ee46ef84 |
1 | \A{faq} PuTTY FAQ |
2 | |
3 | This FAQ is published on the PuTTY web site, and also provided as an |
4 | appendix in the manual. |
5 | |
6 | \H{faq-support} Features supported in PuTTY |
7 | |
8 | In general, if you want to know if PuTTY supports a particular |
9 | feature, you should look for it on the |
10 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/}{PuTTY web site}. |
11 | In particular: |
12 | |
13 | \b try the |
14 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html}{changes |
15 | page}, and see if you can find the feature on there. If a feature is |
16 | listed there, it's been implemented. If it's listed as a change made |
17 | \e{since} the latest version, it should be available in the |
18 | development snapshots, in which case testing will be very welcome. |
19 | |
20 | \b try the |
21 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist.html}{Wishlist |
22 | page}, and see if you can find the feature there. If it's on there, |
23 | it probably \e{hasn't} been implemented. |
24 | |
25 | \S{faq-ssh2} Does PuTTY support SSH v2? |
26 | |
27 | Yes. SSH v2 support has been available in PuTTY since version 0.50. |
28 | However, currently the \e{default} SSH protocol is v1; to select SSH |
29 | v2 if your server supports both, go to the SSH panel and change the |
30 | \e{Preferred SSH protocol version} option. |
31 | |
32 | Public key authentication (both RSA and DSA) in SSH v2 has been |
33 | added since version 0.51. |
34 | |
35 | \S{faq-ssh2-keyfmt} Does PuTTY support reading OpenSSH or |
36 | \cw{ssh.com} SSHv2 private key files? |
37 | |
38 | Not at present. OpenSSH and \cw{ssh.com} have totally different |
39 | formats for private key files, and neither one is particularly |
40 | pleasant, so PuTTY has its own. We do plan to write a converter at |
41 | some stage. |
42 | |
43 | \S{faq-ssh1} Does PuTTY support SSH v1? |
44 | |
45 | Yes. SSH 1 support has always been available in PuTTY. |
46 | |
47 | \S{faq-localecho} Does PuTTY support local echo? |
48 | |
49 | Yes. |
50 | |
51 | In version 0.51 and before, local echo cannot be separated from |
52 | local line editing (where you type a line of text locally, and it is |
53 | not sent to the server until you press Return, so you have the |
54 | chance to edit it and correct mistakes \e{before} the server sees |
55 | it). The two features can be enabled and disabled from the Terminal |
56 | panel, using the checkbox marked \q{Use local terminal line |
57 | discipline}. Note that due to a bug in those versions of PuTTY, |
58 | changing this feature in mid-session will have no effect; you have |
59 | to enable it \e{before} you open the connection. |
60 | |
61 | In later versions, local echo and local line editing are separate |
62 | options, and by default PuTTY will try to determine automatically |
63 | whether to enable them or not, based on which protocol you have |
64 | selected and also based on hints from the server. If you have a |
65 | problem with PuTTY's default choice, you can force each option to be |
66 | enabled or disabled as you choose. The controls are in the Terminal |
67 | panel, in the section marked \q{Line discipline options}. |
68 | |
69 | \S{faq-disksettings} Does PuTTY support storing its settings in a |
70 | disk file? |
71 | |
72 | Not at present, although \k{config-file} in the documentation gives |
73 | a method of achieving the same effect. |
74 | |
75 | \S{faq-fullscreen} Does PuTTY support full-screen mode, like a DOS |
76 | box? |
77 | |
78 | Not in the 0.51 release, but it has been added since then. |
79 | |
80 | \S{faq-password} Does PuTTY have the ability to remember my password |
81 | so I don't have to type it every time? |
82 | |
83 | No, it doesn't. |
84 | |
85 | Remembering your password is a bad plan for obvious security |
86 | reasons: anyone who gains access to your machine while you're away |
87 | from your desk can find out the remembered password, and use it, |
88 | abuse it or change it. |
89 | |
90 | In addition, it's not even \e{possible} for PuTTY to automatically |
91 | send your password in a Telnet session, because Telnet doesn't give |
92 | the client software any indication of which part of the login |
93 | process is the password prompt. PuTTY would have to guess, by |
94 | looking for words like \q{password} in the session data; and if your |
95 | login program is written in something other than English, this won't |
96 | work. |
97 | |
98 | In SSH, remembering your password would be possible in theory, but |
99 | there doesn't seem to be much point since SSH supports public key |
100 | authentication, which is more flexible and more secure. See |
101 | \k{pubkey} in the documentation for a full discussion of public key |
102 | authentication. |
103 | |
104 | \H{faq-ports} Ports to other operating systems |
105 | |
106 | The eventual goal is for PuTTY to be a multi-platform program, able |
107 | to run on at least Windows, MacOS and Unix. Whether this will |
108 | actually ever happen I have no idea, but it is the plan. A Mac port |
109 | has been started, but is only half-finished and currently not moving |
110 | very fast. |
111 | |
112 | Porting will become easier once PuTTY has a generalised porting |
113 | layer, drawing a clear line between platform-dependent and |
114 | platform-independent code. The general intention is for this porting |
115 | layer to evolve naturally as part of the process of doing the first |
116 | port. One particularly nasty part of this will be separating the |
117 | many configuration options into platform-dependent and |
118 | platform-independent ones; for example, the options controlling when |
119 | the Windows System menu appears will be pretty much meaningless |
120 | under X11 or perhaps other windowing systems, whereas Telnet Passive |
121 | Mode is universal and shouldn't need to be specified once for each |
122 | platform. |
123 | |
124 | \S{faq-wince} Will there be a port to Windows CE? |
125 | |
126 | Probably not in the particularly near future. Despite sharing large |
127 | parts of the Windows API, in practice WinCE doesn't appear to be |
128 | significantly easier to port to than a totally different operating |
129 | system. |
130 | |
131 | However, PuTTY on portable devices would clearly be a useful thing, |
132 | so in the long term I hope there will be a WinCE port. |
133 | |
134 | \S{faq-mac} Will there be a port to the Mac? |
135 | |
136 | A Mac port was started once and is half-finished, but development |
137 | has been static for some time and the main PuTTY code has moved on, |
138 | so it's not clear how quickly development would resume even if |
139 | developer effort were available. |
140 | |
141 | \S{faq-unix} Will there be a port to Unix? |
142 | |
143 | I hope so, if only so that I can have an \cw{xterm}-like program |
144 | that supports exactly the same terminal emulation as PuTTY. If and |
145 | when we do do a Unix port, it will have a local-terminal back end so |
146 | it can be used like an \cw{xterm}, rather than only being usable as |
147 | a network utility. |
148 | |
149 | \S{faq-epoc} Will there be a port to EPOC? |
150 | |
151 | I hope so, but given that ports aren't really progressing very fast |
152 | even on systems the developers \e{do} already know how to program |
153 | for, it might be a long time before any of us get round to learning |
154 | a new system and doing the port for that. |
155 | |
156 | \H{faq-embedding} Embedding PuTTY in other programs |
157 | |
158 | \S{faq-dll} Is the SSH or Telnet code available as a DLL? |
159 | |
160 | No, it isn't. It would take a reasonable amount of rewriting for |
161 | this to be possible, and since the PuTTY project itself doesn't |
162 | believe in DLLs (they make installation more error-prone) none of us |
163 | has taken the time to do it. |
164 | |
165 | Most of the code cleanup work would be a good thing to happen in |
166 | general, so if anyone feels like helping, we wouldn't say no. |
167 | |
168 | \S{faq-vb} Is the SSH or Telnet code available as a Visual Basic |
169 | component? |
170 | |
171 | No, it isn't. None of the PuTTY team uses Visual Basic, and none of |
172 | us has any particular need to make SSH connections from a Visual |
173 | Basic application. In addition, all the preliminary work to turn it |
174 | into a DLL would be necessary first; and furthermore, we don't even |
175 | know how to write VB components. |
176 | |
177 | If someone offers to do some of this work for us, we might consider |
178 | it, but unless that happens I can't see VB integration being |
179 | anywhere other than the very bottom of our priority list. |
180 | |
181 | \S{faq-ipc} How can I use PuTTY to make an SSH connection from |
182 | within another program? |
183 | |
184 | Probably your best bet is to use Plink, the command-line connection |
185 | tool. If you can start Plink as a second Windows process, and |
186 | arrange for your primary process to be able to send data to the |
187 | Plink process, and receive data from it, through pipes, then you |
188 | should be able to make SSH connections from your program. |
189 | |
190 | This is what CVS for Windows does, for example. |
191 | |
192 | \H{faq-details} Details of PuTTY's operation |
193 | |
194 | \S{faq-term} What terminal type does PuTTY use? |
195 | |
196 | For most purposes, PuTTY can be considered to be an \cw{xterm} |
197 | terminal, although full support for some of \cw{xterm}'s features, |
198 | such as passing mouse actions to the server-side program, is not |
199 | present in the 0.51 release (but has been added since). |
200 | |
201 | PuTTY also supports some terminal control sequences not supported by |
202 | the real \cw{xterm}: notably the Linux console sequences that |
203 | reconfigure the colour palette, and the title bar control sequences |
204 | used by \cw{DECterm} (which are different from the \cw{xterm} ones; |
205 | PuTTY supports both). |
206 | |
207 | By default, PuTTY announces its terminal type to the server as |
208 | \c{xterm}. If you have a problem with this, you can reconfigure it |
209 | to say something else; \c{vt220} might help if you have trouble. |
210 | |
211 | \S{faq-settings} Where does PuTTY store its data? |
212 | |
213 | PuTTY stores most of its data (saved sessions, SSH host keys) in the |
214 | Registry. The precise location is |
215 | |
216 | \c HKEY_CURRENT_USER\Software\SimonTatham\PuTTY |
217 | |
218 | and within that area, saved sessions are stored under \c{Sessions} |
219 | while host keys are stored under \c{SshHostKeys}. |
220 | |
221 | PuTTY also requires a random number seed file, to improve the |
222 | unpredictability of randomly chosen data needed as part of the SSH |
223 | cryptography. This is stored by default in your Windows home |
224 | directory (\c{%HOMEDRIVE%\\%HOMEPATH%}), or in the actual Windows |
225 | directory (such as \c{C:\\WINDOWS}) if the home directory doesn't |
226 | exist, for example if you're using Win95. If you want to change the |
227 | location of the random number seed file, you can put your chosen |
228 | pathname in the Registry, at |
229 | |
230 | \c HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\RandSeedFile |
231 | |
232 | \H{faq-howto} HOWTO questions |
233 | |
234 | \S{faq-startmax} How can I make PuTTY start up maximised? |
235 | |
236 | Create a Windows shortcut to start PuTTY from, and set it as \q{Run |
237 | Maximized}. |
238 | |
239 | \S{faq-startsess} How can I create a Windows shortcut to start a |
240 | particular saved session directly? |
241 | |
242 | To run a PuTTY session saved under the name \q{\cw{mysession}}, |
243 | create a Windows shortcut that invokes PuTTY with a command line |
244 | like |
245 | |
246 | \c \path\name\to\putty.exe @mysession |
247 | |
248 | \S{faq-startssh} How can I start an SSH session straight from the |
249 | command line? |
250 | |
251 | Use the command line \c{putty -ssh host.name}. Alternatively, create |
252 | a saved session that specifies the SSH protocol, and start the saved |
253 | session as shown in \k{faq-startsess}. |
254 | |
255 | \S{faq-cutpaste} How do I copy and paste between PuTTY and other |
256 | Windows applications? |
257 | |
258 | Copy and paste works similarly to the X Window System. You use the |
259 | left mouse button to select text in the PuTTY window. The act of |
260 | selection \e{automatically} copies the text to the clipboard: there |
261 | is no need to press Ctrl-Ins or Ctrl-C or anything else. In fact, |
262 | pressing Ctrl-C will send a Ctrl-C character to the other end of |
263 | your connection (just like it does the rest of the time), which may |
264 | have unpleasant effects. The \e{only} thing you need to do, to copy |
265 | text to the clipboard, is to select it. |
266 | |
267 | To paste the clipboard contents into a PuTTY window, by default you |
268 | click the right mouse button. If you have a three-button mouse and |
269 | are used to X applications, you can configure pasting to be done by |
270 | the middle button instead, but this is not the default because most |
271 | Windows users don't have a middle button at all. |
272 | |
273 | You can also paste by pressing Shift-Ins. |
274 | |
275 | \S{faq-pscp} How do I use PSCP.EXE? When I double-click it gives me |
276 | a command prompt window which then closes instantly. |
277 | |
278 | PSCP is a command-line application, not a GUI application. If you |
279 | run it without arguments, it will simply print a help message and |
280 | terminate. |
281 | |
282 | To use PSCP properly, run it from a Command Prompt window. See |
283 | \k{pscp} in the documentation for more details. |
284 | |
285 | \S{faq-pscp-spaces} How do I use PSCP to copy a file whose name has |
286 | spaces in? |
287 | |
288 | If PSCP is using the traditional SCP protocol, this is confusing. If |
289 | you're specifying a file at the local end, you just use one set of |
290 | quotes as you would normally do: |
291 | |
292 | \c pscp "local filename with spaces" user@host: |
293 | \c pscp user@host:myfile "local filename with spaces" |
294 | |
295 | But if the filename you're specifying is on the \e{remote} side, you |
296 | have to use backslashes and two sets of quotes: |
297 | |
298 | \c pscp user@host:"\"remote filename with spaces\"" local_filename |
299 | \c pscp local_filename user@host:"\"remote filename with spaces\"" |
300 | |
301 | Worse still, in a remote-to-local copy you have to specify the local |
302 | file name explicitly, otherwise PSCP will complain that they don't |
303 | match (unless you specified the \c{-unsafe} option). The following |
304 | command will give an error message: |
305 | |
306 | \c c:\>pscp user@host:"\"oo er\"" . |
e9cee352 |
307 | \c warning: remote host tried to write to a file called 'oo er' |
308 | \c when we requested a file called '"oo er"'. |
ee46ef84 |
309 | |
e9cee352 |
310 | Instead, you need to specify the local file name in full: |
311 | |
312 | \c c:\>pscp user@host:"\"oo er\"" "oo er" |
313 | |
ee46ef84 |
314 | If PSCP is using the newer SFTP protocol, none of this is a problem, |
315 | and all filenames with spaces in are specified using a single pair |
316 | of quotes in the obvious way: |
317 | |
318 | \c pscp "local file" user@host: |
319 | \c pscp user@host:"remote file" . |
320 | |
321 | \H{faq-trouble} Troubleshooting |
322 | |
323 | \S{faq-mac} Why do I see \q{Incorrect MAC received on packet}? |
324 | |
325 | This is due to a bug in old SSH 2 servers distributed by |
326 | \cw{ssh.com}. Version 2.3.0 and below of their SSH 2 server |
327 | constructs Message Authentication Codes in the wrong way, and |
328 | expects the client to construct them in the same wrong way. PuTTY |
329 | constructs the MACs correctly by default, and hence these old |
330 | servers will fail to work with it. |
331 | |
332 | If you are using PuTTY version 0.51 or below, go to the SSH panel |
333 | and check the box labelled \q{Imitate SSH 2 MAC bug}. This will |
334 | cause PuTTY to construct its MACs in the same incorrect manner as |
335 | the buggy servers, so it will be able to work with them. |
336 | |
337 | Since version 0.51, PuTTY has been enhanced to detect buggy servers |
338 | automatically (when they announce their version) and enable the |
339 | workaround without the user needing to ask. Therefore you \e{should} |
340 | never have to use this option again after 0.52, but it is still |
341 | provided just in case another buggy server shows up. |
342 | |
b7e2c163 |
343 | In this context MAC stands for Message Authentication Code. It's a |
344 | cryptographic term, and it has nothing at all to do with Ethernet |
345 | MAC (Media Access Control) addresses. |
346 | |
ee46ef84 |
347 | \S{faq-colours} I clicked on a colour in the Colours panel, and the |
348 | colour didn't change in my terminal. |
349 | |
350 | That isn't how you're supposed to use the Colours panel. |
351 | |
352 | During the course of a session, PuTTY potentially uses \e{all} the |
353 | colours listed in the Colours panel. It's not a question of using |
354 | only one of them and you choosing which one; PuTTY will use them |
355 | \e{all}. The purpose of the Colours panel is to let you adjust the |
356 | appearance of all the colours. So to change the colour of the |
357 | cursor, for example, you would select \q{Cursor Colour}, press the |
358 | \q{Modify} button, and select a new colour from the dialog box that |
359 | appeared. Similarly, if you want your session to appear in green, |
360 | you should select \q{Default Foreground} and press \q{Modify}. |
361 | Clicking on \q{ANSI Green} won't turn your session green; it will |
362 | only allow you to adjust the \e{shade} of green used when PuTTY is |
363 | instructed by the server to display green text. |
364 | |
365 | \S{faq-winsock2} Plink on Windows 95 says it can't find \cw{WS2_32.DLL}. |
366 | |
367 | Plink requires the extended Windows network library, WinSock version |
368 | 2. This is installed as standard on Windows 98 and above, and on |
369 | Windows NT, and even on later versions of Windows 95; but early |
370 | Win95 installations don't have it. |
371 | |
372 | In order to use Plink on these systems, you will need to download |
373 | the |
374 | \W{http://www.microsoft.com/windows95/downloads/contents/wuadmintools/s_wunetworkingtools/w95sockets2/}{WinSock 2 upgrade}: |
375 | |
376 | \c http://www.microsoft.com/windows95/downloads/contents/wuadmintools/ |
377 | \c s_wunetworkingtools/w95sockets2/ |
378 | |
379 | \S{faq-rekey} My PuTTY sessions close after an hour and tell me |
380 | \q{Server failed host key check}. |
381 | |
382 | This is a bug in all versions of PuTTY up to and including 0.51. SSH |
383 | v2 servers from \cw{ssh.com} will require the key exchange to be |
384 | repeated one hour after the start of the connection, and PuTTY will |
385 | get this wrong. |
386 | |
387 | The bug has been fixed since version 0.51, so upgrading to a later |
388 | version or snapshot should solve the problem. |
389 | |
e9cee352 |
390 | \S{faq-outofmem} After trying to establish an SSH 2 connection, |
391 | PuTTY says \q{Out of memory} and dies. |
ee46ef84 |
392 | |
393 | If this happens just while the connection is starting up, this often |
394 | indicates that for some reason the client and server have failed to |
395 | establish a session encryption key. Somehow, they have performed |
396 | calculations that should have given each of them the same key, but |
397 | have ended up with different keys; so data encrypted by one and |
398 | decrypted by the other looks like random garbage. |
399 | |
400 | This causes an \q{out of memory} error because the first encrypted |
401 | data PuTTY expects to see is the length of an SSH message. Normally |
402 | this will be something well under 100 bytes. If the decryption has |
403 | failed, PuTTY will see a completely random length in the region of |
404 | two \e{gigabytes}, and will try to allocate enough memory to store |
405 | this non-existent message. This will immediately lead to it thinking |
406 | it doesn't have enough memory, and panicking. |
407 | |
408 | If this happens to you, it is quite likely to still be a PuTTY bug |
409 | and you should report it (although it might be a bug in your SSH |
410 | server instead); but it doesn't necessarily mean you've actually run |
411 | out of memory. |
412 | |
413 | \S{faq-altgr} I can't type characters that require the AltGr key. |
414 | |
415 | In PuTTY version 0.51, the AltGr key was broken. The bug has been |
416 | fixed since then. |
417 | |
418 | \S{faq-idleout} My PuTTY sessions unexpectedly close after they |
419 | are idle for a while. |
420 | |
421 | Some types of firewall, and almost any router doing Network Address |
422 | Translation (NAT, also known as IP masquerading), will forget about |
423 | a connection through them if the connection does nothing for too |
424 | long. This will cause the connection to be rudely cut off when |
425 | contact is resumed. |
426 | |
427 | You can try to combat this by telling PuTTY to send \e{keepalives}: |
428 | packets of data which have no effect on the actual session, but |
429 | which reassure the router or firewall that the network connection is |
430 | still active and worth remembering about. |
431 | |
432 | Keepalives don't solve everything, unfortunately; although they |
433 | cause greater robustness against this sort of router, they can also |
434 | cause a \e{loss} of robustness against network dropouts. See |
435 | \k{config-keepalive} in the documentation for more discussion of |
436 | this. |
437 | |
438 | \S{faq-timeout} PuTTY's network connections time out too quickly |
439 | when network connectivity is temporarily lost. |
440 | |
441 | This is a Windows problem, not a PuTTY problem. The timeout value |
442 | can't be set on per application or per session basis. To increase |
443 | the TCP timeout globally, you need to tinker with the Registry. |
444 | |
445 | On Windows 95, 98 or ME, the registry key you need to change is |
446 | |
447 | \c HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\ |
448 | \c MSTCP\MaxDataRetries |
449 | |
450 | (it must be of type DWORD in Win95, or String in Win98/ME). |
451 | |
452 | On Windows NT or 2000, the registry key is |
453 | |
454 | \c HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\ |
455 | \c Parameters\TcpMaxDataRetransmissions |
456 | |
457 | and it must be of type DWORD. |
458 | |
459 | Set the key's value to something like 10. This will cause Windows to |
460 | try harder to keep connections alive instead of abandoning them. |
461 | |
462 | \S{faq-puttyputty} When I \cw{cat} a binary file, I get |
463 | `PuTTYPuTTYPuTTY' on my command line. |
464 | |
465 | Don't \cw{cat} binary files, then. |
466 | |
467 | This is designed behaviour; when PuTTY receives the character |
468 | Control-E from the remote server, it interprets it as a request to |
469 | identify itself, and so it sends back the string \q{\cw{PuTTY}} as |
470 | if that string had been entered at the keyboard. Control-E should |
471 | only be sent by programs that are prepared to deal with the |
472 | response. Writing a binary file to your terminal is likely to output |
473 | many Control-E characters, and cause this behaviour. Don't do it. |
474 | It's a bad plan. |
475 | |
476 | \S{faq-puttyputty} When I \cw{cat} a binary file, my window title |
477 | changes to a nonsense string. |
478 | |
479 | Don't \cw{cat} binary files, then. |
480 | |
481 | It is designed behaviour that PuTTY should have the ability to |
482 | adjust the window title on instructions from the server. Normally |
483 | the control sequence that does this should only be sent |
484 | deliberately, by programs that know what they are doing and intend |
485 | to put meaningful text in the window title. Writing a binary file to |
486 | your terminal runs the risk of sending the same control sequence by |
487 | accident, and cause unexpected changes in the window title. Don't do |
488 | it. |
489 | |
59c1f1f6 |
490 | \S{faq-password} My keyboard stops working once PuTTY displays the |
491 | password prompt. |
492 | |
493 | No, it doesn't. PuTTY just doesn't display the password you type, so |
494 | that someone looking at your screen can't see what it is. |
495 | |
496 | Unlike the Windows login prompts, PuTTY doesn't display the password |
497 | as a row of asterisks either. This is so that someone looking at |
498 | your screen can't even tell how \e{long} your password is, which |
499 | might be valuable information. |
500 | |
ee46ef84 |
501 | \H{faq-secure} Security questions |
502 | |
503 | \S{faq-publicpc} Is it safe for me to download PuTTY and use it on a |
504 | public PC? |
505 | |
506 | It depends on whether you trust that PC. If you don't trust the |
507 | public PC, don't use PuTTY on it, and don't use any other software |
508 | you plan to type passwords into either. It might be watching your |
509 | keystrokes, or it might tamper with the PuTTY binary you download. |
510 | There is \e{no} program safe enough that you can run it on an |
511 | actively malicious PC and get away with typing passwords into it. |
512 | |
513 | If you do trust the PC, then it's probably OK to use PuTTY on it |
514 | (but if you don't trust the network, then the PuTTY download might |
515 | be tampered with, so it would be better to carry PuTTY with you on a |
516 | floppy). |
517 | |
518 | \S{faq-cleanup} What does PuTTY leave on a system? How can I clean |
519 | up after it? |
520 | |
521 | PuTTY will leave some Registry entries, and a random seed file, on |
522 | the PC (see \k{faq-settings}). If you are using PuTTY on a public |
523 | PC, or somebody else's PC, you might want to clean these up when you |
524 | leave. You can do that automatically, by running the command |
525 | \c{putty -cleanup}. |
526 | |
527 | \S{faq-dsa} How come PuTTY now supports DSA, when the website used |
528 | to say how insecure it was? |
529 | |
530 | DSA has a major weakness \e{if badly implemented}: it relies on a |
531 | random number generator to far too great an extent. If the random |
532 | number generator produces a number an attacker can predict, the DSA |
533 | private key is exposed - meaning that the attacker can log in as you |
534 | on all systems that accept that key. |
535 | |
536 | The PuTTY policy changed because the developers were informed of |
537 | ways to implement DSA which do not suffer nearly as badly from this |
538 | weakness, and indeed which don't need to rely on random numbers at |
539 | all. For this reason we now believe PuTTY's DSA implementation is |
540 | probably OK. However, if you have the choice, we still recommend you |
541 | use RSA instead. |
542 | |
543 | \H{faq-admin} Administrative questions |
544 | |
545 | \S{faq-domain} Would you like me to register you a nicer domain name? |
546 | |
547 | No, thank you. Even if you can find one (most of them seem to have |
548 | been registered already, by people who didn't ask whether we |
549 | actually wanted it before they applied), we're happy with the PuTTY |
550 | web site being exactly where it is. It's not hard to find (just type |
551 | \q{putty} into \W{http://www.google.com/}{google.com} and we're the |
552 | first link returned), and we don't believe the administrative hassle |
553 | of moving the site would be worth the benefit. |
554 | |
555 | In addition, if we \e{did} want a custom domain name, we would want |
556 | to run it ourselves, so we knew for certain that it would continue |
557 | to point where we wanted it, and wouldn't suddenly change or do |
558 | strange things. Having it registered for us by a third party who we |
559 | don't even know is not the best way to achieve this. |
560 | |
561 | \S{faq-webhosting} Would you like free web hosting for the PuTTY web |
562 | site? |
563 | |
564 | We already have some, thanks. |
565 | |
566 | \S{faq-sourceforge} Why don't you move PuTTY to SourceForge? |
567 | |
568 | Partly, because we don't want to move the web site location (see |
569 | \k{faq-domain}). |
570 | |
571 | Also, security reasons. PuTTY is a security product, and as such it |
572 | is particularly important to guard the code and the web site against |
573 | unauthorised modifications which might introduce subtle security |
574 | flaws. Therefore, we prefer that the CVS repository, web site and |
575 | FTP site remain where they are, under the direct control of system |
576 | administrators we know and trust personally, rather than being run |
577 | by a large organisation full of people we've never met and which is |
578 | known to have had breakins in the past. |
579 | |
580 | No offence to SourceForge; I think they do a wonderful job. But |
581 | they're not ideal for everyone, and in particular they're not ideal |
582 | for us. |
583 | |
584 | \S{faq-mailinglist1} Why can't I subscribe to the putty-bugs mailing |
585 | list? |
586 | |
587 | Because you're not a member of the PuTTY core development team. The |
588 | putty-bugs mailing list is not a general newsgroup-like discussion |
589 | forum; it's a contact address for the core developers, and an |
590 | \e{internal} mailing list for us to discuss things among ourselves. |
591 | If we opened it up for everybody to subscribe to, it would turn into |
592 | something more like a newsgroup and we would be completely |
593 | overwhelmed by the volume of traffic. It's hard enough to keep up |
594 | with the list as it is. |
595 | |
596 | \S{faq-mailinglist2} If putty-bugs isn't a general-subscription |
597 | mailing list, what is? |
598 | |
599 | There isn't one, that we know of. |
600 | |
601 | If someone else wants to set up a mailing list for PuTTY users to |
602 | help each other with common problems, that would be fine with us; |
603 | but the PuTTY team would almost certainly not have the time to read |
604 | it, so any questions the list couldn't answer would have to be |
605 | forwarded on to us by the questioner. In any case, it's probably |
606 | better to use the established newsgroup \cw{comp.security.ssh} for |
607 | this purpose. |
608 | |
609 | \S{faq-donations} How can I donate to PuTTY development? |
610 | |
611 | Please, \e{please} don't feel you have to. PuTTY is completely free |
612 | software, and not shareware. We think it's very important that |
613 | \e{everybody} who wants to use PuTTY should be able to, whether they |
614 | have any money or not; so the last thing we would want is for a |
615 | PuTTY user to feel guilty because they haven't paid us any money. If |
616 | you want to keep your money, please do keep it. We wouldn't dream of |
617 | asking for any. |
618 | |
619 | Having said all that, if you still really \e{want} to give us money, |
620 | we won't argue :-) The easiest way for us to accept donations is if |
621 | you go to \W{http://www.e-gold.com}\cw{www.e-gold.com}, and deposit |
622 | your donation in account number 174769. Then send us e-mail to let |
623 | us know you've done so (otherwise we might not notice for months!). |
624 | |
625 | Small donations (tens of dollars or tens of euros) will probably be |
626 | spent on beer or curry, which helps motivate our volunteer team to |
627 | continue doing this for the world. Larger donations will be spent on |
628 | something that actually helps development, if we can find anything |
629 | (perhaps new hardware, or a copy of Windows 2000), but if we can't |
630 | find anything then we'll just distribute the money among the |
631 | developers. If you want to be sure your donation is going towards |
632 | something worthwhile, ask us first. If you don't like these terms, |
633 | feel perfectly free not to donate. We don't mind. |
634 | |
635 | \S{faq-pronounce} How do I pronounce PuTTY? |
636 | |
637 | Exactly like the normal word \q{putty}. Just like the stuff you put |
638 | on window frames. (One of the reasons it's called PuTTY is because |
639 | it makes Windows usable. :-) |