} \q{Indicate bolded text by changing} |
55ba634a |
1545 | |
70133c0e |
1546 | \cfg{winhelp-topic}{colours.bold} |
1547 | |
421406a4 |
1548 | When the server sends a \i{control sequence} indicating that some text |
863c5362 |
1549 | should be displayed in \i{bold}, PuTTY can handle this in several |
1550 | ways. It can either change the \i{font} for a bold version, or use the |
1551 | same font in a brighter colour, or it can do both (brighten the colour |
1552 | \e{and} embolden the font). This control lets you choose which. |
1553 | |
1554 | By default bold is indicated by colour, so non-bold text is displayed |
1555 | in light grey and bold text is displayed in bright white (and |
1556 | similarly in other colours). If you change the setting to \q{The font} |
1557 | box, bold and non-bold text will be displayed in the same colour, and |
1558 | instead the font will change to indicate the difference. If you select |
1559 | \q{Both}, the font and the colour will both change. |
add788fc |
1560 | |
421406a4 |
1561 | \S{config-logpalette} \q{Attempt to use \i{logical palettes}} |
55ba634a |
1562 | |
70133c0e |
1563 | \cfg{winhelp-topic}{colours.logpal} |
1564 | |
add788fc |
1565 | Logical palettes are a mechanism by which a Windows application |
421406a4 |
1566 | running on an \i{8-bit colour} display can select precisely the colours |
add788fc |
1567 | it wants instead of going with the Windows standard defaults. |
1568 | |
1569 | If you are not getting the colours you ask for on an 8-bit display, |
1570 | you can try enabling this option. However, be warned that it's never |
1571 | worked very well. |
1572 | |
421406a4 |
1573 | \S{config-syscolour} \q{Use \i{system colours}} |
26d1da7b |
1574 | |
1575 | \cfg{winhelp-topic}{colours.system} |
1576 | |
1577 | Enabling this option will cause PuTTY to ignore the configured colours |
421406a4 |
1578 | for \I{default background}\I{default foreground}\q{Default |
1579 | Background/Foreground} and \I{cursor colour}\q{Cursor Colour/Text} (see |
26d1da7b |
1580 | \k{config-colourcfg}), instead going with the system-wide defaults. |
1581 | |
421406a4 |
1582 | Note that non-bold and \i{bold text} will be the same colour if this |
26d1da7b |
1583 | option is enabled. You might want to change to indicating bold text |
1584 | by font changes (see \k{config-boldcolour}). |
1585 | |
421406a4 |
1586 | \S{config-colourcfg} Adjusting the colours in the \i{terminal window} |
55ba634a |
1587 | |
70133c0e |
1588 | \cfg{winhelp-topic}{colours.config} |
1589 | |
add788fc |
1590 | The main colour control allows you to specify exactly what colours |
1591 | things should be displayed in. To modify one of the PuTTY colours, |
421406a4 |
1592 | use the list box to select which colour you want to modify. The \i{RGB |
1593 | values} for that colour will appear on the right-hand side of the |
add788fc |
1594 | list box. Now, if you press the \q{Modify} button, you will be |
1595 | presented with a colour selector, in which you can choose a new |
3d025d91 |
1596 | colour to go in place of the old one. (You may also edit the RGB |
1597 | values directly in the edit boxes, if you wish; each value is an |
1598 | integer from 0 to 255.) |
add788fc |
1599 | |
421406a4 |
1600 | PuTTY allows you to set the \i{cursor colour}, the \i{default foreground} |
1601 | and \I{default background}background, and the precise shades of all the |
1602 | \I{ANSI colours}ANSI configurable colours (black, red, green, yellow, blue, |
1603 | magenta, cyan, and white). You can also modify the precise shades used for |
1604 | the \i{bold} versions of these colours; these are used to display bold text |
1605 | if you have selected \q{Bolded text is a different colour}, and can also be |
1606 | used if the server asks specifically to use them. (Note that \q{Default |
5dce67f7 |
1607 | Bold Background} is \e{not} the background colour used for bold text; |
1608 | it is only used if the server specifically asks for a bold |
1609 | background.) |
add788fc |
1610 | |
55ba634a |
1611 | \H{config-connection} The Connection panel |
1612 | |
1630bb61 |
1613 | The Connection panel allows you to configure options that apply to |
421406a4 |
1614 | more than one type of \i{connection}. |
1630bb61 |
1615 | |
421406a4 |
1616 | \S{config-keepalive} Using \i{keepalives} to prevent disconnection |
55ba634a |
1617 | |
70133c0e |
1618 | \cfg{winhelp-topic}{connection.keepalive} |
1619 | |
9d219e03 |
1620 | If you find your sessions are closing unexpectedly (most often with |
1621 | \q{Connection reset by peer}) after they have been idle for a while, |
1622 | you might want to try using this option. |
c33f3243 |
1623 | |
421406a4 |
1624 | Some network \i{routers} and \i{firewalls} need to keep track of all |
c33f3243 |
1625 | connections through them. Usually, these firewalls will assume a |
1626 | connection is dead if no data is transferred in either direction |
1627 | after a certain time interval. This can cause PuTTY sessions to be |
1628 | unexpectedly closed by the firewall if no traffic is seen in the |
1629 | session for some time. |
1630 | |
1631 | The keepalive option (\q{Seconds between keepalives}) allows you to |
1632 | configure PuTTY to send data through the session at regular |
1633 | intervals, in a way that does not disrupt the actual terminal |
421406a4 |
1634 | session. If you find your firewall is cutting \i{idle connections} off, |
c33f3243 |
1635 | you can try entering a non-zero value in this field. The value is |
1636 | measured in seconds; so, for example, if your firewall cuts |
1637 | connections off after ten minutes then you might want to enter 300 |
1638 | seconds (5 minutes) in the box. |
1639 | |
1640 | Note that keepalives are not always helpful. They help if you have a |
1641 | firewall which drops your connection after an idle period; but if |
421406a4 |
1642 | the network between you and the server suffers from \i{breaks in |
1643 | connectivity} then keepalives can actually make things worse. If a |
c33f3243 |
1644 | session is idle, and connectivity is temporarily lost between the |
1645 | endpoints, but the connectivity is restored before either side tries |
1646 | to send anything, then there will be no problem - neither endpoint |
1647 | will notice that anything was wrong. However, if one side does send |
1648 | something during the break, it will repeatedly try to re-send, and |
1649 | eventually give up and abandon the connection. Then when |
1650 | connectivity is restored, the other side will find that the first |
1651 | side doesn't believe there is an open connection any more. |
1652 | Keepalives can make this sort of problem worse, because they |
1653 | increase the probability that PuTTY will attempt to send data during |
894a2d7b |
1654 | a break in connectivity. (Other types of periodic network activity |
cfc65cdc |
1655 | can cause this behaviour; in particular, SSH-2 re-keys can have |
894a2d7b |
1656 | this effect. See \k{config-ssh-kex-rekey}.) |
1657 | |
1658 | Therefore, you might find that keepalives help |
c33f3243 |
1659 | connection loss, or you might find they make it worse, depending on |
1660 | what \e{kind} of network problems you have between you and the |
1661 | server. |
1662 | |
1663 | Keepalives are only supported in Telnet and SSH; the Rlogin and Raw |
79bf227b |
1664 | protocols offer no way of implementing them. (For an alternative, see |
1665 | \k{config-tcp-keepalives}.) |
c33f3243 |
1666 | |
421406a4 |
1667 | Note that if you are using \i{SSH-1} and the server has a bug that makes |
2e85c969 |
1668 | it unable to deal with SSH-1 ignore messages (see |
2c9c6388 |
1669 | \k{config-ssh-bug-ignore1}), enabling keepalives will have no effect. |
1670 | |
421406a4 |
1671 | \S{config-nodelay} \q{Disable \i{Nagle's algorithm}} |
81e8bb1b |
1672 | |
70133c0e |
1673 | \cfg{winhelp-topic}{connection.nodelay} |
1674 | |
81e8bb1b |
1675 | Nagle's algorithm is a detail of TCP/IP implementations that tries |
1676 | to minimise the number of small data packets sent down a network |
421406a4 |
1677 | connection. With Nagle's algorithm enabled, PuTTY's \i{bandwidth} usage |
81e8bb1b |
1678 | will be slightly more efficient; with it disabled, you may find you |
1679 | get a faster response to your keystrokes when connecting to some |
1680 | types of server. |
1681 | |
421406a4 |
1682 | The Nagle algorithm is disabled by default for \i{interactive connections}. |
81e8bb1b |
1683 | |
421406a4 |
1684 | \S{config-tcp-keepalives} \q{Enable \i{TCP keepalives}} |
79bf227b |
1685 | |
1686 | \cfg{winhelp-topic}{connection.tcpkeepalive} |
1687 | |
1688 | \e{NOTE:} TCP keepalives should not be confused with the |
1689 | application-level keepalives described in \k{config-keepalive}. If in |
1690 | doubt, you probably want application-level keepalives; TCP keepalives |
1691 | are provided for completeness. |
1692 | |
1693 | The idea of TCP keepalives is similar to application-level keepalives, |
1694 | and the same caveats apply. The main differences are: |
1695 | |
1696 | \b TCP keepalives are available on \e{all} connection types, including |
1697 | Raw and Rlogin. |
1698 | |
1699 | \b The interval between TCP keepalives is usually much longer, |
1700 | typically two hours; this is set by the operating system, and cannot |
1701 | be configured within PuTTY. |
1702 | |
1703 | \b If the operating system does not receive a response to a keepalive, |
3e64ff65 |
1704 | it may send out more in quick succession and terminate the connection |
79bf227b |
1705 | if no response is received. |
1706 | |
421406a4 |
1707 | TCP keepalives may be more useful for ensuring that \i{half-open connections} |
79bf227b |
1708 | are terminated than for keeping a connection alive. |
1709 | |
1710 | TCP keepalives are disabled by default. |
1711 | |
421406a4 |
1712 | \S{config-address-family} \I{Internet protocol version}\q{Internet protocol} |
05581745 |
1713 | |
1714 | \cfg{winhelp-topic}{connection.ipversion} |
1715 | |
1716 | This option allows the user to select between the old and new |
2e523aed |
1717 | Internet protocols and addressing schemes (\i{IPv4} and \i{IPv6}). |
1718 | The selected protocol will be used for most outgoing network |
1719 | connections (including connections to \I{proxy}proxies); however, |
1720 | tunnels have their own configuration, for which see |
1721 | \k{config-ssh-portfwd-address-family}. |
1722 | |
1723 | The default setting is \q{Auto}, which means PuTTY will do something |
05581745 |
1724 | sensible and try to guess which protocol you wanted. (If you specify |
421406a4 |
1725 | a literal \i{Internet address}, it will use whichever protocol that |
1726 | address implies. If you provide a \i{hostname}, it will see what kinds |
05581745 |
1727 | of address exist for that hostname; it will use IPv6 if there is an |
1728 | IPv6 address available, and fall back to IPv4 if not.) |
1729 | |
1730 | If you need to force PuTTY to use a particular protocol, you can |
1731 | explicitly set this to \q{IPv4} or \q{IPv6}. |
1732 | |
881da168 |
1733 | \S{config-loghost} \I{logical host name}\q{Logical name of remote host} |
1734 | |
1735 | \cfg{winhelp-topic}{connection.loghost} |
1736 | |
1737 | This allows you to tell PuTTY that the host it will really end up |
1738 | connecting to is different from where it thinks it is making a |
1739 | network connection. |
1740 | |
1741 | You might use this, for instance, if you had set up an SSH port |
1742 | forwarding in one PuTTY session so that connections to some |
1743 | arbitrary port (say, \cw{localhost} port 10022) were forwarded to a |
1744 | second machine's SSH port (say, \cw{foovax} port 22), and then |
1745 | started a second PuTTY connecting to the forwarded port. |
1746 | |
1747 | In normal usage, the second PuTTY will access the host key cache |
1748 | under the host name and port it actually connected to (i.e. |
1749 | \cw{localhost} port 10022 in this example). Using the logical host |
1750 | name option, however, you can configure the second PuTTY to cache |
1751 | the host key under the name of the host \e{you} know that it's |
1752 | \e{really} going to end up talking to (here \c{foovax}). |
1753 | |
1754 | This can be useful if you expect to connect to the same actual |
1755 | server through many different channels (perhaps because your port |
1756 | forwarding arrangements keep changing): by consistently setting the |
1757 | logical host name, you can arrange that PuTTY will not keep asking |
1758 | you to reconfirm its host key. Conversely, if you expect to use the |
1759 | same local port number for port forwardings to lots of different |
1760 | servers, you probably didn't want any particular server's host key |
1761 | cached under that local port number. |
1762 | |
1763 | If you just enter a host name for this option, PuTTY will cache the |
1764 | SSH host key under the default SSH port for that host, irrespective |
1765 | of the port you really connected to (since the typical scenario is |
1766 | like the above example: you connect to a silly real port number and |
1767 | your connection ends up forwarded to the normal port-22 SSH server |
1768 | of some other machine). To override this, you can append a port |
1769 | number to the logical host name, separated by a colon. E.g. entering |
1770 | \cq{foovax:2200} as the logical host name will cause the host key to |
1771 | be cached as if you had connected to port 2200 of \c{foovax}. |
1772 | |
1773 | If you provide a host name using this option, it is also displayed |
1774 | in other locations which contain the remote host name, such as the |
1775 | default window title and the default SSH password prompt. This |
1776 | reflects the fact that this is the host you're \e{really} connecting |
1777 | to, which is more important than the mere means you happen to be |
1778 | using to contact that host. (This applies even if you're using a |
1779 | protocol other than SSH.) |
1780 | |
05581745 |
1781 | \H{config-data} The Data panel |
1782 | |
1783 | The Data panel allows you to configure various pieces of data which |
1784 | can be sent to the server to affect your connection at the far end. |
1785 | |
3e64ff65 |
1786 | Each option on this panel applies to more than one protocol. |
05581745 |
1787 | Options which apply to only one protocol appear on that protocol's |
1788 | configuration panels. |
1789 | |
421406a4 |
1790 | \S{config-username} \q{\ii{Auto-login username}} |
05581745 |
1791 | |
1792 | \cfg{winhelp-topic}{connection.username} |
1793 | |
1794 | All three of the SSH, Telnet and Rlogin protocols allow you to |
1795 | specify what user name you want to log in as, without having to type |
1796 | it explicitly every time. (Some Telnet servers don't support this.) |
1797 | |
1798 | In this box you can type that user name. |
1799 | |
65ff63e3 |
1800 | \S{config-username-from-env} Use of system username |
471c20b0 |
1801 | |
1802 | \cfg{winhelp-topic}{connection.usernamefromenv} |
1803 | |
1804 | When the previous box (\k{config-username}) is left blank, by default, |
1805 | PuTTY will prompt for a username at the time you make a connection. |
1806 | |
65ff63e3 |
1807 | In some environments, such as the networks of large organisations |
1808 | implementing \i{single sign-on}, a more sensible default may be to use |
1809 | the name of the user logged in to the local operating system (if any); |
1810 | this is particularly likely to be useful with \i{GSSAPI} authentication |
1811 | (see \k{config-ssh-auth-gssapi}). This control allows you to change |
1812 | the default behaviour. |
471c20b0 |
1813 | |
1814 | The current system username is displayed in the dialog as a |
1815 | convenience. It is not saved in the configuration; if a saved session |
1816 | is later used by a different user, that user's name will be used. |
1817 | |
421406a4 |
1818 | \S{config-termtype} \q{\ii{Terminal-type} string} |
05581745 |
1819 | |
1820 | \cfg{winhelp-topic}{connection.termtype} |
1821 | |
1822 | Most servers you might connect to with PuTTY are designed to be |
1823 | connected to from lots of different types of terminal. In order to |
421406a4 |
1824 | send the right \i{control sequence}s to each one, the server will need |
05581745 |
1825 | to know what type of terminal it is dealing with. Therefore, each of |
1826 | the SSH, Telnet and Rlogin protocols allow a text string to be sent |
e81024f9 |
1827 | down the connection describing the terminal. On a \i{Unix} server, |
1828 | this selects an entry from the \i\c{termcap} or \i\c{terminfo} database |
1829 | that tells applications what \i{control sequences} to send to the |
1830 | terminal, and what character sequences to expect the \i{keyboard} |
1831 | to generate. |
05581745 |
1832 | |
421406a4 |
1833 | PuTTY attempts to emulate the Unix \i\c{xterm} program, and by default |
05581745 |
1834 | it reflects this by sending \c{xterm} as a terminal-type string. If |
1835 | you find this is not doing what you want - perhaps the remote |
1836 | system reports \q{Unknown terminal type} - you could try setting |
421406a4 |
1837 | this to something different, such as \i\c{vt220}. |
05581745 |
1838 | |
1839 | If you're not sure whether a problem is due to the terminal type |
1840 | setting or not, you probably need to consult the manual for your |
1841 | application or your server. |
1842 | |
421406a4 |
1843 | \S{config-termspeed} \q{\ii{Terminal speed}s} |
05581745 |
1844 | |
1845 | \cfg{winhelp-topic}{connection.termspeed} |
1846 | |
1847 | The Telnet, Rlogin, and SSH protocols allow the client to specify |
1848 | terminal speeds to the server. |
1849 | |
1850 | This parameter does \e{not} affect the actual speed of the connection, |
1851 | which is always \q{as fast as possible}; it is just a hint that is |
1852 | sometimes used by server software to modify its behaviour. For |
1853 | instance, if a slow speed is indicated, the server may switch to a |
421406a4 |
1854 | less \i{bandwidth}-hungry display mode. |
05581745 |
1855 | |
1856 | The value is usually meaningless in a network environment, but |
1857 | PuTTY lets you configure it, in case you find the server is reacting |
1858 | badly to the default value. |
1859 | |
1860 | The format is a pair of numbers separated by a comma, for instance, |
1861 | \c{38400,38400}. The first number represents the output speed |
1862 | (\e{from} the server) in bits per second, and the second is the input |
1863 | speed (\e{to} the server). (Only the first is used in the Rlogin |
1864 | protocol.) |
1865 | |
1866 | This option has no effect on Raw connections. |
1867 | |
421406a4 |
1868 | \S{config-environ} Setting \i{environment variables} on the server |
05581745 |
1869 | |
1870 | \cfg{winhelp-topic}{telnet.environ} |
1871 | |
1872 | The Telnet protocol provides a means for the client to pass |
1873 | environment variables to the server. Many Telnet servers have |
1874 | stopped supporting this feature due to security flaws, but PuTTY |
1875 | still supports it for the benefit of any servers which have found |
1876 | other ways around the security problems than just disabling the |
1877 | whole mechanism. |
1878 | |
1879 | Version 2 of the SSH protocol also provides a similar mechanism, |
421406a4 |
1880 | which is easier to implement without security flaws. Newer \i{SSH-2} |
05581745 |
1881 | servers are more likely to support it than older ones. |
1882 | |
2e85c969 |
1883 | This configuration data is not used in the SSH-1, rlogin or raw |
05581745 |
1884 | protocols. |
1885 | |
1886 | To add an environment variable to the list transmitted down the |
1887 | connection, you enter the variable name in the \q{Variable} box, |
1888 | enter its value in the \q{Value} box, and press the \q{Add} button. |
1889 | To remove one from the list, select it in the list box and press |
1890 | \q{Remove}. |
1891 | |
0e8f4cda |
1892 | \H{config-proxy} The Proxy panel |
1893 | |
15933a9b |
1894 | \cfg{winhelp-topic}{proxy.main} |
1895 | |
421406a4 |
1896 | The \ii{Proxy} panel allows you to configure PuTTY to use various types |
0e8f4cda |
1897 | of proxy in order to make its network connections. The settings in |
1898 | this panel affect the primary network connection forming your PuTTY |
5dd29cf7 |
1899 | session, and also any extra connections made as a result of SSH \i{port |
421406a4 |
1900 | forwarding} (see \k{using-port-forwarding}). |
0e8f4cda |
1901 | |
b4e54c85 |
1902 | Note that unlike some software (such as web browsers), PuTTY does not |
1903 | attempt to automatically determine whether to use a proxy and (if so) |
1904 | which one to use for a given destination. If you need to use a proxy, |
1905 | it must always be explicitly configured. |
1906 | |
0e8f4cda |
1907 | \S{config-proxy-type} Setting the proxy type |
1908 | |
15933a9b |
1909 | \cfg{winhelp-topic}{proxy.type} |
1910 | |
0e8f4cda |
1911 | The \q{Proxy type} radio buttons allow you to configure what type of |
1912 | proxy you want PuTTY to use for its network connections. The default |
1913 | setting is \q{None}; in this mode no proxy is used for any |
1914 | connection. |
1915 | |
421406a4 |
1916 | \b Selecting \I{HTTP proxy}\q{HTTP} allows you to proxy your connections |
1917 | through a web server supporting the HTTP \cw{CONNECT} command, as documented |
0e8f4cda |
1918 | in \W{http://www.ietf.org/rfc/rfc2817.txt}{RFC 2817}. |
1919 | |
10068a0b |
1920 | \b Selecting \q{SOCKS 4} or \q{SOCKS 5} allows you to proxy your |
421406a4 |
1921 | connections through a \i{SOCKS server}. |
0e8f4cda |
1922 | |
1923 | \b Many firewalls implement a less formal type of proxy in which a |
1924 | user can make a Telnet connection directly to the firewall machine |
1925 | and enter a command such as \c{connect myhost.com 22} to connect |
421406a4 |
1926 | through to an external host. Selecting \I{Telnet proxy}\q{Telnet} |
1927 | allows you to tell PuTTY to use this type of proxy. |
0e8f4cda |
1928 | |
5dd29cf7 |
1929 | \b Selecting \I{Local proxy}\q{Local} allows you to specify an arbitrary |
1930 | command on the local machine to act as a proxy. When the session is |
1931 | started, instead of creating a TCP connection, PuTTY runs the command |
1932 | (specified in \k{config-proxy-command}), and uses its standard input and |
1933 | output streams. |
1934 | |
1935 | \lcont{ |
1936 | This could be used, for instance, to talk to some kind of network proxy |
1937 | that PuTTY does not natively support; or you could tunnel a connection |
1938 | over something other than TCP/IP entirely. |
feb02b4e |
1939 | |
1940 | If you want your local proxy command to make a secondary SSH |
1941 | connection to a proxy host and then tunnel the primary connection |
1942 | over that, you might well want the \c{-nc} command-line option in |
1943 | Plink. See \k{using-cmdline-ncmode} for more information. |
5dd29cf7 |
1944 | } |
1945 | |
0e8f4cda |
1946 | \S{config-proxy-exclude} Excluding parts of the network from proxying |
1947 | |
15933a9b |
1948 | \cfg{winhelp-topic}{proxy.exclude} |
1949 | |
0e8f4cda |
1950 | Typically you will only need to use a proxy to connect to non-local |
1951 | parts of your network; for example, your proxy might be required for |
1952 | connections outside your company's internal network. In the |
1953 | \q{Exclude Hosts/IPs} box you can enter ranges of IP addresses, or |
1954 | ranges of DNS names, for which PuTTY will avoid using the proxy and |
1955 | make a direct connection instead. |
1956 | |
1957 | The \q{Exclude Hosts/IPs} box may contain more than one exclusion |
1958 | range, separated by commas. Each range can be an IP address or a DNS |
1959 | name, with a \c{*} character allowing wildcards. For example: |
1960 | |
1961 | \c *.example.com |
1962 | |
1963 | This excludes any host with a name ending in \c{.example.com} from |
1964 | proxying. |
1965 | |
1966 | \c 192.168.88.* |
1967 | |
1968 | This excludes any host with an IP address starting with 192.168.88 |
1969 | from proxying. |
1970 | |
1971 | \c 192.168.88.*,*.example.com |
1972 | |
1973 | This excludes both of the above ranges at once. |
1974 | |
421406a4 |
1975 | Connections to the local host (the host name \i\c{localhost}, and any |
1976 | \i{loopback IP address}) are never proxied, even if the proxy exclude |
b804e1e5 |
1977 | list does not explicitly contain them. It is very unlikely that this |
1978 | behaviour would ever cause problems, but if it does you can change |
1979 | it by enabling \q{Consider proxying local host connections}. |
1980 | |
421406a4 |
1981 | Note that if you are doing \I{proxy DNS}DNS at the proxy (see |
b7a189f3 |
1982 | \k{config-proxy-dns}), you should make sure that your proxy |
1983 | exclusion settings do not depend on knowing the IP address of a |
1984 | host. If the name is passed on to the proxy without PuTTY looking it |
1985 | up, it will never know the IP address and cannot check it against |
1986 | your list. |
1987 | |
421406a4 |
1988 | \S{config-proxy-dns} \I{proxy DNS}\ii{Name resolution} when using a proxy |
b7a189f3 |
1989 | |
1990 | \cfg{winhelp-topic}{proxy.dns} |
1991 | |
1992 | If you are using a proxy to access a private network, it can make a |
421406a4 |
1993 | difference whether \i{DNS} name resolution is performed by PuTTY itself |
b7a189f3 |
1994 | (on the client machine) or performed by the proxy. |
1995 | |
1996 | The \q{Do DNS name lookup at proxy end} configuration option allows |
1997 | you to control this. If you set it to \q{No}, PuTTY will always do |
1998 | its own DNS, and will always pass an IP address to the proxy. If you |
1999 | set it to \q{Yes}, PuTTY will always pass host names straight to the |
2000 | proxy without trying to look them up first. |
2001 | |
2002 | If you set this option to \q{Auto} (the default), PuTTY will do |
c6e05bdc |
2003 | something it considers appropriate for each type of proxy. Telnet, |
2004 | HTTP, and SOCKS5 proxies will have host names passed straight to |
2005 | them; SOCKS4 proxies will not. |
b7a189f3 |
2006 | |
2007 | Note that if you are doing DNS at the proxy, you should make sure |
2008 | that your proxy exclusion settings (see \k{config-proxy-exclude}) do |
2009 | not depend on knowing the IP address of a host. If the name is |
2010 | passed on to the proxy without PuTTY looking it up, it will never |
2011 | know the IP address and cannot check it against your list. |
2012 | |
2013 | The original SOCKS 4 protocol does not support proxy-side DNS. There |
2014 | is a protocol extension (SOCKS 4A) which does support it, but not |
2015 | all SOCKS 4 servers provide this extension. If you enable proxy DNS |
2016 | and your SOCKS 4 server cannot deal with it, this might be why. |
2017 | |
421406a4 |
2018 | \S{config-proxy-auth} \I{proxy username}Username and \I{proxy password}password |
0e8f4cda |
2019 | |
15933a9b |
2020 | \cfg{winhelp-topic}{proxy.auth} |
2021 | |
421406a4 |
2022 | If your proxy requires \I{proxy authentication}authentication, you can |
2023 | enter a username and a password in the \q{Username} and \q{Password} boxes. |
0e8f4cda |
2024 | |
421406a4 |
2025 | \I{security hazard}Note that if you save your session, the proxy |
2026 | password will be saved in plain text, so anyone who can access your PuTTY |
1074abfd |
2027 | configuration data will be able to discover it. |
2028 | |
0b6baa33 |
2029 | Authentication is not fully supported for all forms of proxy: |
1549e076 |
2030 | |
aab91a3e |
2031 | \b Username and password authentication is supported for HTTP |
2032 | proxies and SOCKS 5 proxies. |
1549e076 |
2033 | |
960e03a5 |
2034 | \lcont{ |
2035 | |
2036 | \b With SOCKS 5, authentication is via \i{CHAP} if the proxy |
2037 | supports it (this is not supported in \i{PuTTYtel}); otherwise the |
421406a4 |
2038 | password is sent to the proxy in \I{plaintext password}plain text. |
960e03a5 |
2039 | |
2040 | \b With HTTP proxying, the only currently supported authentication |
421406a4 |
2041 | method is \I{HTTP basic}\q{basic}, where the password is sent to the proxy |
2042 | in \I{plaintext password}plain text. |
960e03a5 |
2043 | |
2044 | } |
2045 | |
1549e076 |
2046 | \b SOCKS 4 can use the \q{Username} field, but does not support |
2047 | passwords. |
2048 | |
2d129d8e |
2049 | \b You can specify a way to include a username and password in the |
5dd29cf7 |
2050 | Telnet/Local proxy command (see \k{config-proxy-command}). |
0e8f4cda |
2051 | |
5dd29cf7 |
2052 | \S{config-proxy-command} Specifying the Telnet or Local proxy command |
0e8f4cda |
2053 | |
15933a9b |
2054 | \cfg{winhelp-topic}{proxy.command} |
2055 | |
421406a4 |
2056 | If you are using the \i{Telnet proxy} type, the usual command required |
0e8f4cda |
2057 | by the firewall's Telnet server is \c{connect}, followed by a host |
2058 | name and a port number. If your proxy needs a different command, |
2059 | you can enter an alternative here. |
2060 | |
5dd29cf7 |
2061 | If you are using the \i{Local proxy} type, the local command to run |
2062 | is specified here. |
2063 | |
0e8f4cda |
2064 | In this string, you can use \c{\\n} to represent a new-line, \c{\\r} |
2065 | to represent a carriage return, \c{\\t} to represent a tab |
2066 | character, and \c{\\x} followed by two hex digits to represent any |
2067 | other character. \c{\\\\} is used to encode the \c{\\} character |
2068 | itself. |
2069 | |
2070 | Also, the special strings \c{%host} and \c{%port} will be replaced |
2d129d8e |
2071 | by the host name and port number you want to connect to. The strings |
2072 | \c{%user} and \c{%pass} will be replaced by the proxy username and |
5dd29cf7 |
2073 | password you specify. The strings \c{%proxyhost} and \c{%proxyport} |
2074 | will be replaced by the host details specified on the \e{Proxy} panel, |
2075 | if any (this is most likely to be useful for the Local proxy type). |
2076 | To get a literal \c{%} sign, enter \c{%%}. |
2d129d8e |
2077 | |
5dd29cf7 |
2078 | If a Telnet proxy server prompts for a username and password |
2d129d8e |
2079 | before commands can be sent, you can use a command such as: |
2080 | |
0b6baa33 |
2081 | \c %user\n%pass\nconnect %host %port\n |
2d129d8e |
2082 | |
2083 | This will send your username and password as the first two lines to |
2084 | the proxy, followed by a command to connect to the desired host and |
2085 | port. Note that if you do not include the \c{%user} or \c{%pass} |
2086 | tokens in the Telnet command, then the \q{Username} and \q{Password} |
2087 | configuration fields will be ignored. |
0e8f4cda |
2088 | |
421406a4 |
2089 | \H{config-telnet} The \i{Telnet} panel |
55ba634a |
2090 | |
1630bb61 |
2091 | The Telnet panel allows you to configure options that only apply to |
2092 | Telnet sessions. |
2093 | |
55ba634a |
2094 | \S{config-oldenviron} \q{Handling of OLD_ENVIRON ambiguity} |
2095 | |
70133c0e |
2096 | \cfg{winhelp-topic}{telnet.oldenviron} |
2097 | |
421406a4 |
2098 | The original Telnet mechanism for passing \i{environment variables} was |
add788fc |
2099 | badly specified. At the time the standard (RFC 1408) was written, |
2100 | BSD telnet implementations were already supporting the feature, and |
2101 | the intention of the standard was to describe the behaviour the BSD |
2102 | implementations were already using. |
2103 | |
2104 | Sadly there was a typing error in the standard when it was issued, |
2105 | and two vital function codes were specified the wrong way round. BSD |
2106 | implementations did not change, and the standard was not corrected. |
421406a4 |
2107 | Therefore, it's possible you might find either \i{BSD} or \i{RFC}-compliant |
add788fc |
2108 | implementations out there. This switch allows you to choose which |
2109 | one PuTTY claims to be. |
2110 | |
2111 | The problem was solved by issuing a second standard, defining a new |
421406a4 |
2112 | Telnet mechanism called \i\cw{NEW_ENVIRON}, which behaved exactly like |
2113 | the original \i\cw{OLD_ENVIRON} but was not encumbered by existing |
add788fc |
2114 | implementations. Most Telnet servers now support this, and it's |
2115 | unambiguous. This feature should only be needed if you have trouble |
2116 | passing environment variables to quite an old server. |
2117 | |
421406a4 |
2118 | \S{config-ptelnet} Passive and active \i{Telnet negotiation} modes |
add788fc |
2119 | |
70133c0e |
2120 | \cfg{winhelp-topic}{telnet.passive} |
2121 | |
add788fc |
2122 | In a Telnet connection, there are two types of data passed between |
2123 | the client and the server: actual text, and \e{negotiations} about |
2124 | which Telnet extra features to use. |
2125 | |
2126 | PuTTY can use two different strategies for negotiation: |
2127 | |
421406a4 |
2128 | \b In \I{active Telnet negotiation}\e{active} mode, PuTTY starts to send |
2129 | negotiations as soon as the connection is opened. |
add788fc |
2130 | |
421406a4 |
2131 | \b In \I{passive Telnet negotiation}\e{passive} mode, PuTTY will wait to |
2132 | negotiate until it sees a negotiation from the server. |
add788fc |
2133 | |
2134 | The obvious disadvantage of passive mode is that if the server is |
2135 | also operating in a passive mode, then negotiation will never begin |
2136 | at all. For this reason PuTTY defaults to active mode. |
2137 | |
2138 | However, sometimes passive mode is required in order to successfully |
421406a4 |
2139 | get through certain types of firewall and \i{Telnet proxy} server. If |
2140 | you have confusing trouble with a \i{firewall}, you could try enabling |
add788fc |
2141 | passive mode to see if it helps. |
2142 | |
421406a4 |
2143 | \S{config-telnetkey} \q{Keyboard sends \i{Telnet special commands}} |
add788fc |
2144 | |
70133c0e |
2145 | \cfg{winhelp-topic}{telnet.specialkeys} |
2146 | |
76d3d354 |
2147 | If this box is checked, several key sequences will have their normal |
2148 | actions modified: |
2149 | |
2150 | \b the Backspace key on the keyboard will send the \I{Erase Character, |
2151 | Telnet special command}Telnet special backspace code; |
2152 | |
2153 | \b Control-C will send the Telnet special \I{Interrupt Process, Telnet |
2154 | special command}Interrupt Process code; |
2155 | |
2156 | \b Control-Z will send the Telnet special \I{Suspend Process, Telnet |
2157 | special command}Suspend Process code. |
2158 | |
2159 | You probably shouldn't enable this |
add788fc |
2160 | unless you know what you're doing. |
2161 | |
421406a4 |
2162 | \S{config-telnetnl} \q{Return key sends \i{Telnet New Line} instead of ^M} |
eee63b77 |
2163 | |
2164 | \cfg{winhelp-topic}{telnet.newline} |
2165 | |
2166 | Unlike most other remote login protocols, the Telnet protocol has a |
421406a4 |
2167 | special \q{\i{new line}} code that is not the same as the usual line |
eee63b77 |
2168 | endings of Control-M or Control-J. By default, PuTTY sends the |
2169 | Telnet New Line code when you press Return, instead of sending |
2170 | Control-M as it does in most other protocols. |
2171 | |
2172 | Most Unix-style Telnet servers don't mind whether they receive |
2173 | Telnet New Line or Control-M; some servers do expect New Line, and |
2174 | some servers prefer to see ^M. If you are seeing surprising |
2175 | behaviour when you press Return in a Telnet session, you might try |
2176 | turning this option off to see if it helps. |
2177 | |
add788fc |
2178 | \H{config-rlogin} The Rlogin panel |
2179 | |
421406a4 |
2180 | The \i{Rlogin} panel allows you to configure options that only apply to |
add788fc |
2181 | Rlogin sessions. |
2182 | |
421406a4 |
2183 | \S{config-rlogin-localuser} \I{local username in Rlogin}\q{Local username} |
add788fc |
2184 | |
70133c0e |
2185 | \cfg{winhelp-topic}{rlogin.localuser} |
2186 | |
add788fc |
2187 | Rlogin allows an automated (password-free) form of login by means of |
421406a4 |
2188 | a file called \i\c{.rhosts} on the server. You put a line in your |
add788fc |
2189 | \c{.rhosts} file saying something like \c{jbloggs@pc1.example.com}, |
2190 | and then when you make an Rlogin connection the client transmits the |
2191 | username of the user running the Rlogin client. The server checks |
2192 | the username and hostname against \c{.rhosts}, and if they match it |
421406a4 |
2193 | \I{passwordless login}does not ask for a password. |
add788fc |
2194 | |
2195 | This only works because Unix systems contain a safeguard to stop a |
2196 | user from pretending to be another user in an Rlogin connection. |
421406a4 |
2197 | Rlogin connections have to come from \I{privileged port}port numbers below |
2198 | 1024, and Unix systems prohibit this to unprivileged processes; so when the |
add788fc |
2199 | server sees a connection from a low-numbered port, it assumes the |
2200 | client end of the connection is held by a privileged (and therefore |
2201 | trusted) process, so it believes the claim of who the user is. |
2202 | |
2203 | Windows does not have this restriction: \e{any} user can initiate an |
2204 | outgoing connection from a low-numbered port. Hence, the Rlogin |
2205 | \c{.rhosts} mechanism is completely useless for securely |
2206 | distinguishing several different users on a Windows machine. If you |
2207 | have a \c{.rhosts} entry pointing at a Windows PC, you should assume |
421406a4 |
2208 | that \e{anyone} using that PC can \i{spoof} your username in |
2209 | an Rlogin connection and access your account on the server. |
add788fc |
2210 | |
2211 | The \q{Local username} control allows you to specify what user name |
421406a4 |
2212 | PuTTY should claim you have, in case it doesn't match your \i{Windows |
2213 | user name} (or in case you didn't bother to set up a Windows user |
add788fc |
2214 | name). |
2215 | |
55ba634a |
2216 | \H{config-ssh} The SSH panel |
2217 | |
421406a4 |
2218 | The \i{SSH} panel allows you to configure options that only apply to |
1630bb61 |
2219 | SSH sessions. |
2220 | |
55ba634a |
2221 | \S{config-command} Executing a specific command on the server |
2222 | |
70133c0e |
2223 | \cfg{winhelp-topic}{ssh.command} |
2224 | |
add788fc |
2225 | In SSH, you don't have to run a general shell session on the server. |
2226 | Instead, you can choose to run a single specific command (such as a |
2227 | mail user agent, for example). If you want to do this, enter the |
421406a4 |
2228 | command in the \q{\ii{Remote command}} box. |
add788fc |
2229 | |
5fe29099 |
2230 | Note that most servers will close the session after executing the |
2231 | command. |
2232 | |
421406a4 |
2233 | \S{config-ssh-noshell} \q{Don't start a \I{remote shell}shell or |
2234 | \I{remote command}command at all} |
0ed48730 |
2235 | |
2236 | \cfg{winhelp-topic}{ssh.noshell} |
2237 | |
2238 | If you tick this box, PuTTY will not attempt to run a shell or |
2239 | command after connecting to the remote server. You might want to use |
421406a4 |
2240 | this option if you are only using the SSH connection for \i{port |
2241 | forwarding}, and your user account on the server does not have the |
0ed48730 |
2242 | ability to run a shell. |
2243 | |
421406a4 |
2244 | This feature is only available in \i{SSH protocol version 2} (since the |
0ed48730 |
2245 | version 1 protocol assumes you will always want to run a shell). |
2246 | |
2247 | This feature can also be enabled using the \c{-N} command-line |
2248 | option; see \k{using-cmdline-noshell}. |
2249 | |
2250 | If you use this feature in Plink, you will not be able to terminate |
2251 | the Plink process by any graceful means; the only way to kill it |
2252 | will be by pressing Control-C or sending a kill signal from another |
2253 | program. |
2254 | |
421406a4 |
2255 | \S{config-ssh-comp} \q{Enable \i{compression}} |
add788fc |
2256 | |
70133c0e |
2257 | \cfg{winhelp-topic}{ssh.compress} |
2258 | |
add788fc |
2259 | This enables data compression in the SSH connection: data sent by |
2260 | the server is compressed before sending, and decompressed at the |
2261 | client end. Likewise, data sent by PuTTY to the server is compressed |
2262 | first and the server decompresses it at the other end. This can help |
421406a4 |
2263 | make the most of a low-\i{bandwidth} connection. |
add788fc |
2264 | |
421406a4 |
2265 | \S{config-ssh-prot} \q{Preferred \i{SSH protocol version}} |
add788fc |
2266 | |
70133c0e |
2267 | \cfg{winhelp-topic}{ssh.protocol} |
2268 | |
421406a4 |
2269 | This allows you to select whether you would like to use \i{SSH protocol |
2270 | version 1} or \I{SSH-2}version 2. \#{FIXME: say something about this elsewhere?} |
add788fc |
2271 | |
2272 | PuTTY will attempt to use protocol 1 if the server you connect to |
2273 | does not offer protocol 2, and vice versa. |
2274 | |
e117a742 |
2275 | If you select \q{1 only} or \q{2 only} here, PuTTY will only connect |
2276 | if the server you connect to offers the SSH protocol version you |
2277 | have specified. |
05a24552 |
2278 | |
421406a4 |
2279 | \S{config-ssh-encryption} \ii{Encryption} algorithm selection |
add788fc |
2280 | |
70133c0e |
2281 | \cfg{winhelp-topic}{ssh.ciphers} |
2282 | |
421406a4 |
2283 | PuTTY supports a variety of different \i{encryption algorithm}s, and |
add788fc |
2284 | allows you to choose which one you prefer to use. You can do this by |
a5a6cb30 |
2285 | dragging the algorithms up and down in the list box (or moving them |
2286 | using the Up and Down buttons) to specify a preference order. When |
2287 | you make an SSH connection, PuTTY will search down the list from the |
2288 | top until it finds an algorithm supported by the server, and then |
2289 | use that. |
add788fc |
2290 | |
9ec95c23 |
2291 | PuTTY currently supports the following algorithms: |
2292 | |
c7a336a1 |
2293 | \b \i{AES} (Rijndael) - 256, 192, or 128-bit SDCTR or CBC (SSH-2 only) |
9ec95c23 |
2294 | |
a2add208 |
2295 | \b \i{Arcfour} (RC4) - 256 or 128-bit stream cipher (SSH-2 only) |
2296 | |
33f1c161 |
2297 | \b \i{Blowfish} - 256-bit SDCTR (SSH-2 only) or 128-bit CBC |
9ec95c23 |
2298 | |
33f1c161 |
2299 | \b \ii{Triple-DES} - 168-bit SDCTR (SSH-2 only) or CBC |
9ec95c23 |
2300 | |
421406a4 |
2301 | \b \ii{Single-DES} - 56-bit CBC (see below for SSH-2) |
9ec95c23 |
2302 | |
add788fc |
2303 | If the algorithm PuTTY finds is below the \q{warn below here} line, |
2304 | you will see a warning box when you make the connection: |
2305 | |
2306 | \c The first cipher supported by the server |
2307 | \c is single-DES, which is below the configured |
2308 | \c warning threshold. |
2309 | \c Do you want to continue with this connection? |
2310 | |
2311 | This warns you that the first available encryption is not a very |
2312 | secure one. Typically you would put the \q{warn below here} line |
2313 | between the encryptions you consider secure and the ones you |
a5a6cb30 |
2314 | consider substandard. By default, PuTTY supplies a preference order |
2315 | intended to reflect a reasonable preference in terms of security and |
2316 | speed. |
add788fc |
2317 | |
2d24892b |
2318 | In SSH-2, the encryption algorithm is negotiated independently for |
2319 | each direction of the connection, although PuTTY does not support |
2320 | separate configuration of the preference orders. As a result you may |
2321 | get two warnings similar to the one above, possibly with different |
2322 | encryptions. |
2323 | |
4f47cacf |
2324 | Single-DES is not recommended in the SSH-2 protocol |
8f161275 |
2325 | standards, but one or two server implementations do support it. |
2326 | PuTTY can use single-DES to interoperate with |
2327 | these servers if you enable the \q{Enable legacy use of single-DES in |
2e85c969 |
2328 | SSH-2} option; by default this is disabled and PuTTY will stick to |
183f0303 |
2329 | recommended ciphers. |
81e8bb1b |
2330 | |
83e7d008 |
2331 | \H{config-ssh-kex} The Kex panel |
2332 | |
2333 | \# FIXME: This whole section is draft. Feel free to revise. |
2334 | |
421406a4 |
2335 | The Kex panel (short for \q{\i{key exchange}}) allows you to configure |
83e7d008 |
2336 | options related to SSH-2 key exchange. |
2337 | |
2338 | Key exchange occurs at the start of an SSH connection (and |
421406a4 |
2339 | occasionally thereafter); it establishes a \i{shared secret} that is used |
83e7d008 |
2340 | as the basis for all of SSH's security features. It is therefore very |
2341 | important for the security of the connection that the key exchange is |
2342 | secure. |
2343 | |
2344 | Key exchange is a cryptographically intensive process; if either the |
2345 | client or the server is a relatively slow machine, the slower methods |
2346 | may take several tens of seconds to complete. |
2347 | |
2348 | If connection startup is too slow, or the connection hangs |
2349 | periodically, you may want to try changing these settings. |
2350 | |
2351 | If you don't understand what any of this means, it's safe to leave |
2352 | these settings alone. |
2353 | |
2354 | This entire panel is only relevant to SSH protocol version 2; none of |
2355 | these settings affect SSH-1 at all. |
2356 | |
421406a4 |
2357 | \S{config-ssh-kex-order} \ii{Key exchange algorithm} selection |
83e7d008 |
2358 | |
2359 | \cfg{winhelp-topic}{ssh.kex.order} |
2360 | |
2361 | PuTTY supports a variety of SSH-2 key exchange methods, and allows you |
2362 | to choose which one you prefer to use; configuration is similar to |
2363 | cipher selection (see \k{config-ssh-encryption}). |
2364 | |
421406a4 |
2365 | PuTTY currently supports the following varieties of \i{Diffie-Hellman key |
2366 | exchange}: |
83e7d008 |
2367 | |
2368 | \b \q{Group 14}: a well-known 2048-bit group. |
2369 | |
2370 | \b \q{Group 1}: a well-known 1024-bit group. This is less secure |
2371 | \#{FIXME better words} than group 14, but may be faster with slow |
2372 | client or server machines, and may be the only method supported by |
2373 | older server software. |
2374 | |
421406a4 |
2375 | \b \q{\ii{Group exchange}}: with this method, instead of using a fixed |
83e7d008 |
2376 | group, PuTTY requests that the server suggest a group to use for key |
2377 | exchange; the server can avoid groups known to be weak, and possibly |
2378 | invent new ones over time, without any changes required to PuTTY's |
2379 | configuration. We recommend use of this method, if possible. |
2380 | |
fae1a71b |
2381 | In addition, PuTTY supports \i{RSA key exchange}, which requires much less |
2382 | computational effort on the part of the client, and somewhat less on |
2383 | the part of the server, than Diffie-Hellman key exchange. |
2384 | |
83e7d008 |
2385 | If the first algorithm PuTTY finds is below the \q{warn below here} |
2386 | line, you will see a warning box when you make the connection, similar |
2387 | to that for cipher selection (see \k{config-ssh-encryption}). |
2388 | |
421406a4 |
2389 | \S{config-ssh-kex-rekey} \ii{Repeat key exchange} |
83e7d008 |
2390 | |
d57f70af |
2391 | \cfg{winhelp-topic}{ssh.kex.repeat} |
2392 | |
2393 | If the session key negotiated at connection startup is used too much |
2394 | or for too long, it may become feasible to mount attacks against the |
2395 | SSH connection. Therefore, the SSH-2 protocol specifies that a new key |
2396 | exchange should take place every so often; this can be initiated by |
2397 | either the client or the server. |
2398 | |
2399 | While this renegotiation is taking place, no data can pass through |
83e7d008 |
2400 | the SSH connection, so it may appear to \q{freeze}. (The occurrence of |
2401 | repeat key exchange is noted in the Event Log; see |
2402 | \k{using-eventlog}.) Usually the same algorithm is used as at the |
2403 | start of the connection, with a similar overhead. |
2404 | |
d57f70af |
2405 | These options control how often PuTTY will initiate a repeat key |
2406 | exchange (\q{rekey}). You can also force a key exchange at any time |
2407 | from the Special Commands menu (see \k{using-specials}). |
2408 | |
4f47cacf |
2409 | \# FIXME: do we have any additions to the SSH-2 specs' advice on |
d57f70af |
2410 | these values? Do we want to enforce any limits? |
2411 | |
2412 | \b \q{Max minutes before rekey} specifies the amount of time that is |
2413 | allowed to elapse before a rekey is initiated. If this is set to zero, |
2414 | PuTTY will not rekey due to elapsed time. The SSH-2 protocol |
2415 | specification recommends a timeout of at most 60 minutes. |
2416 | |
a4358604 |
2417 | You might have a need to disable time-based rekeys completely for the same |
421406a4 |
2418 | reasons that \i{keepalives} aren't always helpful. If you anticipate |
a4358604 |
2419 | suffering a network dropout of several hours in the middle of an SSH |
2420 | connection, but were not actually planning to send \e{data} down |
2421 | that connection during those hours, then an attempted rekey in the |
2422 | middle of the dropout will probably cause the connection to be |
2423 | abandoned, whereas if rekeys are disabled then the connection should |
421406a4 |
2424 | in principle survive (in the absence of interfering \i{firewalls}). See |
a4358604 |
2425 | \k{config-keepalive} for more discussion of these issues; for these |
2426 | purposes, rekeys have much the same properties as keepalives. |
2427 | (Except that rekeys have cryptographic value in themselves, so you |
2428 | should bear that in mind when deciding whether to turn them off.) |
2429 | Note, however, the the SSH \e{server} can still initiate rekeys. |
2430 | |
d57f70af |
2431 | \b \q{Max data before rekey} specifies the amount of data (in bytes) |
2432 | that is permitted to flow in either direction before a rekey is |
2433 | initiated. If this is set to zero, PuTTY will not rekey due to |
2434 | transferred data. The SSH-2 protocol specification recommends a limit |
2435 | of at most 1 gigabyte. |
2436 | |
2437 | \lcont{ |
2438 | |
2439 | As well as specifying a value in bytes, the following shorthand can be |
2440 | used: |
2441 | |
2442 | \b \cq{1k} specifies 1 kilobyte (1024 bytes). |
2443 | |
2444 | \b \cq{1M} specifies 1 megabyte (1024 kilobytes). |
2445 | |
2446 | \b \cq{1G} specifies 1 gigabyte (1024 megabytes). |
2447 | |
2448 | } |
2449 | |
421406a4 |
2450 | Disabling data-based rekeys entirely is a bad idea. The \i{integrity}, |
2451 | and to a lesser extent, \i{confidentiality} of the SSH-2 protocol depend |
a4358604 |
2452 | in part on rekeys occuring before a 32-bit packet sequence number |
2453 | wraps around. Unlike time-based rekeys, data-based rekeys won't occur |
2454 | when the SSH connection is idle, so they shouldn't cause the same |
2455 | problems. The SSH-1 protocol, incidentally, has even weaker integrity |
2456 | protection than SSH-2 without rekeys. |
83e7d008 |
2457 | |
add788fc |
2458 | \H{config-ssh-auth} The Auth panel |
2459 | |
421406a4 |
2460 | The Auth panel allows you to configure \i{authentication} options for |
add788fc |
2461 | SSH sessions. |
2462 | |
a1a1fae4 |
2463 | \S{config-ssh-noauth} \q{Bypass authentication entirely} |
2464 | |
2465 | \cfg{winhelp-topic}{ssh.auth.bypass} |
2466 | |
2467 | In SSH-2, it is possible to establish a connection without using SSH's |
2468 | mechanisms to identify or authenticate oneself to the server. Some |
2469 | servers may prefer to handle authentication in the data channel, for |
2470 | instance, or may simply require no authentication whatsoever. |
2471 | |
2472 | By default, PuTTY assumes the server requires authentication (most |
2473 | do), and thus must provide a username. If you find you are getting |
2474 | unwanted username prompts, you could try checking this option. |
2475 | |
2476 | This option only affects SSH-2 connections. SSH-1 connections always |
2477 | require an authentication step. |
2478 | |
adb6167a |
2479 | \S{config-ssh-banner} \q{Display pre-authentication banner} |
2480 | |
2481 | \cfg{winhelp-topic}{ssh.auth.banner} |
2482 | |
2483 | SSH-2 servers can provide a message for clients to display to the |
2484 | prospective user before the user logs in; this is sometimes known as a |
2485 | pre-authentication \q{\i{banner}}. Typically this is used to provide |
2486 | information about the server and legal notices. |
2487 | |
2488 | By default, PuTTY displays this message before prompting for a |
2489 | password or similar credentials (although, unfortunately, not before |
2490 | prompting for a login name, due to the nature of the protocol design). |
2491 | By unchecking this option, display of the banner can be suppressed |
2492 | entirely. |
2493 | |
973612f5 |
2494 | \S{config-ssh-tryagent} \q{Attempt authentication using Pageant} |
2495 | |
2496 | \cfg{winhelp-topic}{ssh.auth.pageant} |
2497 | |
2498 | If this option is enabled, then PuTTY will look for Pageant (the SSH |
2499 | private-key storage agent) and attempt to authenticate with any |
2500 | suitable public keys Pageant currently holds. |
2501 | |
2502 | This behaviour is almost always desirable, and is therefore enabled |
2503 | by default. In rare cases you might need to turn it off in order to |
2504 | force authentication by some non-public-key method such as |
2505 | passwords. |
2506 | |
2507 | This option can also be controlled using the \c{-noagent} |
2508 | command-line option. See \k{using-cmdline-agentauth}. |
2509 | |
2510 | See \k{pageant} for more information about Pageant in general. |
2511 | |
421406a4 |
2512 | \S{config-ssh-tis} \q{Attempt \I{TIS authentication}TIS or |
2513 | \i{CryptoCard authentication}} |
add788fc |
2514 | |
70133c0e |
2515 | \cfg{winhelp-topic}{ssh.auth.tis} |
2516 | |
d7266888 |
2517 | TIS and CryptoCard authentication are (despite their names) generic |
2518 | forms of simple \I{challenge/response authentication}challenge/response |
2519 | authentication available in SSH protocol version 1 only. You might use |
2520 | them if you were using \i{S/Key} \i{one-time passwords}, for example, |
2521 | or if you had a physical \i{security token} that generated responses |
9c099835 |
2522 | to authentication challenges. They can even be used to prompt for |
2523 | simple passwords. |
add788fc |
2524 | |
2525 | With this switch enabled, PuTTY will attempt these forms of |
2526 | authentication if the server is willing to try them. You will be |
9c099835 |
2527 | presented with a challenge string (which may be different every |
add788fc |
2528 | time) and must supply the correct response in order to log in. If |
2529 | your server supports this, you should talk to your system |
2530 | administrator about precisely what form these challenges and |
2531 | responses take. |
2532 | |
421406a4 |
2533 | \S{config-ssh-ki} \q{Attempt \i{keyboard-interactive authentication}} |
81e8bb1b |
2534 | |
70133c0e |
2535 | \cfg{winhelp-topic}{ssh.auth.ki} |
2536 | |
2e85c969 |
2537 | The SSH-2 equivalent of TIS authentication is called |
81e8bb1b |
2538 | \q{keyboard-interactive}. It is a flexible authentication method |
2539 | using an arbitrary sequence of requests and responses; so it is not |
421406a4 |
2540 | only useful for \I{challenge/response authentication}challenge/response |
2541 | mechanisms such as \i{S/Key}, but it can also be used for (for example) |
2542 | asking the user for a \I{password expiry}new password when the old one |
2543 | has expired. |
81e8bb1b |
2544 | |
2545 | PuTTY leaves this option enabled by default, but supplies a switch |
2546 | to turn it off in case you should have trouble with it. |
2547 | |
421406a4 |
2548 | \S{config-ssh-agentfwd} \q{Allow \i{agent forwarding}} |
add788fc |
2549 | |
70133c0e |
2550 | \cfg{winhelp-topic}{ssh.auth.agentfwd} |
2551 | |
add788fc |
2552 | This option allows the SSH server to open forwarded connections back |
421406a4 |
2553 | to your local copy of \i{Pageant}. If you are not running Pageant, this |
add788fc |
2554 | option will do nothing. |
2555 | |
2556 | See \k{pageant} for general information on Pageant, and |
2557 | \k{pageant-forward} for information on agent forwarding. Note that |
2558 | there is a security risk involved with enabling this option; see |
2559 | \k{pageant-security} for details. |
2560 | |
421406a4 |
2561 | \S{config-ssh-changeuser} \q{Allow attempted \i{changes of username} in SSH-2} |
5bb641e1 |
2562 | |
2563 | \cfg{winhelp-topic}{ssh.auth.changeuser} |
2564 | |
2e85c969 |
2565 | In the SSH-1 protocol, it is impossible to change username after |
5bb641e1 |
2566 | failing to authenticate. So if you mis-type your username at the |
2567 | PuTTY \q{login as:} prompt, you will not be able to change it except |
2568 | by restarting PuTTY. |
2569 | |
2e85c969 |
2570 | The SSH-2 protocol \e{does} allow changes of username, in principle, |
2571 | but does not make it mandatory for SSH-2 servers to accept them. In |
421406a4 |
2572 | particular, \i{OpenSSH} does not accept a change of username; once you |
5bb641e1 |
2573 | have sent one username, it will reject attempts to try to |
2574 | authenticate as another user. (Depending on the version of OpenSSH, |
2575 | it may quietly return failure for all login attempts, or it may send |
2576 | an error message.) |
2577 | |
2578 | For this reason, PuTTY will by default not prompt you for your |
2579 | username more than once, in case the server complains. If you know |
2580 | your server can cope with it, you can enable the \q{Allow attempted |
2581 | changes of username} option to modify PuTTY's behaviour. |
2582 | |
421406a4 |
2583 | \S{config-ssh-privkey} \q{\ii{Private key} file for authentication} |
add788fc |
2584 | |
70133c0e |
2585 | \cfg{winhelp-topic}{ssh.auth.privkey} |
2586 | |
add788fc |
2587 | This box is where you enter the name of your private key file if you |
421406a4 |
2588 | are using \i{public key authentication}. See \k{pubkey} for information |
add788fc |
2589 | about public key authentication in SSH. |
2590 | |
421406a4 |
2591 | This key must be in PuTTY's native format (\c{*.\i{PPK}}). If you have a |
3e64ff65 |
2592 | private key in another format that you want to use with PuTTY, see |
2593 | \k{puttygen-conversions}. |
8cee3b72 |
2594 | |
94cd7c3a |
2595 | If a key file is specified here, and \i{Pageant} is running (see |
2596 | \k{pageant}), PuTTY will first try asking Pageant to authenticate with |
2597 | that key, and ignore any other keys Pageant may have. If that fails, |
2598 | PuTTY will ask for a passphrase as normal. |
2599 | |
65ff63e3 |
2600 | \H{config-ssh-auth-gssapi} The \i{GSSAPI} panel |
1e00c92b |
2601 | |
2602 | \cfg{winhelp-topic}{ssh.auth.gssapi} |
2603 | |
2604 | The \q{GSSAPI} subpanel of the \q{Auth} panel controls the use of |
2605 | GSSAPI authentication. This is a mechanism which delegates the |
2606 | authentication exchange to a library elsewhere on the client |
2607 | machine, which in principle can authenticate in many different ways |
65ff63e3 |
2608 | but in practice is usually used with the \i{Kerberos} \i{single sign-on} |
1e00c92b |
2609 | protocol. |
2610 | |
2611 | GSSAPI is only available in the SSH-2 protocol. |
2612 | |
2613 | The topmost control on the GSSAPI subpanel is the checkbox labelled |
2614 | \q{Attempt GSSAPI authentication}. If this is disabled, GSSAPI will |
2615 | not be attempted at all and the rest of this panel is unused. If it |
2616 | is enabled, GSSAPI authentication will be attempted, and (typically) |
2617 | if your client machine has valid Kerberos credentials loaded, then |
2618 | PuTTY should be able to authenticate automatically to servers that |
2619 | support Kerberos logins. |
2620 | |
2621 | \S{config-ssh-auth-gssapi-delegation} \q{Allow GSSAPI credential |
2622 | delegation} |
2623 | |
2624 | \cfg{winhelp-topic}{ssh.auth.gssapi.delegation} |
2625 | |
65ff63e3 |
2626 | \i{GSSAPI credential delegation} is a mechanism for passing on your |
1e00c92b |
2627 | Kerberos (or other) identity to the session on the SSH server. If |
2628 | you enable this option, then not only will PuTTY be able to log in |
2629 | automatically to a server that accepts your Kerberos credentials, |
2630 | but also you will be able to connect out from that server to other |
2631 | Kerberos-supporting services and use the same credentials just as |
2632 | automatically. |
2633 | |
2634 | (This option is the Kerberos analogue of SSH agent forwarding; see |
2635 | \k{pageant-forward} for some information on that.) |
2636 | |
2637 | Note that, like SSH agent forwarding, there is a security |
2638 | implication in the use of this option: the administrator of the |
2639 | server you connect to, or anyone else who has cracked the |
2640 | administrator account on that server, could fake your identity when |
2641 | connecting to further Kerberos-supporting services. However, |
2642 | Kerberos sites are typically run by a central authority, so the |
2643 | administrator of one server is likely to already have access to the |
2644 | other services too; so this would typically be less of a risk than |
2645 | SSH agent forwarding. |
2646 | |
2647 | \S{config-ssh-auth-gssapi-libraries} Preference order for GSSAPI |
2648 | libraries |
2649 | |
2650 | \cfg{winhelp-topic}{ssh.auth.gssapi.libraries} |
2651 | |
2652 | GSSAPI is a mechanism which allows more than one authentication |
2653 | method to be accessed through the same interface. Therefore, more |
2654 | than one authentication library may exist on your system which can |
2655 | be accessed using GSSAPI. |
2656 | |
2657 | PuTTY contains native support for a few well-known such libraries, |
2658 | and will look for all of them on your system and use whichever it |
2659 | finds. If more than one exists on your system and you need to use a |
2660 | specific one, you can adjust the order in which it will search using |
2661 | this preference list control. |
2662 | |
2663 | One of the options in the preference list is to use a user-specified |
2664 | GSSAPI library. If the library you want to use is not mentioned by |
2665 | name in PuTTY's list of options, you can enter its full pathname in |
2666 | the \q{User-supplied GSSAPI library path} field, and move the |
2667 | \q{User-supplied GSSAPI library} option in the preference list to |
2668 | make sure it is selected before anything else. |
2669 | |
c6ccd5c2 |
2670 | \H{config-ssh-tty} The TTY panel |
2671 | |
2672 | The TTY panel lets you configure the remote pseudo-terminal. |
2673 | |
2674 | \S{config-ssh-pty} \I{pseudo-terminal allocation}\q{Don't allocate |
2675 | a pseudo-terminal} |
2676 | |
2677 | \cfg{winhelp-topic}{ssh.nopty} |
2678 | |
2679 | When connecting to a \i{Unix} system, most \I{interactive |
2680 | connections}interactive shell sessions are run in a \e{pseudo-terminal}, |
2681 | which allows the Unix system to pretend it's talking to a real physical |
2682 | terminal device but allows the SSH server to catch all the data coming |
2683 | from that fake device and send it back to the client. |
2684 | |
2685 | Occasionally you might find you have a need to run a session \e{not} |
2686 | in a pseudo-terminal. In PuTTY, this is generally only useful for |
2687 | very specialist purposes; although in Plink (see \k{plink}) it is |
2688 | the usual way of working. |
2689 | |
2690 | \S{config-ttymodes} Sending \i{terminal modes} |
2691 | |
2692 | \cfg{winhelp-topic}{ssh.ttymodes} |
2693 | |
2694 | The SSH protocol allows the client to send \q{terminal modes} for |
2695 | the remote pseudo-terminal. These usually control the server's |
2696 | expectation of the local terminal's behaviour. |
2697 | |
2698 | If your server does not have sensible defaults for these modes, you |
2699 | may find that changing them here helps. If you don't understand any of |
2700 | this, it's safe to leave these settings alone. |
2701 | |
2702 | (None of these settings will have any effect if no pseudo-terminal |
2703 | is requested or allocated.) |
2704 | |
2705 | You can add or modify a mode by selecting it from the drop-down list, |
2706 | choosing whether it's set automatically or to a specific value with |
2707 | the radio buttons and edit box, and hitting \q{Add}. A mode (or |
2708 | several) can be removed from the list by selecting them and hitting |
2709 | \q{Remove}. The effect of the mode list is as follows: |
2710 | |
2711 | \b If a mode is not on the list, it will not be specified to the |
2712 | server under any circumstances. |
2713 | |
2714 | \b If a mode is on the list: |
2715 | |
2716 | \lcont{ |
2717 | |
2718 | \b If the \q{Auto} option is selected, the PuTTY tools will decide |
2719 | whether to specify that mode to the server, and if so, will send |
2720 | a sensible value. |
2721 | |
2722 | \lcont{ |
2723 | |
2724 | PuTTY proper will send modes that it has an opinion on (currently only |
2725 | the code for the Backspace key, \cw{ERASE}). Plink on Unix |
2726 | will propagate appropriate modes from the local terminal, if any. |
2727 | |
2728 | } |
2729 | |
2730 | \b If a value is specified, it will be sent to the server under all |
2731 | circumstances. The precise syntax of the value box depends on the |
2732 | mode. |
2733 | |
2734 | } |
2735 | |
2736 | By default, all of the available modes are listed as \q{Auto}, |
2737 | which should do the right thing in most circumstances. |
2738 | |
2739 | The precise effect of each setting, if any, is up to the server. Their |
2740 | names come from \i{POSIX} and other Unix systems, and they are most |
2741 | likely to have a useful effect on such systems. (These are the same |
2742 | settings that can usually be changed using the \i\c{stty} command once |
2743 | logged in to such servers.) |
2744 | |
2745 | Some notable modes are described below; for fuller explanations, see |
2746 | your server documentation. |
2747 | |
2748 | \b \I{ERASE special character}\cw{ERASE} is the character that when typed |
2749 | by the user will delete one space to the left. When set to \q{Auto} |
2750 | (the default setting), this follows the setting of the local Backspace |
2751 | key in PuTTY (see \k{config-backspace}). |
2752 | |
2753 | \lcont{ |
2754 | This and other \i{special character}s are specified using \c{^C} notation |
2755 | for Ctrl-C, and so on. Use \c{^<27>} or \c{^<0x1B>} to specify a |
2756 | character numerically, and \c{^~} to get a literal \c{^}. Other |
2757 | non-control characters are denoted by themselves. Leaving the box |
2758 | entirely blank indicates that \e{no} character should be assigned to |
2759 | the specified function, although this may not be supported by all |
2760 | servers. |
2761 | } |
2762 | |
2763 | \b \I{QUIT special character}\cw{QUIT} is a special character that |
2764 | usually forcefully ends the current process on the server |
2765 | (\cw{SIGQUIT}). On many servers its default setting is Ctrl-backslash |
2766 | (\c{^\\}), which is easy to accidentally invoke on many keyboards. If |
2767 | this is getting in your way, you may want to change it to another |
2768 | character or turn it off entirely. |
2769 | |
2770 | \b Boolean modes such as \cw{ECHO} and \cw{ICANON} can be specified in |
2771 | PuTTY in a variety of ways, such as \cw{true}/\cw{false}, |
2772 | \cw{yes}/\cw{no}, and \cw{0}/\cw{1}. |
2773 | |
2774 | \b Terminal speeds are configured elsewhere; see \k{config-termspeed}. |
2775 | |
05581745 |
2776 | \H{config-ssh-x11} The X11 panel |
add788fc |
2777 | |
70133c0e |
2778 | \cfg{winhelp-topic}{ssh.tunnels.x11} |
2779 | |
421406a4 |
2780 | The X11 panel allows you to configure \i{forwarding of X11} over an |
05581745 |
2781 | SSH connection. |
2782 | |
add788fc |
2783 | If your server lets you run X Window System applications, X11 |
2784 | forwarding allows you to securely give those applications access to |
2785 | a local X display on your PC. |
2786 | |
add788fc |
2787 | To enable X11 forwarding, check the \q{Enable X11 forwarding} box. |
46ed7b64 |
2788 | If your X display is somewhere unusual, you will need to enter its |
2789 | location in the \q{X display location} box; if this is left blank, |
3e64ff65 |
2790 | PuTTY will try to find a sensible default in the environment, or use the |
46ed7b64 |
2791 | primary local display (\c{:0}) if that fails. |
add788fc |
2792 | |
2f8d6d43 |
2793 | See \k{using-x-forwarding} for more information about X11 |
2794 | forwarding. |
add788fc |
2795 | |
421406a4 |
2796 | \S{config-ssh-x11auth} Remote \i{X11 authentication} |
b3ebaa28 |
2797 | |
2798 | \cfg{winhelp-topic}{ssh.tunnels.x11auth} |
2799 | |
2800 | If you are using X11 forwarding, the virtual X server created on the |
2801 | SSH server machine will be protected by authorisation data. This |
2802 | data is invented, and checked, by PuTTY. |
2803 | |
2804 | The usual authorisation method used for this is called |
421406a4 |
2805 | \i\cw{MIT-MAGIC-COOKIE-1}. This is a simple password-style protocol: |
b3ebaa28 |
2806 | the X client sends some cookie data to the server, and the server |
2807 | checks that it matches the real cookie. The cookie data is sent over |
2808 | an unencrypted X11 connection; so if you allow a client on a third |
2809 | machine to access the virtual X server, then the cookie will be sent |
2810 | in the clear. |
2811 | |
421406a4 |
2812 | PuTTY offers the alternative protocol \i\cw{XDM-AUTHORIZATION-1}. This |
b3ebaa28 |
2813 | is a cryptographically authenticated protocol: the data sent by the |
2814 | X client is different every time, and it depends on the IP address |
2815 | and port of the client's end of the connection and is also stamped |
2816 | with the current time. So an eavesdropper who captures an |
2817 | \cw{XDM-AUTHORIZATION-1} string cannot immediately re-use it for |
2818 | their own X connection. |
2819 | |
2820 | PuTTY's support for \cw{XDM-AUTHORIZATION-1} is a somewhat |
2821 | experimental feature, and may encounter several problems: |
2822 | |
2823 | \b Some X clients probably do not even support |
2824 | \cw{XDM-AUTHORIZATION-1}, so they will not know what to do with the |
2825 | data PuTTY has provided. |
2826 | |
186aace2 |
2827 | \b This authentication mechanism will only work in SSH-2. In SSH-1, |
2828 | the SSH server does not tell the client the source address of |
b3ebaa28 |
2829 | a forwarded connection in a machine-readable format, so it's |
2830 | impossible to verify the \cw{XDM-AUTHORIZATION-1} data. |
2831 | |
2832 | \b You may find this feature causes problems with some SSH servers, |
2833 | which will not clean up \cw{XDM-AUTHORIZATION-1} data after a |
2834 | session, so that if you then connect to the same server using |
2835 | a client which only does \cw{MIT-MAGIC-COOKIE-1} and are allocated |
2836 | the same remote display number, you might find that out-of-date |
2837 | authentication data is still present on your server and your X |
2838 | connections fail. |
2839 | |
2840 | PuTTY's default is \cw{MIT-MAGIC-COOKIE-1}. If you change it, you |
2841 | should be sure you know what you're doing. |
2842 | |
8def70c3 |
2843 | \S{config-ssh-xauthority} X authority file for local display |
2844 | |
2845 | \cfg{winhelp-topic}{ssh.tunnels.xauthority} |
2846 | |
2847 | If you are using X11 forwarding, the local X server to which your |
2848 | forwarded connections are eventually directed may itself require |
2849 | authorisation. |
2850 | |
2851 | Some Windows X servers do not require this: they do authorisation by |
2852 | simpler means, such as accepting any connection from the local |
2853 | machine but not from anywhere else. However, if your X server does |
2854 | require authorisation, then PuTTY needs to know what authorisation |
2855 | is required. |
2856 | |
2857 | One way in which this data might be made available is for the X |
2858 | server to store it somewhere in a file which has the same format |
2859 | as the Unix \c{.Xauthority} file. If this is how your Windows X |
2860 | server works, then you can tell PuTTY where to find this file by |
2861 | configuring this option. By default, PuTTY will not attempt to find |
2862 | any authorisation for your local display. |
2863 | |
421406a4 |
2864 | \H{config-ssh-portfwd} \I{port forwarding}The Tunnels panel |
add788fc |
2865 | |
70133c0e |
2866 | \cfg{winhelp-topic}{ssh.tunnels.portfwd} |
2867 | |
05581745 |
2868 | The Tunnels panel allows you to configure tunnelling of arbitrary |
2869 | connection types through an SSH connection. |
2870 | |
421406a4 |
2871 | Port forwarding allows you to tunnel other types of \i{network |
2872 | connection} down an SSH session. See \k{using-port-forwarding} for a |
2f8d6d43 |
2873 | general discussion of port forwarding and how it works. |
2874 | |
2875 | The port forwarding section in the Tunnels panel shows a list of all |
2876 | the port forwardings that PuTTY will try to set up when it connects |
2877 | to the server. By default no port forwardings are set up, so this |
2878 | list is empty. |
2879 | |
2880 | To add a port forwarding: |
2881 | |
2882 | \b Set one of the \q{Local} or \q{Remote} radio buttons, depending |
421406a4 |
2883 | on whether you want to \I{local port forwarding}forward a local port |
2884 | to a remote destination (\q{Local}) or \I{remote port forwarding}forward |
2885 | a remote port to a local destination (\q{Remote}). Alternatively, |
2886 | select \q{Dynamic} if you want PuTTY to \I{dynamic port forwarding}provide |
5193e45c |
2887 | a local SOCKS 4/4A/5 proxy on a local port (note that this proxy only |
2888 | supports TCP connections; the SSH protocol does not support forwarding |
2889 | \i{UDP}). |
2f8d6d43 |
2890 | |
421406a4 |
2891 | \b Enter a source \i{port number} into the \q{Source port} box. For |
2f8d6d43 |
2892 | local forwardings, PuTTY will listen on this port of your PC. For |
2893 | remote forwardings, your SSH server will listen on this port of the |
2894 | remote machine. Note that most servers will not allow you to listen |
421406a4 |
2895 | on \I{privileged port}port numbers less than 1024. |
2f8d6d43 |
2896 | |
48b7c4b2 |
2897 | \b If you have selected \q{Local} or \q{Remote} (this step is not |
2898 | needed with \q{Dynamic}), enter a hostname and port number separated |
2899 | by a colon, in the \q{Destination} box. Connections received on the |
2900 | source port will be directed to this destination. For example, to |
2901 | connect to a POP-3 server, you might enter |
2902 | \c{popserver.example.com:110}. |
2f8d6d43 |
2903 | |
2904 | \b Click the \q{Add} button. Your forwarding details should appear |
2905 | in the list box. |
2906 | |
2907 | To remove a port forwarding, simply select its details in the list |
2908 | box, and click the \q{Remove} button. |
37c6fce1 |
2909 | |
421406a4 |
2910 | In the \q{Source port} box, you can also optionally enter an \I{listen |
2911 | address}IP address to listen on, by specifying (for instance) |
2912 | \c{127.0.0.5:79}. |
dbe6c525 |
2913 | See \k{using-port-forwarding} for more information on how this |
2914 | works and its restrictions. |
6ee9b735 |
2915 | |
421406a4 |
2916 | In place of port numbers, you can enter \i{service names}, if they are |
d56f5878 |
2917 | known to the local system. For instance, in the \q{Destination} box, |
2918 | you could enter \c{popserver.example.com:pop3}. |
2919 | |
9711106b |
2920 | You can \I{port forwarding, changing mid-session}modify the currently |
2921 | active set of port forwardings in mid-session using \q{Change |
2922 | Settings} (see \k{using-changesettings}). If you delete a local or |
2923 | dynamic port forwarding in mid-session, PuTTY will stop listening for |
2924 | connections on that port, so it can be re-used by another program. If |
2925 | you delete a remote port forwarding, note that: |
fda2feb1 |
2926 | |
2e85c969 |
2927 | \b The SSH-1 protocol contains no mechanism for asking the server to |
fda2feb1 |
2928 | stop listening on a remote port. |
2929 | |
2e85c969 |
2930 | \b The SSH-2 protocol does contain such a mechanism, but not all SSH |
421406a4 |
2931 | servers support it. (In particular, \i{OpenSSH} does not support it in |
fda2feb1 |
2932 | any version earlier than 3.9.) |
2933 | |
2934 | If you ask to delete a remote port forwarding and PuTTY cannot make |
2935 | the server actually stop listening on the port, it will instead just |
2936 | start refusing incoming connections on that port. Therefore, |
2937 | although the port cannot be reused by another program, you can at |
2938 | least be reasonably sure that server-side programs can no longer |
2939 | access the service at your end of the port forwarding. |
2940 | |
d56f5878 |
2941 | If you delete a forwarding, any existing connections established using |
2942 | that forwarding remain open. Similarly, changes to global settings |
2943 | such as \q{Local ports accept connections from other hosts} only take |
2944 | effect on new forwardings. |
2945 | |
881da168 |
2946 | If the connection you are forwarding over SSH is itself a second SSH |
2947 | connection made by another copy of PuTTY, you might find the |
2948 | \q{logical host name} configuration option useful to warn PuTTY of |
2949 | which host key it should be expecting. See \k{config-loghost} for |
2950 | details of this. |
2951 | |
beefa433 |
2952 | \S{config-ssh-portfwd-localhost} Controlling the visibility of |
2953 | forwarded ports |
2954 | |
2955 | \cfg{winhelp-topic}{ssh.tunnels.portfwd.localhost} |
2956 | |
2957 | The source port for a forwarded connection usually does not accept |
421406a4 |
2958 | connections from any machine except the \I{localhost}SSH client or |
2959 | server machine itself (for local and remote forwardings respectively). |
2960 | There are controls in the Tunnels panel to change this: |
beefa433 |
2961 | |
2962 | \b The \q{Local ports accept connections from other hosts} option |
2963 | allows you to set up local-to-remote port forwardings in such a way |
2964 | that machines other than your client PC can connect to the forwarded |
48b7c4b2 |
2965 | port. (This also applies to dynamic SOCKS forwarding.) |
beefa433 |
2966 | |
2967 | \b The \q{Remote ports do the same} option does the same thing for |
2968 | remote-to-local port forwardings (so that machines other than the |
2969 | SSH server machine can connect to the forwarded port.) Note that |
2e85c969 |
2970 | this feature is only available in the SSH-2 protocol, and not all |
421406a4 |
2971 | SSH-2 servers support it (\i{OpenSSH} 3.0 does not, for example). |
beefa433 |
2972 | |
421406a4 |
2973 | \S{config-ssh-portfwd-address-family} Selecting \i{Internet protocol |
2974 | version} for forwarded ports |
05581745 |
2975 | |
2976 | \cfg{winhelp-topic}{ssh.tunnels.portfwd.ipversion} |
2977 | |
421406a4 |
2978 | This switch allows you to select a specific Internet protocol (\i{IPv4} |
2979 | or \i{IPv6}) for the local end of a forwarded port. By default, it is |
05581745 |
2980 | set on \q{Auto}, which means that: |
2981 | |
2982 | \b for a local-to-remote port forwarding, PuTTY will listen for |
2983 | incoming connections in both IPv4 and (if available) IPv6 |
2984 | |
2985 | \b for a remote-to-local port forwarding, PuTTY will choose a |
2986 | sensible protocol for the outgoing connection. |
2987 | |
2e523aed |
2988 | This overrides the general Internet protocol version preference |
2989 | on the Connection panel (see \k{config-address-family}). |
2990 | |
ae400b95 |
2991 | Note that some operating systems may listen for incoming connections |
2992 | in IPv4 even if you specifically asked for IPv6, because their IPv4 |
421406a4 |
2993 | and IPv6 protocol stacks are linked together. Apparently \i{Linux} does |
ae400b95 |
2994 | this, and Windows does not. So if you're running PuTTY on Windows |
2995 | and you tick \q{IPv6} for a local or dynamic port forwarding, it |
2996 | will \e{only} be usable by connecting to it using IPv6; whereas if |
2997 | you do the same on Linux, you can also use it with IPv4. However, |
2998 | ticking \q{Auto} should always give you a port which you can connect |
2999 | to using either protocol. |
05581745 |
3000 | |
421406a4 |
3001 | \H{config-ssh-bugs} \I{SSH server bugs}The Bugs panel |
2c9c6388 |
3002 | |
3003 | Not all SSH servers work properly. Various existing servers have |
3004 | bugs in them, which can make it impossible for a client to talk to |
3005 | them unless it knows about the bug and works around it. |
3006 | |
3007 | Since most servers announce their software version number at the |
3008 | beginning of the SSH connection, PuTTY will attempt to detect which |
3009 | bugs it can expect to see in the server and automatically enable |
3010 | workarounds. However, sometimes it will make mistakes; if the server |
3011 | has been deliberately configured to conceal its version number, or |
3012 | if the server is a version which PuTTY's bug database does not know |
3013 | about, then PuTTY will not know what bugs to expect. |
3014 | |
3015 | The Bugs panel allows you to manually configure the bugs PuTTY |
3016 | expects to see in the server. Each bug can be configured in three |
3017 | states: |
3018 | |
3019 | \b \q{Off}: PuTTY will assume the server does not have the bug. |
3020 | |
3021 | \b \q{On}: PuTTY will assume the server \e{does} have the bug. |
3022 | |
3023 | \b \q{Auto}: PuTTY will use the server's version number announcement |
3024 | to try to guess whether or not the server has the bug. |
3025 | |
421406a4 |
3026 | \S{config-ssh-bug-ignore1} \q{Chokes on SSH-1 \i{ignore message}s} |
2c9c6388 |
3027 | |
3028 | \cfg{winhelp-topic}{ssh.bugs.ignore1} |
3029 | |
3030 | An ignore message (SSH_MSG_IGNORE) is a message in the SSH protocol |
3031 | which can be sent from the client to the server, or from the server |
3032 | to the client, at any time. Either side is required to ignore the |
bf982899 |
3033 | message whenever it receives it. PuTTY uses ignore messages to |
3034 | \I{password camouflage}hide the password packet in SSH-1, so that |
3035 | a listener cannot tell the length of the user's password; it also |
3036 | uses ignore messages for connection \i{keepalives} (see |
3037 | \k{config-keepalive}). |
2c9c6388 |
3038 | |
3039 | If this bug is detected, PuTTY will stop using ignore messages. This |
3040 | means that keepalives will stop working, and PuTTY will have to fall |
2e85c969 |
3041 | back to a secondary defence against SSH-1 password-length |
2c9c6388 |
3042 | eavesdropping. See \k{config-ssh-bug-plainpw1}. If this bug is |
3043 | enabled when talking to a correct server, the session will succeed, |
3044 | but keepalives will not work and the session might be more |
3045 | vulnerable to eavesdroppers than it could be. |
3046 | |
421406a4 |
3047 | \S{config-ssh-bug-plainpw1} \q{Refuses all SSH-1 \i{password camouflage}} |
2c9c6388 |
3048 | |
3049 | \cfg{winhelp-topic}{ssh.bugs.plainpw1} |
3050 | |
2e85c969 |
3051 | When talking to an SSH-1 server which cannot deal with ignore |
2c9c6388 |
3052 | messages (see \k{config-ssh-bug-ignore1}), PuTTY will attempt to |
3053 | disguise the length of the user's password by sending additional |
3054 | padding \e{within} the password packet. This is technically a |
2e85c969 |
3055 | violation of the SSH-1 specification, and so PuTTY will only do it |
2c9c6388 |
3056 | when it cannot use standards-compliant ignore messages as |
3057 | camouflage. In this sense, for a server to refuse to accept a padded |
3058 | password packet is not really a bug, but it does make life |
3059 | inconvenient if the server can also not handle ignore messages. |
3060 | |
bf982899 |
3061 | If this \q{bug} is detected, PuTTY will assume that neither ignore |
3062 | messages nor padding are acceptable, and that it thus has no choice |
3063 | but to send the user's password with no form of camouflage, so that |
3064 | an eavesdropping user will be easily able to find out the exact length |
2c9c6388 |
3065 | of the password. If this bug is enabled when talking to a correct |
3066 | server, the session will succeed, but will be more vulnerable to |
3067 | eavesdroppers than it could be. |
3068 | |
2e85c969 |
3069 | This is an SSH-1-specific bug. SSH-2 is secure against this type of |
2c9c6388 |
3070 | attack. |
3071 | |
421406a4 |
3072 | \S{config-ssh-bug-rsa1} \q{Chokes on SSH-1 \i{RSA} authentication} |
2c9c6388 |
3073 | |
3074 | \cfg{winhelp-topic}{ssh.bugs.rsa1} |
3075 | |
2e85c969 |
3076 | Some SSH-1 servers cannot deal with RSA authentication messages at |
421406a4 |
3077 | all. If \i{Pageant} is running and contains any SSH-1 keys, PuTTY will |
2c9c6388 |
3078 | normally automatically try RSA authentication before falling back to |
3079 | passwords, so these servers will crash when they see the RSA attempt. |
3080 | |
3081 | If this bug is detected, PuTTY will go straight to password |
3082 | authentication. If this bug is enabled when talking to a correct |
3083 | server, the session will succeed, but of course RSA authentication |
3084 | will be impossible. |
3085 | |
2e85c969 |
3086 | This is an SSH-1-specific bug. |
2c9c6388 |
3087 | |
cf6ddb95 |
3088 | \S{config-ssh-bug-ignore2} \q{Chokes on SSH-2 \i{ignore message}s} |
3089 | |
3090 | \cfg{winhelp-topic}{ssh.bugs.ignore2} |
3091 | |
3092 | An ignore message (SSH_MSG_IGNORE) is a message in the SSH protocol |
3093 | which can be sent from the client to the server, or from the server |
3094 | to the client, at any time. Either side is required to ignore the |
3095 | message whenever it receives it. PuTTY uses ignore messages in SSH-2 |
3096 | to confuse the encrypted data stream and make it harder to |
3097 | cryptanalyse. It also uses ignore messages for connection |
3098 | \i{keepalives} (see \k{config-keepalive}). |
3099 | |
3100 | If it believes the server to have this bug, PuTTY will stop using |
3101 | ignore messages. If this bug is enabled when talking to a correct |
3102 | server, the session will succeed, but keepalives will not work and |
3103 | the session might be less cryptographically secure than it could be. |
3104 | |
2e85c969 |
3105 | \S{config-ssh-bug-hmac2} \q{Miscomputes SSH-2 HMAC keys} |
2c9c6388 |
3106 | |
3107 | \cfg{winhelp-topic}{ssh.bugs.hmac2} |
3108 | |
3109 | Versions 2.3.0 and below of the SSH server software from |
421406a4 |
3110 | \cw{ssh.com} compute the keys for their \i{HMAC} \i{message authentication |
3111 | code}s incorrectly. A typical symptom of this problem is that PuTTY |
2c9c6388 |
3112 | dies unexpectedly at the beginning of the session, saying |
3113 | \q{Incorrect MAC received on packet}. |
3114 | |
3115 | If this bug is detected, PuTTY will compute its HMAC keys in the |
3116 | same way as the buggy server, so that communication will still be |
3117 | possible. If this bug is enabled when talking to a correct server, |
3118 | communication will fail. |
3119 | |
2e85c969 |
3120 | This is an SSH-2-specific bug. |
2c9c6388 |
3121 | |
421406a4 |
3122 | \S{config-ssh-bug-derivekey2} \q{Miscomputes SSH-2 \i{encryption} keys} |
2c9c6388 |
3123 | |
3124 | \cfg{winhelp-topic}{ssh.bugs.derivekey2} |
3125 | |
421406a4 |
3126 | Versions below 2.0.11 of the SSH server software from \i\cw{ssh.com} |
2c9c6388 |
3127 | compute the keys for the session encryption incorrectly. This |
3128 | problem can cause various error messages, such as \q{Incoming packet |
3129 | was garbled on decryption}, or possibly even \q{Out of memory}. |
3130 | |
3131 | If this bug is detected, PuTTY will compute its encryption keys in |
3132 | the same way as the buggy server, so that communication will still |
3133 | be possible. If this bug is enabled when talking to a correct |
3134 | server, communication will fail. |
3135 | |
2e85c969 |
3136 | This is an SSH-2-specific bug. |
2c9c6388 |
3137 | |
421406a4 |
3138 | \S{config-ssh-bug-sig} \q{Requires padding on SSH-2 \i{RSA} \i{signatures}} |
2c9c6388 |
3139 | |
3140 | \cfg{winhelp-topic}{ssh.bugs.rsapad2} |
3141 | |
421406a4 |
3142 | Versions below 3.3 of \i{OpenSSH} require SSH-2 RSA signatures to be |
2c9c6388 |
3143 | padded with zero bytes to the same length as the RSA key modulus. |
4f47cacf |
3144 | The SSH-2 specification says that an unpadded signature MUST be |
2c9c6388 |
3145 | accepted, so this is a bug. A typical symptom of this problem is |
3146 | that PuTTY mysteriously fails RSA authentication once in every few |
3147 | hundred attempts, and falls back to passwords. |
3148 | |
3149 | If this bug is detected, PuTTY will pad its signatures in the way |
3150 | OpenSSH expects. If this bug is enabled when talking to a correct |
3151 | server, it is likely that no damage will be done, since correct |
3152 | servers usually still accept padded signatures because they're used |
3153 | to talking to OpenSSH. |
3154 | |
2e85c969 |
3155 | This is an SSH-2-specific bug. |
2c9c6388 |
3156 | |
421406a4 |
3157 | \S{config-ssh-bug-pksessid2} \q{Misuses the \i{session ID} in SSH-2 PK auth} |
dda87a28 |
3158 | |
739c28d0 |
3159 | \cfg{winhelp-topic}{ssh.bugs.pksessid2} |
dda87a28 |
3160 | |
421406a4 |
3161 | Versions below 2.3 of \i{OpenSSH} require SSH-2 \i{public-key authentication} |
dda87a28 |
3162 | to be done slightly differently: the data to be signed by the client |
3163 | contains the session ID formatted in a different way. If public-key |
3164 | authentication mysteriously does not work but the Event Log (see |
3165 | \k{using-eventlog}) thinks it has successfully sent a signature, it |
3166 | might be worth enabling the workaround for this bug to see if it |
3167 | helps. |
3168 | |
3169 | If this bug is detected, PuTTY will sign data in the way OpenSSH |
3170 | expects. If this bug is enabled when talking to a correct server, |
2e85c969 |
3171 | SSH-2 public-key authentication will fail. |
dda87a28 |
3172 | |
2e85c969 |
3173 | This is an SSH-2-specific bug. |
dda87a28 |
3174 | |
19f47a7d |
3175 | \S{config-ssh-bug-rekey} \q{Handles SSH-2 key re-exchange badly} |
f382c87d |
3176 | |
3177 | \cfg{winhelp-topic}{ssh.bugs.rekey2} |
3178 | |
421406a4 |
3179 | Some SSH servers cannot cope with \i{repeat key exchange} at |
f382c87d |
3180 | all, and will ignore attempts by the client to start one. Since |
3181 | PuTTY pauses the session while performing a repeat key exchange, the |
3182 | effect of this would be to cause the session to hang after an hour |
3183 | (unless you have your rekey timeout set differently; see |
3184 | \k{config-ssh-kex-rekey} for more about rekeys). |
e12d95a5 |
3185 | Other, very old, SSH servers handle repeat key exchange even more |
3186 | badly, and disconnect upon receiving a repeat key exchange request. |
f382c87d |
3187 | |
3188 | If this bug is detected, PuTTY will never initiate a repeat key |
3189 | exchange. If this bug is enabled when talking to a correct server, |
3190 | the session should still function, but may be less secure than you |
3191 | would expect. |
3192 | |
2e85c969 |
3193 | This is an SSH-2-specific bug. |
f382c87d |
3194 | |
1cb8218f |
3195 | \S{config-ssh-bug-maxpkt2} \q{Ignores SSH-2 \i{maximum packet size}} |
c9739dba |
3196 | |
3197 | \cfg{winhelp-topic}{ssh.bugs.maxpkt2} |
3198 | |
3199 | When an SSH-2 channel is set up, each end announces the maximum size |
3200 | of data packet that it is willing to receive for that channel. Some |
3201 | servers ignore PuTTY's announcement and send packets larger than PuTTY |
3202 | is willing to accept, causing it to report \q{Incoming packet was |
3203 | garbled on decryption}. |
3204 | |
3205 | If this bug is detected, PuTTY never allows the channel's |
3206 | \i{flow-control window} to grow large enough to allow the server to |
3207 | send an over-sized packet. If this bug is enabled when talking to a |
3208 | correct server, the session will work correctly, but download |
3209 | performance will be less than it could be. |
3210 | |
2e0aae4f |
3211 | \S{config-ssh-bug-winadj} \q{Chokes on PuTTY's SSH-2 \cq{winadj} requests} |
3212 | |
3213 | \cfg{winhelp-topic}{ssh.bugs.winadj} |
3214 | |
3215 | PuTTY sometimes sends a special request to SSH servers in the middle |
3216 | of channel data, with the name \cw{winadj@putty.projects.tartarus.org} |
3217 | (see \k{sshnames-channel}). The purpose of this request is to measure |
3218 | the round-trip time to the server, which PuTTY uses to tune its flow |
3219 | control. The server does not actually have to \e{understand} the |
3220 | message; it is expected to send back a \cw{SSH_MSG_CHANNEL_FAILURE} |
3221 | message indicating that it didn't understand it. (All PuTTY needs for |
3222 | its timing calculations is \e{some} kind of response.) |
3223 | |
3224 | It has been known for some SSH servers to get confused by this message |
3225 | in one way or another \dash because it has a long name, or because |
3226 | they can't cope with unrecognised request names even to the extent of |
3227 | sending back the correct failure response, or because they handle it |
3228 | sensibly but fill up the server's log file with pointless spam, or |
3229 | whatever. PuTTY therefore supports this bug-compatibility flag: if it |
3230 | believes the server has this bug, it will never send its |
3231 | \cq{winadj@putty.projects.tartarus.org} request, and will make do |
3232 | without its timing data. |
3233 | |
7374c779 |
3234 | \H{config-serial} The Serial panel |
3235 | |
3236 | The \i{Serial} panel allows you to configure options that only apply |
3237 | when PuTTY is connecting to a local \I{serial port}\i{serial line}. |
3238 | |
3239 | \S{config-serial-line} Selecting a serial line to connect to |
3240 | |
3241 | \cfg{winhelp-topic}{serial.line} |
3242 | |
3243 | The \q{Serial line to connect to} box allows you to choose which |
3244 | serial line you want PuTTY to talk to, if your computer has more |
3245 | than one serial port. |
3246 | |
14ff41e7 |
3247 | On Windows, the first serial line is called \i\cw{COM1}, and if there |
934dbf05 |
3248 | is a second it is called \cw{COM2}, and so on. |
7374c779 |
3249 | |
3250 | This configuration setting is also visible on the Session panel, |
3251 | where it replaces the \q{Host Name} box (see \k{config-hostname}) if |
3252 | the connection type is set to \q{Serial}. |
3253 | |
3254 | \S{config-serial-speed} Selecting the speed of your serial line |
3255 | |
3256 | \cfg{winhelp-topic}{serial.speed} |
3257 | |
3258 | The \q{Speed} box allows you to choose the speed (or \q{baud rate}) |
3259 | at which to talk to the serial line. Typical values might be 9600, |
3260 | 19200, 38400 or 57600. Which one you need will depend on the device |
3261 | at the other end of the serial cable; consult the manual for that |
3262 | device if you are in doubt. |
3263 | |
3264 | This configuration setting is also visible on the Session panel, |
3265 | where it replaces the \q{Port} box (see \k{config-hostname}) if the |
3266 | connection type is set to \q{Serial}. |
3267 | |
3268 | \S{config-serial-databits} Selecting the number of data bits |
3269 | |
3270 | \cfg{winhelp-topic}{serial.databits} |
3271 | |
3272 | The \q{Data bits} box allows you to choose how many data bits are |
3273 | transmitted in each byte sent or received through the serial line. |
3274 | Typical values are 7 or 8. |
3275 | |
3276 | \S{config-serial-stopbits} Selecting the number of stop bits |
3277 | |
3278 | \cfg{winhelp-topic}{serial.stopbits} |
3279 | |
3280 | The \q{Stop bits} box allows you to choose how many stop bits are |
3281 | used in the serial line protocol. Typical values are 1, 1.5 or 2. |
3282 | |
3283 | \S{config-serial-parity} Selecting the serial parity checking scheme |
3284 | |
3285 | \cfg{winhelp-topic}{serial.parity} |
3286 | |
3287 | The \q{Parity} box allows you to choose what type of parity checking |
3288 | is used on the serial line. The settings are: |
3289 | |
3290 | \b \q{None}: no parity bit is sent at all. |
3291 | |
3292 | \b \q{Odd}: an extra parity bit is sent alongside each byte, and |
3293 | arranged so that the total number of 1 bits is odd. |
3294 | |
3295 | \b \q{Even}: an extra parity bit is sent alongside each byte, and |
3296 | arranged so that the total number of 1 bits is even. |
3297 | |
3298 | \b \q{Mark}: an extra parity bit is sent alongside each byte, and |
3299 | always set to 1. |
3300 | |
3301 | \b \q{Space}: an extra parity bit is sent alongside each byte, and |
3302 | always set to 0. |
3303 | |
3304 | \S{config-serial-flow} Selecting the serial flow control scheme |
3305 | |
3306 | \cfg{winhelp-topic}{serial.flow} |
3307 | |
3308 | The \q{Flow control} box allows you to choose what type of flow |
3309 | control checking is used on the serial line. The settings are: |
3310 | |
3311 | \b \q{None}: no flow control is done. Data may be lost if either |
3312 | side attempts to send faster than the serial line permits. |
3313 | |
3314 | \b \q{XON/XOFF}: flow control is done by sending XON and XOFF |
3315 | characters within the data stream. |
3316 | |
3317 | \b \q{RTS/CTS}: flow control is done using the RTS and CTS wires on |
3318 | the serial line. |
3319 | |
3320 | \b \q{DSR/DTR}: flow control is done using the DSR and DTR wires on |
3321 | the serial line. |
3322 | |
421406a4 |
3323 | \H{config-file} \ii{Storing configuration in a file} |
37c6fce1 |
3324 | |
3325 | PuTTY does not currently support storing its configuration in a file |
421406a4 |
3326 | instead of the \i{Registry}. However, you can work around this with a |
3327 | couple of \i{batch file}s. |
37c6fce1 |
3328 | |
3329 | You will need a file called (say) \c{PUTTY.BAT} which imports the |
3330 | contents of a file into the Registry, then runs PuTTY, exports the |
3331 | contents of the Registry back into the file, and deletes the |
3332 | Registry entries. This can all be done using the Regedit command |
3333 | line options, so it's all automatic. Here is what you need in |
3334 | \c{PUTTY.BAT}: |
3335 | |
3336 | \c @ECHO OFF |
3337 | \c regedit /s putty.reg |
3338 | \c regedit /s puttyrnd.reg |
3339 | \c start /w putty.exe |
35cffede |
3340 | \c regedit /ea new.reg HKEY_CURRENT_USER\Software\SimonTatham\PuTTY |
3341 | \c copy new.reg putty.reg |
3342 | \c del new.reg |
37c6fce1 |
3343 | \c regedit /s puttydel.reg |
3344 | |
3345 | This batch file needs two auxiliary files: \c{PUTTYRND.REG} which |
3346 | sets up an initial safe location for the \c{PUTTY.RND} random seed |
3347 | file, and \c{PUTTYDEL.REG} which destroys everything in the Registry |
3348 | once it's been successfully saved back to the file. |
3349 | |
3350 | Here is \c{PUTTYDEL.REG}: |
3351 | |
3352 | \c REGEDIT4 |
3353 | \c |
3354 | \c [-HKEY_CURRENT_USER\Software\SimonTatham\PuTTY] |
3355 | |
3356 | Here is an example \c{PUTTYRND.REG} file: |
3357 | |
3358 | \c REGEDIT4 |
3359 | \c |
3360 | \c [HKEY_CURRENT_USER\Software\SimonTatham\PuTTY] |
5f9857d0 |
3361 | \c "RandSeedFile"="a:\\putty.rnd" |
37c6fce1 |
3362 | |
3363 | You should replace \c{a:\\putty.rnd} with the location where you |
3364 | want to store your random number data. If the aim is to carry around |
3365 | PuTTY and its settings on one floppy, you probably want to store it |
3366 | on the floppy. |