39a938f7 |
1 | \define{versionidfaq} \versionid $Id$ |
8f1529bc |
2 | |
421406a4 |
3 | \A{faq} PuTTY \i{FAQ} |
ee46ef84 |
4 | |
5 | This FAQ is published on the PuTTY web site, and also provided as an |
6 | appendix in the manual. |
7 | |
64fb6efd |
8 | \H{faq-intro} Introduction |
9 | |
9448161f |
10 | \S{faq-what}{Question} What is PuTTY? |
64fb6efd |
11 | |
12 | PuTTY is a client program for the SSH, Telnet and Rlogin network |
13 | protocols. |
14 | |
15 | These protocols are all used to run a remote session on a computer, |
16 | over a network. PuTTY implements the client end of that session: the |
17 | end at which the session is displayed, rather than the end at which |
18 | it runs. |
19 | |
20 | In really simple terms: you run PuTTY on a Windows machine, and tell |
21 | it to connect to (for example) a Unix machine. PuTTY opens a window. |
22 | Then, anything you type into that window is sent straight to the |
23 | Unix machine, and everything the Unix machine sends back is |
24 | displayed in the window. So you can work on the Unix machine as if |
25 | you were sitting at its console, while actually sitting somewhere |
26 | else. |
27 | |
ee46ef84 |
28 | \H{faq-support} Features supported in PuTTY |
29 | |
421406a4 |
30 | \I{supported features}In general, if you want to know if PuTTY supports |
31 | a particular feature, you should look for it on the |
ee46ef84 |
32 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/}{PuTTY web site}. |
33 | In particular: |
34 | |
35 | \b try the |
36 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html}{changes |
37 | page}, and see if you can find the feature on there. If a feature is |
38 | listed there, it's been implemented. If it's listed as a change made |
39 | \e{since} the latest version, it should be available in the |
40 | development snapshots, in which case testing will be very welcome. |
41 | |
42 | \b try the |
ebe9a956 |
43 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/}{Wishlist |
ee46ef84 |
44 | page}, and see if you can find the feature there. If it's on there, |
b21091fb |
45 | and not in the \q{Recently fixed} section, it probably \e{hasn't} been |
46 | implemented. |
ee46ef84 |
47 | |
2e85c969 |
48 | \S{faq-ssh2}{Question} Does PuTTY support SSH-2? |
ee46ef84 |
49 | |
2e85c969 |
50 | Yes. SSH-2 support has been available in PuTTY since version 0.50. |
ee46ef84 |
51 | |
2e85c969 |
52 | Public key authentication (both RSA and DSA) in SSH-2 is new in |
32c37ecd |
53 | version 0.52. |
ee46ef84 |
54 | |
a1d2976b |
55 | \S{faq-ssh2-keyfmt}{Question} Does PuTTY support reading OpenSSH or |
2e85c969 |
56 | \cw{ssh.com} SSH-2 private key files? |
ee46ef84 |
57 | |
5c33650c |
58 | PuTTY doesn't support this natively (see |
59 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/key-formats-natively.html}{the wishlist entry} |
60 | for reasons why not), but as of 0.53 |
a58b605b |
61 | PuTTYgen can convert both OpenSSH and \cw{ssh.com} private key |
62 | files into PuTTY's format. |
ee46ef84 |
63 | |
2e85c969 |
64 | \S{faq-ssh1}{Question} Does PuTTY support SSH-1? |
ee46ef84 |
65 | |
2e85c969 |
66 | Yes. SSH-1 support has always been available in PuTTY. |
ee46ef84 |
67 | |
421406a4 |
68 | \S{faq-localecho}{Question} Does PuTTY support \i{local echo}? |
ee46ef84 |
69 | |
32c37ecd |
70 | Yes. Version 0.52 has proper support for local echo. |
ee46ef84 |
71 | |
32c37ecd |
72 | In version 0.51 and before, local echo could not be separated from |
ee46ef84 |
73 | local line editing (where you type a line of text locally, and it is |
74 | not sent to the server until you press Return, so you have the |
75 | chance to edit it and correct mistakes \e{before} the server sees |
32c37ecd |
76 | it). New in version 0.52, local echo and local line editing are |
77 | separate options, and by default PuTTY will try to determine |
78 | automatically whether to enable them or not, based on which protocol |
79 | you have selected and also based on hints from the server. If you |
80 | have a problem with PuTTY's default choice, you can force each |
81 | option to be enabled or disabled as you choose. The controls are in |
82 | the Terminal panel, in the section marked \q{Line discipline |
83 | options}. |
ee46ef84 |
84 | |
270bd741 |
85 | \S{faq-savedsettings}{Question} Does PuTTY support storing settings, |
86 | so I don't have to change them every time? |
87 | |
88 | Yes, all of PuTTY's settings can be saved in named session profiles. |
00c1d39a |
89 | You can also change the default settings that are used for new sessions. |
270bd741 |
90 | See \k{config-saving} in the documentation for how to do this. |
91 | |
a1d2976b |
92 | \S{faq-disksettings}{Question} Does PuTTY support storing its |
70706890 |
93 | settings in a disk file? |
ee46ef84 |
94 | |
95 | Not at present, although \k{config-file} in the documentation gives |
96 | a method of achieving the same effect. |
97 | |
a1d2976b |
98 | \S{faq-fullscreen}{Question} Does PuTTY support full-screen mode, |
70706890 |
99 | like a DOS box? |
ee46ef84 |
100 | |
32c37ecd |
101 | Yes; this is a new feature in version 0.52. |
ee46ef84 |
102 | |
babac7bd |
103 | \S{faq-password-remember}{Question} Does PuTTY have the ability to |
421406a4 |
104 | \i{remember my password} so I don't have to type it every time? |
ee46ef84 |
105 | |
106 | No, it doesn't. |
107 | |
108 | Remembering your password is a bad plan for obvious security |
109 | reasons: anyone who gains access to your machine while you're away |
110 | from your desk can find out the remembered password, and use it, |
111 | abuse it or change it. |
112 | |
113 | In addition, it's not even \e{possible} for PuTTY to automatically |
114 | send your password in a Telnet session, because Telnet doesn't give |
115 | the client software any indication of which part of the login |
116 | process is the password prompt. PuTTY would have to guess, by |
117 | looking for words like \q{password} in the session data; and if your |
118 | login program is written in something other than English, this won't |
119 | work. |
120 | |
121 | In SSH, remembering your password would be possible in theory, but |
122 | there doesn't seem to be much point since SSH supports public key |
123 | authentication, which is more flexible and more secure. See |
124 | \k{pubkey} in the documentation for a full discussion of public key |
125 | authentication. |
126 | |
a1d2976b |
127 | \S{faq-hostkeys}{Question} Is there an option to turn off the |
421406a4 |
128 | \I{verifying the host key}annoying host key prompts? |
cad566a9 |
129 | |
130 | No, there isn't. And there won't be. Even if you write it yourself |
131 | and send us the patch, we won't accept it. |
132 | |
133 | Those annoying host key prompts are the \e{whole point} of SSH. |
134 | Without them, all the cryptographic technology SSH uses to secure |
135 | your session is doing nothing more than making an attacker's job |
136 | slightly harder; instead of sitting between you and the server with |
137 | a packet sniffer, the attacker must actually subvert a router and |
138 | start modifying the packets going back and forth. But that's not all |
139 | that much harder than just sniffing; and without host key checking, |
140 | it will go completely undetected by client or server. |
141 | |
142 | Host key checking is your guarantee that the encryption you put on |
143 | your data at the client end is the \e{same} encryption taken off the |
144 | data at the server end; it's your guarantee that it hasn't been |
145 | removed and replaced somewhere on the way. Host key checking makes |
146 | the attacker's job \e{astronomically} hard, compared to packet |
147 | sniffing, and even compared to subverting a router. Instead of |
148 | applying a little intelligence and keeping an eye on Bugtraq, the |
149 | attacker must now perform a brute-force attack against at least one |
150 | military-strength cipher. That insignificant host key prompt really |
151 | does make \e{that} much difference. |
152 | |
153 | If you're having a specific problem with host key checking - perhaps |
154 | you want an automated batch job to make use of PSCP or Plink, and |
155 | the interactive host key prompt is hanging the batch process - then |
156 | the right way to fix it is to add the correct host key to the |
157 | Registry in advance. That way, you retain the \e{important} feature |
158 | of host key checking: the right key will be accepted and the wrong |
159 | ones will not. Adding an option to turn host key checking off |
160 | completely is the wrong solution and we will not do it. |
161 | |
421406a4 |
162 | If you have host keys available in the common \i\c{known_hosts} format, |
2981454b |
163 | we have a script called |
1ec39db1 |
164 | \W{http://svn.tartarus.org/sgt/putty/contrib/kh2reg.py?view=markup}\c{kh2reg.py} |
2981454b |
165 | to convert them to a Windows .REG file, which can be installed ahead of |
166 | time by double-clicking or using \c{REGEDIT}. |
167 | |
a1d2976b |
168 | \S{faq-server}{Question} Will you write an SSH server for the PuTTY |
70706890 |
169 | suite, to go with the client? |
ae915483 |
170 | |
171 | No. The only reason we might want to would be if we could easily |
172 | re-use existing code and significantly cut down the effort. We don't |
173 | believe this is the case; there just isn't enough common ground |
174 | between an SSH client and server to make it worthwhile. |
175 | |
176 | If someone else wants to use bits of PuTTY in the process of writing |
177 | a Windows SSH server, they'd be perfectly welcome to of course, but |
178 | I really can't see it being a lot less effort for us to do that than |
179 | it would be for us to write a server from the ground up. We don't |
180 | have time, and we don't have motivation. The code is available if |
181 | anyone else wants to try it. |
182 | |
67325335 |
183 | \S{faq-pscp-ascii}{Question} Can PSCP or PSFTP transfer files in |
421406a4 |
184 | \i{ASCII} mode? |
67325335 |
185 | |
d2df61b3 |
186 | Unfortunately not. |
67325335 |
187 | |
d2df61b3 |
188 | Until recently, this was a limitation of the file transfer protocols: |
189 | the SCP and SFTP protocols had no notion of transferring a file in |
190 | anything other than binary mode. (This is still true of SCP.) |
191 | |
192 | The current draft protocol spec of SFTP proposes a means of |
193 | implementing ASCII transfer. At some point PSCP/PSFTP may implement |
194 | this proposal. |
67325335 |
195 | |
ee46ef84 |
196 | \H{faq-ports} Ports to other operating systems |
197 | |
198 | The eventual goal is for PuTTY to be a multi-platform program, able |
b18bcea3 |
199 | to run on at least Windows, Mac OS and Unix. |
ee46ef84 |
200 | |
201 | Porting will become easier once PuTTY has a generalised porting |
202 | layer, drawing a clear line between platform-dependent and |
59adac11 |
203 | platform-independent code. The general intention was for this |
204 | porting layer to evolve naturally as part of the process of doing |
5bcf5d50 |
205 | the first port; a Unix port has now been released and the plan |
206 | seems to be working so far. |
ee46ef84 |
207 | |
aff5267a |
208 | \S{faq-ports-general}{Question} What ports of PuTTY exist? |
209 | |
5bcf5d50 |
210 | Currently, release versions of PuTTY tools only run on full Win32 |
438015cc |
211 | systems and Unix. \q{\i{Win32}} includes versions of Windows from |
212 | Windows 95 onwards (as opposed to the 16-bit Windows 3.1; see |
213 | \k{faq-win31}), up to and including Windows 7; and we know of no |
214 | reason why PuTTY should not continue to work on future versions |
215 | of Windows. |
216 | |
217 | The Windows executables we provide are for the 32-bit \q{\i{x86}} |
218 | processor architecture, but they should work fine on 64-bit |
219 | processors that are backward-compatible with that architecture. |
220 | (We used to also provide executables for Windows for the Alpha |
221 | processor, but stopped after 0.58 due to lack of interest.) |
5bcf5d50 |
222 | |
509afd76 |
223 | In the development code, partial ports to the Mac OSes exist (see |
224 | \k{faq-mac-port}). |
aff5267a |
225 | |
438015cc |
226 | Currently PuTTY does \e{not} run on Windows CE (see \k{faq-wince}). |
aff5267a |
227 | |
59adac11 |
228 | We do not have release-quality ports for any other systems at the |
5bcf5d50 |
229 | present time. If anyone told you we had an EPOC port, or an iPaq port, |
59adac11 |
230 | or any other port of PuTTY, they were mistaken. We don't. |
231 | |
cb89ba78 |
232 | There are some third-party ports to various platforms, mentioned |
509afd76 |
233 | on the |
234 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/links.html}{Links page of our website}. |
cb89ba78 |
235 | |
421406a4 |
236 | \S{faq-unix}{Question} \I{Unix version}Is there a port to Unix? |
5bcf5d50 |
237 | |
e6c7a73a |
238 | As of 0.54, there are Unix ports of most of the traditional PuTTY |
239 | tools, and also one entirely new application. |
59adac11 |
240 | |
5bcf5d50 |
241 | If you look at the source release, you should find a \c{unix} |
509afd76 |
242 | subdirectory. There are a couple of ways of building it, |
243 | including the usual \c{configure}/\c{make}; see the file \c{README} |
244 | in the source distribution. This should build you Unix |
5bcf5d50 |
245 | ports of Plink, PuTTY itself, PuTTYgen, PSCP, PSFTP, and also |
421406a4 |
246 | \i\c{pterm} - an \cw{xterm}-type program which supports the same |
5bcf5d50 |
247 | terminal emulation as PuTTY. We do not yet have a Unix port of |
6bbb19af |
248 | Pageant. |
aff5267a |
249 | |
421406a4 |
250 | If you don't have \i{Gtk}, you should still be able to build the |
5bcf5d50 |
251 | command-line tools. |
252 | |
253 | Note that Unix PuTTY has mostly only been tested on Linux so far; |
254 | portability problems such as BSD-style ptys or different header file |
255 | requirements are expected. |
256 | |
b86e68d8 |
257 | \S{faq-unix-why}{Question} What's the point of the Unix port? Unix |
258 | has OpenSSH. |
259 | |
260 | All sorts of little things. \c{pterm} is directly useful to anyone |
261 | who prefers PuTTY's terminal emulation to \c{xterm}'s, which at |
262 | least some people do. Unix Plink has apparently found a niche among |
263 | people who find the complexity of OpenSSL makes OpenSSH hard to |
264 | install (and who don't mind Plink not having as many features). Some |
265 | users want to generate a large number of SSH keys on Unix and then |
266 | copy them all into PuTTY, and the Unix PuTTYgen should allow them to |
267 | automate that conversion process. |
268 | |
269 | There were development advantages as well; porting PuTTY to Unix was |
270 | a valuable path-finding effort for other future ports, and also |
271 | allowed us to use the excellent Linux tool |
272 | \W{http://valgrind.kde.org/}{Valgrind} to help with debugging, which |
273 | has already improved PuTTY's stability on \e{all} platforms. |
274 | |
275 | However, if you're a Unix user and you can see no reason to switch |
276 | from OpenSSH to PuTTY/Plink, then you're probably right. We don't |
277 | expect our Unix port to be the right thing for everybody. |
278 | |
70cd2027 |
279 | \S{faq-wince}{Question} Will there be a port to Windows CE or PocketPC? |
ee46ef84 |
280 | |
8f1e3be1 |
281 | We have done some work on such a port, but it only reached an early |
282 | stage, and certainly not a useful one. It's no longer being actively |
283 | worked on. |
ee46ef84 |
284 | |
8f1e3be1 |
285 | However, there's a third-party port at |
2e06dc9f |
286 | \W{http://www.pocketputty.net/}\c{http://www.pocketputty.net/}. |
22bf65b3 |
287 | |
421406a4 |
288 | \S{faq-win31}{Question} Is there a port to \i{Windows 3.1}? |
f82f00d0 |
289 | |
290 | PuTTY is a 32-bit application from the ground up, so it won't run on |
291 | Windows 3.1 as a native 16-bit program; and it would be \e{very} |
292 | hard to port it to do so, because of Windows 3.1's vile memory |
293 | allocation mechanisms. |
294 | |
295 | However, it is possible in theory to compile the existing PuTTY |
421406a4 |
296 | source in such a way that it will run under \i{Win32s} (an extension to |
f82f00d0 |
297 | Windows 3.1 to let you run 32-bit programs). In order to do this |
298 | you'll need the right kind of C compiler - modern versions of Visual |
299 | C at least have stopped being backwards compatible to Win32s. Also, |
300 | the last time we tried this it didn't work very well. |
301 | |
302 | If you're interested in running PuTTY under Windows 3.1, help and |
303 | testing in this area would be very welcome! |
304 | |
421406a4 |
305 | \S{faq-mac-port}{Question} Will there be a port to the \I{Mac OS}Mac? |
ee46ef84 |
306 | |
d6214a56 |
307 | There are several answers to this question: |
9448161f |
308 | |
d6214a56 |
309 | \b The Unix/Gtk port is already fully working under Mac OS X as an X11 |
310 | application. |
311 | |
99a2d7d4 |
312 | \b A native (Cocoa) Mac OS X port has been started. It's just about |
d6214a56 |
313 | usable, but is of nowhere near release quality yet, and is likely to |
99a2d7d4 |
314 | behave in unexpected ways. Currently it's unlikely to be completed |
315 | unless someone steps in to help. |
d6214a56 |
316 | |
317 | \b A separate port to the classic Mac OS (pre-OSX) is also in |
318 | progress; it too is not ready yet. |
ee46ef84 |
319 | |
a1d2976b |
320 | \S{faq-epoc}{Question} Will there be a port to EPOC? |
ee46ef84 |
321 | |
322 | I hope so, but given that ports aren't really progressing very fast |
323 | even on systems the developers \e{do} already know how to program |
324 | for, it might be a long time before any of us get round to learning |
325 | a new system and doing the port for that. |
326 | |
509afd76 |
327 | However, some of the work has been done by other people; see the |
328 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/links.html}{Links page of our website} |
329 | for various third-party ports. |
330 | |
331 | \S{faq-iphone}{Question} Will there be a port to the iPhone? |
332 | |
333 | We have no plans to write such a port ourselves; none of us has an |
334 | iPhone, and developing and publishing applications for it looks |
335 | awkward and expensive. Such a port would probably depend upon the |
336 | stalled Mac OS X port (see \k{faq-mac-port}). |
337 | |
338 | However, there is a third-party SSH client for the iPhone and |
339 | iPod\_Touch called \W{http://www.instantcocoa.com/products/pTerm/}{pTerm}, |
340 | which is apparently based on PuTTY. (This is nothing to do with our |
341 | similarly-named \c{pterm}, which is a standalone terminal emulator for |
342 | Unix systems; see \k{faq-unix}.) |
4f2fd423 |
343 | |
ee46ef84 |
344 | \H{faq-embedding} Embedding PuTTY in other programs |
345 | |
a1d2976b |
346 | \S{faq-dll}{Question} Is the SSH or Telnet code available as a DLL? |
ee46ef84 |
347 | |
348 | No, it isn't. It would take a reasonable amount of rewriting for |
349 | this to be possible, and since the PuTTY project itself doesn't |
350 | believe in DLLs (they make installation more error-prone) none of us |
351 | has taken the time to do it. |
352 | |
353 | Most of the code cleanup work would be a good thing to happen in |
354 | general, so if anyone feels like helping, we wouldn't say no. |
355 | |
cf46d5fb |
356 | See also |
357 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/dll-frontend.html}{the wishlist entry}. |
358 | |
a1d2976b |
359 | \S{faq-vb}{Question} Is the SSH or Telnet code available as a Visual |
70706890 |
360 | Basic component? |
ee46ef84 |
361 | |
362 | No, it isn't. None of the PuTTY team uses Visual Basic, and none of |
363 | us has any particular need to make SSH connections from a Visual |
364 | Basic application. In addition, all the preliminary work to turn it |
365 | into a DLL would be necessary first; and furthermore, we don't even |
366 | know how to write VB components. |
367 | |
368 | If someone offers to do some of this work for us, we might consider |
369 | it, but unless that happens I can't see VB integration being |
370 | anywhere other than the very bottom of our priority list. |
371 | |
a1d2976b |
372 | \S{faq-ipc}{Question} How can I use PuTTY to make an SSH connection |
70706890 |
373 | from within another program? |
ee46ef84 |
374 | |
375 | Probably your best bet is to use Plink, the command-line connection |
376 | tool. If you can start Plink as a second Windows process, and |
377 | arrange for your primary process to be able to send data to the |
378 | Plink process, and receive data from it, through pipes, then you |
379 | should be able to make SSH connections from your program. |
380 | |
381 | This is what CVS for Windows does, for example. |
382 | |
383 | \H{faq-details} Details of PuTTY's operation |
384 | |
421406a4 |
385 | \S{faq-term}{Question} What \i{terminal type} does PuTTY use? |
ee46ef84 |
386 | |
387 | For most purposes, PuTTY can be considered to be an \cw{xterm} |
32c37ecd |
388 | terminal. |
ee46ef84 |
389 | |
421406a4 |
390 | PuTTY also supports some terminal \i{control sequences} not supported by |
ee46ef84 |
391 | the real \cw{xterm}: notably the Linux console sequences that |
392 | reconfigure the colour palette, and the title bar control sequences |
421406a4 |
393 | used by \i\cw{DECterm} (which are different from the \cw{xterm} ones; |
ee46ef84 |
394 | PuTTY supports both). |
395 | |
396 | By default, PuTTY announces its terminal type to the server as |
397 | \c{xterm}. If you have a problem with this, you can reconfigure it |
398 | to say something else; \c{vt220} might help if you have trouble. |
399 | |
a1d2976b |
400 | \S{faq-settings}{Question} Where does PuTTY store its data? |
ee46ef84 |
401 | |
4c53784e |
402 | On Windows, PuTTY stores most of its data (saved sessions, SSH host |
421406a4 |
403 | keys) in the \i{Registry}. The precise location is |
ee46ef84 |
404 | |
405 | \c HKEY_CURRENT_USER\Software\SimonTatham\PuTTY |
406 | |
407 | and within that area, saved sessions are stored under \c{Sessions} |
408 | while host keys are stored under \c{SshHostKeys}. |
409 | |
410 | PuTTY also requires a random number seed file, to improve the |
411 | unpredictability of randomly chosen data needed as part of the SSH |
a628e2a9 |
412 | cryptography. This is stored by default in a file called \i\c{PUTTY.RND}; |
413 | this is stored by default in the \q{Application Data} directory, |
414 | or failing that, one of a number of fallback locations. If you |
c8f5c5c8 |
415 | want to change the location of the random number seed file, you can |
416 | put your chosen pathname in the Registry, at |
ee46ef84 |
417 | |
418 | \c HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\RandSeedFile |
419 | |
c85de2c1 |
420 | You can ask PuTTY to delete all this data; see \k{faq-cleanup}. |
421 | |
4c53784e |
422 | On Unix, PuTTY stores all of this data in a directory \cw{~/.putty}. |
423 | |
ee46ef84 |
424 | \H{faq-howto} HOWTO questions |
425 | |
aecc2016 |
426 | \S{faq-login}{Question} What login name / password should I use? |
427 | |
428 | This is not a question you should be asking \e{us}. |
429 | |
430 | PuTTY is a communications tool, for making connections to other |
431 | computers. We maintain the tool; we \e{don't} administer any computers |
432 | that you're likely to be able to use, in the same way that the people |
433 | who make web browsers aren't responsible for most of the content you can |
434 | view in them. \#{FIXME: less technical analogy?} We cannot help with |
435 | questions of this sort. |
436 | |
437 | If you know the name of the computer you want to connect to, but don't |
438 | know what login name or password to use, you should talk to whoever |
439 | administers that computer. If you don't know who that is, see the next |
440 | question for some possible ways to find out. |
441 | |
442 | \# FIXME: some people ask us to provide them with a login name |
443 | apparently as random members of the public rather than in the |
444 | belief that we run a server belonging to an organisation they already |
445 | have some relationship with. Not sure what to say to such people. |
446 | |
421406a4 |
447 | \S{faq-commands}{Question} \I{commands on the server}What commands |
448 | can I type into my PuTTY terminal window? |
fe3d1229 |
449 | |
aecc2016 |
450 | Again, this is not a question you should be asking \e{us}. You need |
451 | to read the manuals, or ask the administrator, of \e{the computer |
452 | you have connected to}. |
fe3d1229 |
453 | |
454 | PuTTY does not process the commands you type into it. It's only a |
455 | communications tool. It makes a connection to another computer; it |
456 | passes the commands you type to that other computer; and it passes |
457 | the other computer's responses back to you. Therefore, the precise |
458 | range of commands you can use will not depend on PuTTY, but on what |
459 | kind of computer you have connected to and what software is running |
460 | on it. The PuTTY team cannot help you with that. |
461 | |
462 | (Think of PuTTY as being a bit like a telephone. If you phone |
463 | somebody up and you don't know what language to speak to make them |
464 | understand you, it isn't \e{the telephone company}'s job to find |
465 | that out for you. We just provide the means for you to get in touch; |
466 | making yourself understood is somebody else's problem.) |
467 | |
468 | If you are unsure of where to start looking for the administrator of |
469 | your server, a good place to start might be to remember how you |
470 | found out the host name in the PuTTY configuration. If you were |
471 | given that host name by e-mail, for example, you could try asking |
472 | the person who sent you that e-mail. If your company's IT department |
473 | provided you with ready-made PuTTY saved sessions, then that IT |
474 | department can probably also tell you something about what commands |
475 | you can type during those sessions. But the PuTTY maintainer team |
476 | does not administer any server you are likely to be connecting to, |
477 | and cannot help you with questions of this type. |
478 | |
421406a4 |
479 | \S{faq-startmax}{Question} How can I make PuTTY start up \i{maximise}d? |
ee46ef84 |
480 | |
481 | Create a Windows shortcut to start PuTTY from, and set it as \q{Run |
482 | Maximized}. |
483 | |
421406a4 |
484 | \S{faq-startsess}{Question} How can I create a \i{Windows shortcut} to |
70706890 |
485 | start a particular saved session directly? |
ee46ef84 |
486 | |
487 | To run a PuTTY session saved under the name \q{\cw{mysession}}, |
488 | create a Windows shortcut that invokes PuTTY with a command line |
489 | like |
490 | |
80969352 |
491 | \c \path\name\to\putty.exe -load "mysession" |
a58b605b |
492 | |
493 | (Note: prior to 0.53, the syntax was \c{@session}. This is now |
494 | deprecated and may be removed at some point.) |
ee46ef84 |
495 | |
a1d2976b |
496 | \S{faq-startssh}{Question} How can I start an SSH session straight |
70706890 |
497 | from the command line? |
ee46ef84 |
498 | |
499 | Use the command line \c{putty -ssh host.name}. Alternatively, create |
500 | a saved session that specifies the SSH protocol, and start the saved |
501 | session as shown in \k{faq-startsess}. |
502 | |
421406a4 |
503 | \S{faq-cutpaste}{Question} How do I \i{copy and paste} between PuTTY and |
70706890 |
504 | other Windows applications? |
ee46ef84 |
505 | |
506 | Copy and paste works similarly to the X Window System. You use the |
507 | left mouse button to select text in the PuTTY window. The act of |
508 | selection \e{automatically} copies the text to the clipboard: there |
509 | is no need to press Ctrl-Ins or Ctrl-C or anything else. In fact, |
510 | pressing Ctrl-C will send a Ctrl-C character to the other end of |
511 | your connection (just like it does the rest of the time), which may |
512 | have unpleasant effects. The \e{only} thing you need to do, to copy |
513 | text to the clipboard, is to select it. |
514 | |
515 | To paste the clipboard contents into a PuTTY window, by default you |
516 | click the right mouse button. If you have a three-button mouse and |
517 | are used to X applications, you can configure pasting to be done by |
518 | the middle button instead, but this is not the default because most |
519 | Windows users don't have a middle button at all. |
520 | |
521 | You can also paste by pressing Shift-Ins. |
522 | |
a1d2976b |
523 | \S{faq-options}{Question} How do I use all PuTTY's features (public |
a58b605b |
524 | keys, proxying, cipher selection, etc.) in PSCP, PSFTP and Plink? |
525 | |
526 | Most major features (e.g., public keys, port forwarding) are available |
527 | through command line options. See the documentation. |
72be5b5e |
528 | |
a58b605b |
529 | Not all features are accessible from the command line yet, although |
530 | we'd like to fix this. In the meantime, you can use most of |
72be5b5e |
531 | PuTTY's features if you create a PuTTY saved session, and then use |
532 | the name of the saved session on the command line in place of a |
533 | hostname. This works for PSCP, PSFTP and Plink (but don't expect |
534 | port forwarding in the file transfer applications!). |
f2003e32 |
535 | |
a1d2976b |
536 | \S{faq-pscp}{Question} How do I use PSCP.EXE? When I double-click it |
70706890 |
537 | gives me a command prompt window which then closes instantly. |
ee46ef84 |
538 | |
539 | PSCP is a command-line application, not a GUI application. If you |
540 | run it without arguments, it will simply print a help message and |
541 | terminate. |
542 | |
543 | To use PSCP properly, run it from a Command Prompt window. See |
544 | \k{pscp} in the documentation for more details. |
545 | |
421406a4 |
546 | \S{faq-pscp-spaces}{Question} \I{spaces in filenames}How do I use |
547 | PSCP to copy a file whose name has spaces in? |
ee46ef84 |
548 | |
549 | If PSCP is using the traditional SCP protocol, this is confusing. If |
550 | you're specifying a file at the local end, you just use one set of |
551 | quotes as you would normally do: |
552 | |
553 | \c pscp "local filename with spaces" user@host: |
554 | \c pscp user@host:myfile "local filename with spaces" |
555 | |
556 | But if the filename you're specifying is on the \e{remote} side, you |
557 | have to use backslashes and two sets of quotes: |
558 | |
559 | \c pscp user@host:"\"remote filename with spaces\"" local_filename |
560 | \c pscp local_filename user@host:"\"remote filename with spaces\"" |
561 | |
562 | Worse still, in a remote-to-local copy you have to specify the local |
563 | file name explicitly, otherwise PSCP will complain that they don't |
564 | match (unless you specified the \c{-unsafe} option). The following |
565 | command will give an error message: |
566 | |
567 | \c c:\>pscp user@host:"\"oo er\"" . |
e9cee352 |
568 | \c warning: remote host tried to write to a file called 'oo er' |
569 | \c when we requested a file called '"oo er"'. |
ee46ef84 |
570 | |
e9cee352 |
571 | Instead, you need to specify the local file name in full: |
572 | |
573 | \c c:\>pscp user@host:"\"oo er\"" "oo er" |
574 | |
ee46ef84 |
575 | If PSCP is using the newer SFTP protocol, none of this is a problem, |
576 | and all filenames with spaces in are specified using a single pair |
577 | of quotes in the obvious way: |
578 | |
579 | \c pscp "local file" user@host: |
580 | \c pscp user@host:"remote file" . |
581 | |
582 | \H{faq-trouble} Troubleshooting |
583 | |
babac7bd |
584 | \S{faq-incorrect-mac}{Question} Why do I see \q{Incorrect MAC |
585 | received on packet}? |
ee46ef84 |
586 | |
f348999d |
587 | One possible cause of this that used to be common is a bug in old |
2e85c969 |
588 | SSH-2 servers distributed by \cw{ssh.com}. (This is not the only |
f348999d |
589 | possible cause; see \k{errors-crc} in the documentation.) |
2e85c969 |
590 | Version 2.3.0 and below of their SSH-2 server |
ee46ef84 |
591 | constructs Message Authentication Codes in the wrong way, and |
592 | expects the client to construct them in the same wrong way. PuTTY |
593 | constructs the MACs correctly by default, and hence these old |
594 | servers will fail to work with it. |
595 | |
32c37ecd |
596 | If you are using PuTTY version 0.52 or better, this should work |
597 | automatically: PuTTY should detect the buggy servers from their |
598 | version number announcement, and automatically start to construct |
599 | its MACs in the same incorrect manner as they do, so it will be able |
600 | to work with them. |
ee46ef84 |
601 | |
32c37ecd |
602 | If you are using PuTTY version 0.51 or below, you can enable the |
603 | workaround by going to the SSH panel and ticking the box labelled |
e4c398b4 |
604 | \q{Imitate SSH2 MAC bug}. It's possible that you might have to do |
32c37ecd |
605 | this with 0.52 as well, if a buggy server exists that PuTTY doesn't |
606 | know about. |
ee46ef84 |
607 | |
421406a4 |
608 | In this context MAC stands for \ii{Message Authentication Code}. It's a |
b7e2c163 |
609 | cryptographic term, and it has nothing at all to do with Ethernet |
610 | MAC (Media Access Control) addresses. |
611 | |
67325335 |
612 | \S{faq-pscp-protocol}{Question} Why do I see \q{Fatal: Protocol |
613 | error: Expected control record} in PSCP? |
614 | |
615 | This happens because PSCP was expecting to see data from the server |
616 | that was part of the PSCP protocol exchange, and instead it saw data |
617 | that it couldn't make any sense of at all. |
618 | |
421406a4 |
619 | This almost always happens because the \i{startup scripts} in your |
67325335 |
620 | account on the server machine are generating output. This is |
621 | impossible for PSCP, or any other SCP client, to work around. You |
622 | should never use startup files (\c{.bashrc}, \c{.cshrc} and so on) |
623 | which generate output in non-interactive sessions. |
624 | |
625 | This is not actually a PuTTY problem. If PSCP fails in this way, |
626 | then all other SCP clients are likely to fail in exactly the same |
627 | way. The problem is at the server end. |
628 | |
421406a4 |
629 | \S{faq-colours}{Question} I clicked on a colour in the \ii{Colours} |
70706890 |
630 | panel, and the colour didn't change in my terminal. |
ee46ef84 |
631 | |
632 | That isn't how you're supposed to use the Colours panel. |
633 | |
634 | During the course of a session, PuTTY potentially uses \e{all} the |
635 | colours listed in the Colours panel. It's not a question of using |
636 | only one of them and you choosing which one; PuTTY will use them |
637 | \e{all}. The purpose of the Colours panel is to let you adjust the |
638 | appearance of all the colours. So to change the colour of the |
639 | cursor, for example, you would select \q{Cursor Colour}, press the |
640 | \q{Modify} button, and select a new colour from the dialog box that |
641 | appeared. Similarly, if you want your session to appear in green, |
642 | you should select \q{Default Foreground} and press \q{Modify}. |
643 | Clicking on \q{ANSI Green} won't turn your session green; it will |
644 | only allow you to adjust the \e{shade} of green used when PuTTY is |
645 | instructed by the server to display green text. |
646 | |
421406a4 |
647 | \S{faq-winsock2}{Question} Plink on \i{Windows 95} says it can't find |
648 | \i\cw{WS2_32.DLL}. |
ee46ef84 |
649 | |
650 | Plink requires the extended Windows network library, WinSock version |
651 | 2. This is installed as standard on Windows 98 and above, and on |
652 | Windows NT, and even on later versions of Windows 95; but early |
653 | Win95 installations don't have it. |
654 | |
655 | In order to use Plink on these systems, you will need to download |
656 | the |
657 | \W{http://www.microsoft.com/windows95/downloads/contents/wuadmintools/s_wunetworkingtools/w95sockets2/}{WinSock 2 upgrade}: |
658 | |
35cffede |
659 | \c http://www.microsoft.com/windows95/downloads/contents/ |
660 | \c wuadmintools/s_wunetworkingtools/w95sockets2/ |
ee46ef84 |
661 | |
2e85c969 |
662 | \S{faq-outofmem}{Question} After trying to establish an SSH-2 |
421406a4 |
663 | connection, PuTTY says \q{\ii{Out of memory}} and dies. |
ee46ef84 |
664 | |
665 | If this happens just while the connection is starting up, this often |
666 | indicates that for some reason the client and server have failed to |
667 | establish a session encryption key. Somehow, they have performed |
668 | calculations that should have given each of them the same key, but |
669 | have ended up with different keys; so data encrypted by one and |
670 | decrypted by the other looks like random garbage. |
671 | |
672 | This causes an \q{out of memory} error because the first encrypted |
673 | data PuTTY expects to see is the length of an SSH message. Normally |
674 | this will be something well under 100 bytes. If the decryption has |
675 | failed, PuTTY will see a completely random length in the region of |
676 | two \e{gigabytes}, and will try to allocate enough memory to store |
677 | this non-existent message. This will immediately lead to it thinking |
678 | it doesn't have enough memory, and panicking. |
679 | |
680 | If this happens to you, it is quite likely to still be a PuTTY bug |
681 | and you should report it (although it might be a bug in your SSH |
682 | server instead); but it doesn't necessarily mean you've actually run |
683 | out of memory. |
684 | |
9accb45d |
685 | \S{faq-outofmem2}{Question} When attempting a file transfer, either |
421406a4 |
686 | PSCP or PSFTP says \q{\ii{Out of memory}} and dies. |
9accb45d |
687 | |
421406a4 |
688 | This is almost always caused by your \i{login scripts} on the server |
9accb45d |
689 | generating output. PSCP or PSFTP will receive that output when they |
690 | were expecting to see the start of a file transfer protocol, and |
691 | they will attempt to interpret the output as file-transfer protocol. |
692 | This will usually lead to an \q{out of memory} error for much the |
693 | same reasons as given in \k{faq-outofmem}. |
694 | |
695 | This is a setup problem in your account on your server, \e{not} a |
696 | PSCP/PSFTP bug. Your login scripts should \e{never} generate output |
697 | during non-interactive sessions; secure file transfer is not the |
698 | only form of remote access that will break if they do. |
699 | |
700 | On Unix, a simple fix is to ensure that all the parts of your login |
701 | script that might generate output are in \c{.profile} (if you use a |
702 | Bourne shell derivative) or \c{.login} (if you use a C shell). |
703 | Putting them in more general files such as \c{.bashrc} or \c{.cshrc} |
704 | is liable to lead to problems. |
705 | |
7b24f677 |
706 | \S{faq-psftp-slow}{Question} PSFTP transfers files much slower than PSCP. |
9accb45d |
707 | |
b7280cfe |
708 | The throughput of PSFTP 0.54 should be much better than 0.53b and |
709 | prior; we've added code to the SFTP backend to queue several blocks |
710 | of data rather than waiting for an acknowledgement for each. (The |
711 | SCP backend did not suffer from this performance issue because SCP |
712 | is a much simpler protocol.) |
9accb45d |
713 | |
a1d2976b |
714 | \S{faq-bce}{Question} When I run full-colour applications, I see |
948c614b |
715 | areas of black space where colour ought to be, or vice versa. |
f1453e5c |
716 | |
421406a4 |
717 | You almost certainly need to change the \q{Use \i{background colour} to |
948c614b |
718 | erase screen} setting in the Terminal panel. If there is too much |
719 | black space (the commoner situation), you should enable it, while if |
720 | there is too much colour, you should disable it. (See \k{config-erase}.) |
721 | |
722 | In old versions of PuTTY, this was disabled by default, and would not |
723 | take effect until you reset the terminal (see \k{faq-resetterm}). |
724 | Since 0.54, it is enabled by default, and changes take effect |
725 | immediately. |
f1453e5c |
726 | |
a1d2976b |
727 | \S{faq-resetterm}{Question} When I change some terminal settings, |
70706890 |
728 | nothing happens. |
f1453e5c |
729 | |
421406a4 |
730 | Some of the terminal options (notably \ii{Auto Wrap} and |
f1453e5c |
731 | background-colour screen erase) actually represent the \e{default} |
732 | setting, rather than the currently active setting. The server can |
733 | send sequences that modify these options in mid-session, but when |
734 | the terminal is reset (by server action, or by you choosing \q{Reset |
735 | Terminal} from the System menu) the defaults are restored. |
736 | |
5bcf5d50 |
737 | In versions 0.53b and prior, if you change one of these options in |
738 | the middle of a session, you will find that the change does not |
739 | immediately take effect. It will only take effect once you reset |
740 | the terminal. |
741 | |
e6c7a73a |
742 | In version 0.54, the behaviour has changed - changes to these |
743 | settings take effect immediately. |
f1453e5c |
744 | |
a1d2976b |
745 | \S{faq-idleout}{Question} My PuTTY sessions unexpectedly close after |
421406a4 |
746 | they are \I{idle connections}idle for a while. |
ee46ef84 |
747 | |
421406a4 |
748 | Some types of \i{firewall}, and almost any router doing Network Address |
749 | Translation (\i{NAT}, also known as IP masquerading), will forget about |
ee46ef84 |
750 | a connection through them if the connection does nothing for too |
751 | long. This will cause the connection to be rudely cut off when |
752 | contact is resumed. |
753 | |
754 | You can try to combat this by telling PuTTY to send \e{keepalives}: |
755 | packets of data which have no effect on the actual session, but |
756 | which reassure the router or firewall that the network connection is |
757 | still active and worth remembering about. |
758 | |
759 | Keepalives don't solve everything, unfortunately; although they |
760 | cause greater robustness against this sort of router, they can also |
761 | cause a \e{loss} of robustness against network dropouts. See |
762 | \k{config-keepalive} in the documentation for more discussion of |
763 | this. |
764 | |
a1d2976b |
765 | \S{faq-timeout}{Question} PuTTY's network connections time out too |
421406a4 |
766 | quickly when \I{breaks in connectivity}network connectivity is |
767 | temporarily lost. |
ee46ef84 |
768 | |
769 | This is a Windows problem, not a PuTTY problem. The timeout value |
770 | can't be set on per application or per session basis. To increase |
771 | the TCP timeout globally, you need to tinker with the Registry. |
772 | |
8ac4ce9f |
773 | On Windows 95, 98 or ME, the registry key you need to create or |
774 | change is |
ee46ef84 |
775 | |
776 | \c HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\ |
777 | \c MSTCP\MaxDataRetries |
778 | |
779 | (it must be of type DWORD in Win95, or String in Win98/ME). |
8ac4ce9f |
780 | (See MS Knowledge Base article |
781 | \W{http://support.microsoft.com/default.aspx?scid=kb;en-us;158474}{158474} |
782 | for more information.) |
ee46ef84 |
783 | |
8e5037f6 |
784 | On Windows NT, 2000, or XP, the registry key to create or change is |
ee46ef84 |
785 | |
786 | \c HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\ |
787 | \c Parameters\TcpMaxDataRetransmissions |
788 | |
789 | and it must be of type DWORD. |
8e5037f6 |
790 | (See MS Knowledge Base articles |
8ac4ce9f |
791 | \W{http://support.microsoft.com/default.aspx?scid=kb;en-us;120642}{120642} |
8e5037f6 |
792 | and |
793 | \W{http://support.microsoft.com/default.aspx?scid=kb;en-us;314053}{314053} |
8ac4ce9f |
794 | for more information.) |
ee46ef84 |
795 | |
796 | Set the key's value to something like 10. This will cause Windows to |
797 | try harder to keep connections alive instead of abandoning them. |
798 | |
a1d2976b |
799 | \S{faq-puttyputty}{Question} When I \cw{cat} a binary file, I get |
b03dda39 |
800 | \q{PuTTYPuTTYPuTTY} on my command line. |
ee46ef84 |
801 | |
a5a6cb30 |
802 | Don't do that, then. |
ee46ef84 |
803 | |
804 | This is designed behaviour; when PuTTY receives the character |
805 | Control-E from the remote server, it interprets it as a request to |
806 | identify itself, and so it sends back the string \q{\cw{PuTTY}} as |
807 | if that string had been entered at the keyboard. Control-E should |
808 | only be sent by programs that are prepared to deal with the |
809 | response. Writing a binary file to your terminal is likely to output |
810 | many Control-E characters, and cause this behaviour. Don't do it. |
811 | It's a bad plan. |
812 | |
a5a6cb30 |
813 | To mitigate the effects, you could configure the answerback string |
814 | to be empty (see \k{config-answerback}); but writing binary files to |
815 | your terminal is likely to cause various other unpleasant behaviour, |
816 | so this is only a small remedy. |
817 | |
421406a4 |
818 | \S{faq-wintitle}{Question} When I \cw{cat} a binary file, my \i{window |
819 | title} changes to a nonsense string. |
ee46ef84 |
820 | |
a5a6cb30 |
821 | Don't do that, then. |
ee46ef84 |
822 | |
823 | It is designed behaviour that PuTTY should have the ability to |
824 | adjust the window title on instructions from the server. Normally |
825 | the control sequence that does this should only be sent |
826 | deliberately, by programs that know what they are doing and intend |
827 | to put meaningful text in the window title. Writing a binary file to |
828 | your terminal runs the risk of sending the same control sequence by |
829 | accident, and cause unexpected changes in the window title. Don't do |
830 | it. |
831 | |
e81024f9 |
832 | \S{faq-password-fails}{Question} My \i{keyboard} stops working once |
833 | PuTTY displays the \i{password prompt}. |
59c1f1f6 |
834 | |
835 | No, it doesn't. PuTTY just doesn't display the password you type, so |
836 | that someone looking at your screen can't see what it is. |
837 | |
838 | Unlike the Windows login prompts, PuTTY doesn't display the password |
839 | as a row of asterisks either. This is so that someone looking at |
840 | your screen can't even tell how \e{long} your password is, which |
841 | might be valuable information. |
842 | |
e81024f9 |
843 | \S{faq-keyboard}{Question} One or more \I{keyboard}\i{function keys} |
844 | don't do what I expected in a server-side application. |
b5bee048 |
845 | |
846 | If you've already tried all the relevant options in the PuTTY |
847 | Keyboard panel, you may need to mail the PuTTY maintainers and ask. |
848 | |
849 | It is \e{not} usually helpful just to tell us which application, |
850 | which server operating system, and which key isn't working; in order |
851 | to replicate the problem we would need to have a copy of every |
852 | operating system, and every application, that anyone has ever |
853 | complained about. |
854 | |
855 | PuTTY responds to function key presses by sending a sequence of |
856 | control characters to the server. If a function key isn't doing what |
857 | you expect, it's likely that the character sequence your application |
858 | is expecting to receive is not the same as the one PuTTY is sending. |
859 | Therefore what we really need to know is \e{what} sequence the |
860 | application is expecting. |
861 | |
862 | The simplest way to investigate this is to find some other terminal |
863 | environment, in which that function key \e{does} work; and then |
864 | investigate what sequence the function key is sending in that |
e81024f9 |
865 | situation. One reasonably easy way to do this on a \i{Unix} system is to |
866 | type the command \i\c{cat}, and then press the function key. This is |
b5bee048 |
867 | likely to produce output of the form \c{^[[11~}. You can also do |
868 | this in PuTTY, to find out what sequence the function key is |
869 | producing in that. Then you can mail the PuTTY maintainers and tell |
870 | us \q{I wanted the F1 key to send \c{^[[11~}, but instead it's |
871 | sending \c{^[OP}, can this be done?}, or something similar. |
872 | |
873 | You should still read the |
874 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/feedback.html}{Feedback |
875 | page} on the PuTTY website (also provided as \k{feedback} in the |
876 | manual), and follow the guidelines contained in that. |
877 | |
941d39e2 |
878 | \S{faq-openssh-bad-openssl}{Question} Since my SSH server was upgraded |
421406a4 |
879 | to \i{OpenSSH} 3.1p1/3.4p1, I can no longer connect with PuTTY. |
1d2a9c9c |
880 | |
881 | There is a known problem when OpenSSH has been built against an |
882 | incorrect version of OpenSSL; the quick workaround is to configure |
883 | PuTTY to use SSH protocol 2 and the Blowfish cipher. |
884 | |
941d39e2 |
885 | For more details and OpenSSH patches, see |
886 | \W{http://bugzilla.mindrot.org/show_bug.cgi?id=138}{bug 138} in the |
887 | OpenSSH BTS. |
888 | |
1d2a9c9c |
889 | This is not a PuTTY-specific problem; if you try to connect with |
941d39e2 |
890 | another client you'll likely have similar problems. (Although PuTTY's |
891 | default cipher differs from many other clients.) |
1d2a9c9c |
892 | |
941d39e2 |
893 | \e{OpenSSH 3.1p1:} configurations known to be broken (and symptoms): |
1d2a9c9c |
894 | |
3a115fdd |
895 | \b SSH-2 with AES cipher (PuTTY says \q{Assertion failed! Expression: |
896 | (len & 15) == 0} in \cw{sshaes.c}, or \q{Out of memory}, or crashes) |
1d2a9c9c |
897 | |
3a115fdd |
898 | \b SSH-2 with 3DES (PuTTY says \q{Incorrect MAC received on packet}) |
9712b085 |
899 | |
3a115fdd |
900 | \b SSH-1 with Blowfish (PuTTY says \q{Incorrect CRC received on |
901 | packet}) |
1d2a9c9c |
902 | |
2e85c969 |
903 | \b SSH-1 with 3DES |
1d2a9c9c |
904 | |
2e85c969 |
905 | \e{OpenSSH 3.4p1:} as of 3.4p1, only the problem with SSH-1 and |
941d39e2 |
906 | Blowfish remains. Rebuild your server, apply the patch linked to from |
907 | bug 138 above, or use another cipher (e.g., 3DES) instead. |
59f76022 |
908 | |
46ccbe20 |
909 | \e{Other versions:} we occasionally get reports of the same symptom |
910 | and workarounds with older versions of OpenSSH, although it's not |
911 | clear the underlying cause is the same. |
912 | |
3a115fdd |
913 | \S{faq-ssh2key-ssh1conn}{Question} Why do I see \q{Couldn't load |
914 | private key from ...}? Why can PuTTYgen load my key but not PuTTY? |
1bb76745 |
915 | |
916 | It's likely that you've generated an SSH protocol 2 key with PuTTYgen, |
2e85c969 |
917 | but you're trying to use it in an SSH-1 connection. SSH-1 and SSH-2 keys |
1bb76745 |
918 | have different formats, and (at least in 0.52) PuTTY's reporting of a |
919 | key in the wrong format isn't optimal. |
920 | |
2e85c969 |
921 | To connect using SSH-2 to a server that supports both versions, you |
1bb76745 |
922 | need to change the configuration from the default (see \k{faq-ssh2}). |
923 | |
421406a4 |
924 | \S{faq-rh8-utf8}{Question} When I'm connected to a \i{Red Hat Linux} 8.0 |
2c4b913d |
925 | system, some characters don't display properly. |
926 | |
927 | A common complaint is that hyphens in man pages show up as a-acute. |
928 | |
421406a4 |
929 | With release 8.0, Red Hat appear to have made \i{UTF-8} the default |
2c4b913d |
930 | character set. There appears to be no way for terminal emulators such |
931 | as PuTTY to know this (as far as we know, the appropriate escape |
932 | sequence to switch into UTF-8 mode isn't sent). |
933 | |
934 | A fix is to configure sessions to RH8 systems to use UTF-8 |
935 | translation - see \k{config-charset} in the documentation. (Note that |
936 | if you use \q{Change Settings}, changes may not take place immediately |
937 | - see \k{faq-resetterm}.) |
938 | |
939 | If you really want to change the character set used by the server, the |
940 | right place is \c{/etc/sysconfig/i18n}, but this shouldn't be |
941 | necessary. |
942 | |
b86e68d8 |
943 | \S{faq-screen}{Question} Since I upgraded to PuTTY 0.54, the |
944 | scrollback has stopped working when I run \c{screen}. |
945 | |
946 | PuTTY's terminal emulator has always had the policy that when the |
421406a4 |
947 | \q{\i{alternate screen}} is in use, nothing is added to the scrollback. |
b86e68d8 |
948 | This is because the usual sorts of programs which use the alternate |
949 | screen are things like text editors, which tend to scroll back and |
950 | forth in the same document a lot; so (a) they would fill up the |
951 | scrollback with a large amount of unhelpfully disordered text, and |
952 | (b) they contain their \e{own} method for the user to scroll back to |
953 | the bit they were interested in. We have generally found this policy |
954 | to do the Right Thing in almost all situations. |
955 | |
956 | Unfortunately, \c{screen} is one exception: it uses the alternate |
957 | screen, but it's still usually helpful to have PuTTY's scrollback |
958 | continue working. The simplest solution is to go to the Features |
959 | control panel and tick \q{Disable switching to alternate terminal |
960 | screen}. (See \k{config-features-altscreen} for more details.) |
f08afc59 |
961 | Alternatively, you can tell \c{screen} itself not to use the |
962 | alternate screen: the |
963 | \W{http://www4.informatik.uni-erlangen.de/~jnweiger/screen-faq.html}{\c{screen} |
964 | FAQ} suggests adding the line \cq{termcapinfo xterm ti@:te@} to your |
965 | \cw{.screenrc} file. |
b86e68d8 |
966 | |
967 | The reason why this only started to be a problem in 0.54 is because |
968 | \c{screen} typically uses an unusual control sequence to switch to |
969 | the alternate screen, and previous versions of PuTTY did not support |
970 | this sequence. |
971 | |
421406a4 |
972 | \S{faq-alternate-localhost}{Question} Since I upgraded \i{Windows XP} |
85c598bf |
973 | to Service Pack 2, I can't use addresses like \cw{127.0.0.2}. |
974 | |
421406a4 |
975 | Some people who ask PuTTY to listen on \i{localhost} addresses other |
976 | than \cw{127.0.0.1} to forward services such as \i{SMB} and \i{Windows |
977 | Terminal Services} have found that doing so no longer works since |
85c598bf |
978 | they upgraded to WinXP SP2. |
979 | |
0a05eecb |
980 | This is apparently an issue with SP2 that is acknowledged by Microsoft |
981 | in MS Knowledge Base article |
85c598bf |
982 | \W{http://support.microsoft.com/default.aspx?scid=kb;en-us;884020}{884020}. |
a510ac14 |
983 | The article links to a fix you can download. |
85c598bf |
984 | |
5ac88186 |
985 | (\e{However}, we've been told that SP2 \e{also} fixes the bug that |
986 | means you need to use non-\cw{127.0.0.1} addresses to forward |
000cae2e |
987 | Terminal Services in the first place.) |
5ac88186 |
988 | |
811527db |
989 | \S{faq-missing-slash}{Question} PSFTP commands seem to be missing a |
990 | directory separator (slash). |
991 | |
992 | Some people have reported the following incorrect behaviour with |
993 | PSFTP: |
994 | |
995 | \c psftp> pwd |
996 | \e iii |
997 | \c Remote directory is /dir1/dir2 |
998 | \c psftp> get filename.ext |
999 | \e iiiiiiiiiiiiiiii |
1000 | \c /dir1/dir2filename.ext: no such file or directory |
1001 | |
1002 | This is not a bug in PSFTP. There is a known bug in some versions of |
421406a4 |
1003 | portable \i{OpenSSH} |
811527db |
1004 | (\W{http://bugzilla.mindrot.org/show_bug.cgi?id=697}{bug 697}) that |
1005 | causes these symptoms; it appears to have been introduced around |
1006 | 3.7.x. It manifests only on certain platforms (AIX is what has been |
1007 | reported to us). |
1008 | |
1009 | There is a patch for OpenSSH attached to that bug; it's also fixed in |
1010 | recent versions of portable OpenSSH (from around 3.8). |
1011 | |
b493cd11 |
1012 | \S{faq-connaborted}{Question} Do you want to hear about \q{Software |
1013 | caused connection abort}? |
6b39d356 |
1014 | |
1015 | In the documentation for PuTTY 0.53 and 0.53b, we mentioned that we'd |
1016 | like to hear about any occurrences of this error. Since the release |
1017 | of PuTTY 0.54, however, we've been convinced that this error doesn't |
1018 | indicate that PuTTY's doing anything wrong, and we don't need to hear |
1019 | about further occurrences. See \k{errors-connaborted} for our current |
1020 | documentation of this error. |
1021 | |
3ba2d921 |
1022 | \S{faq-rekey}{Question} My SSH-2 session \I{locking up, SSH-2 |
1023 | sessions}locks up for a few seconds every so often. |
1024 | |
1025 | Recent versions of PuTTY automatically initiate \i{repeat key |
1026 | exchange} once per hour, to improve session security. If your client |
1027 | or server machine is slow, you may experience this as a delay of |
1028 | anything up to thirty seconds or so. |
1029 | |
1030 | These \I{delays, in SSH-2 sessions}delays are inconvenient, but they |
1031 | are there for your protection. If they really cause you a problem, |
1032 | you can choose to turn off periodic rekeying using the \q{Kex} |
1033 | configuration panel (see \k{config-ssh-kex}), but be aware that you |
1034 | will be sacrificing security for this. (Falling back to SSH-1 would |
1035 | also remove the delays, but would lose a \e{lot} more security |
1036 | still. We do not recommend it.) |
1037 | |
7090f35e |
1038 | \S{faq-xpwontrun}{Question} PuTTY fails to start up. Windows claims that |
1039 | \q{the application configuration is incorrect}. |
1040 | |
b4537635 |
1041 | This is caused by a bug in certain versions of \i{Windows XP} which |
1042 | is triggered by PuTTY 0.58. This was fixed in 0.59. The |
7090f35e |
1043 | \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/xp-wont-run}{\q{xp-wont-run}} |
1044 | entry in PuTTY's wishlist has more details. |
1045 | |
ee46ef84 |
1046 | \H{faq-secure} Security questions |
1047 | |
a1d2976b |
1048 | \S{faq-publicpc}{Question} Is it safe for me to download PuTTY and |
70706890 |
1049 | use it on a public PC? |
ee46ef84 |
1050 | |
1051 | It depends on whether you trust that PC. If you don't trust the |
1052 | public PC, don't use PuTTY on it, and don't use any other software |
1053 | you plan to type passwords into either. It might be watching your |
1054 | keystrokes, or it might tamper with the PuTTY binary you download. |
1055 | There is \e{no} program safe enough that you can run it on an |
1056 | actively malicious PC and get away with typing passwords into it. |
1057 | |
1058 | If you do trust the PC, then it's probably OK to use PuTTY on it |
1059 | (but if you don't trust the network, then the PuTTY download might |
1060 | be tampered with, so it would be better to carry PuTTY with you on a |
1061 | floppy). |
1062 | |
a1d2976b |
1063 | \S{faq-cleanup}{Question} What does PuTTY leave on a system? How can |
421406a4 |
1064 | I \i{clean up} after it? |
ee46ef84 |
1065 | |
1066 | PuTTY will leave some Registry entries, and a random seed file, on |
1067 | the PC (see \k{faq-settings}). If you are using PuTTY on a public |
1068 | PC, or somebody else's PC, you might want to clean these up when you |
1069 | leave. You can do that automatically, by running the command |
9310cb7d |
1070 | \c{putty -cleanup}. (Note that this only removes settings for |
1071 | the currently logged-in user on \i{multi-user systems}.) |
1072 | |
1073 | If PuTTY was installed from the installer package, it will also |
c35ff6c8 |
1074 | appear in \q{Add/Remove Programs}. Older versions of the uninstaller |
1075 | do not remove the above-mentioned registry entries and file. |
ee46ef84 |
1076 | |
421406a4 |
1077 | \S{faq-dsa}{Question} How come PuTTY now supports \i{DSA}, when the |
70706890 |
1078 | website used to say how insecure it was? |
ee46ef84 |
1079 | |
1080 | DSA has a major weakness \e{if badly implemented}: it relies on a |
1081 | random number generator to far too great an extent. If the random |
1082 | number generator produces a number an attacker can predict, the DSA |
1083 | private key is exposed - meaning that the attacker can log in as you |
1084 | on all systems that accept that key. |
1085 | |
1086 | The PuTTY policy changed because the developers were informed of |
1087 | ways to implement DSA which do not suffer nearly as badly from this |
1088 | weakness, and indeed which don't need to rely on random numbers at |
1089 | all. For this reason we now believe PuTTY's DSA implementation is |
1090 | probably OK. However, if you have the choice, we still recommend you |
1091 | use RSA instead. |
1092 | |
ee4b471f |
1093 | \S{faq-virtuallock}{Question} Couldn't Pageant use |
1094 | \cw{VirtualLock()} to stop private keys being written to disk? |
f9908cf7 |
1095 | |
ee4b471f |
1096 | Unfortunately not. The \cw{VirtualLock()} function in the Windows |
1097 | API doesn't do a proper job: it may prevent small pieces of a |
1098 | process's memory from being paged to disk while the process is |
1099 | running, but it doesn't stop the process's memory as a whole from |
1100 | being swapped completely out to disk when the process is long-term |
1101 | inactive. And Pageant spends most of its time inactive. |
f9908cf7 |
1102 | |
ee46ef84 |
1103 | \H{faq-admin} Administrative questions |
1104 | |
a1d2976b |
1105 | \S{faq-domain}{Question} Would you like me to register you a nicer |
70706890 |
1106 | domain name? |
ee46ef84 |
1107 | |
1108 | No, thank you. Even if you can find one (most of them seem to have |
1109 | been registered already, by people who didn't ask whether we |
1110 | actually wanted it before they applied), we're happy with the PuTTY |
1111 | web site being exactly where it is. It's not hard to find (just type |
1112 | \q{putty} into \W{http://www.google.com/}{google.com} and we're the |
1113 | first link returned), and we don't believe the administrative hassle |
1114 | of moving the site would be worth the benefit. |
1115 | |
1116 | In addition, if we \e{did} want a custom domain name, we would want |
1117 | to run it ourselves, so we knew for certain that it would continue |
1118 | to point where we wanted it, and wouldn't suddenly change or do |
1119 | strange things. Having it registered for us by a third party who we |
1120 | don't even know is not the best way to achieve this. |
1121 | |
a1d2976b |
1122 | \S{faq-webhosting}{Question} Would you like free web hosting for the |
70706890 |
1123 | PuTTY web site? |
ee46ef84 |
1124 | |
1125 | We already have some, thanks. |
1126 | |
34185d04 |
1127 | \S{faq-link}{Question} Would you link to my web site from the PuTTY |
1128 | web site? |
1129 | |
1130 | Only if the content of your web page is of definite direct interest |
1131 | to PuTTY users. If your content is unrelated, or only tangentially |
1132 | related, to PuTTY, then the link would simply be advertising for |
1133 | you. |
1134 | |
1135 | One very nice effect of the Google ranking mechanism is that by and |
1136 | large, the most popular web sites get the highest rankings. This |
1137 | means that when an ordinary person does a search, the top item in |
1138 | the search is very likely to be a high-quality site or the site they |
1139 | actually wanted, rather than the site which paid the most money for |
1140 | its ranking. |
1141 | |
1142 | The PuTTY web site is held in high esteem by Google, for precisely |
1143 | this reason: lots of people have linked to it simply because they |
1144 | like PuTTY, without us ever having to ask anyone to link to us. We |
1145 | feel that it would be an abuse of this esteem to use it to boost the |
1146 | ranking of random advertisers' web sites. If you want your web site |
1147 | to have a high Google ranking, we'd prefer that you achieve this the |
1148 | way we did - by being good enough at what you do that people will |
1149 | link to you simply because they like you. |
1150 | |
b609f258 |
1151 | In particular, we aren't interested in trading links for money (see |
1152 | above), and we \e{certainly} aren't interested in trading links for |
1153 | other links (since we have no advertising on our web site, our |
1154 | Google ranking is not even directly worth anything to us). If we |
1155 | don't want to link to you for free, then we probably won't want to |
1156 | link to you at all. |
1157 | |
34185d04 |
1158 | If you have software based on PuTTY, or specifically designed to |
1159 | interoperate with PuTTY, or in some other way of genuine interest to |
1160 | PuTTY users, then we will probably be happy to add a link to you on |
99d1a50e |
1161 | our Links page. And if you're running a particularly valuable mirror |
1162 | of the PuTTY web site, we might be interested in linking to you from |
1163 | our Mirrors page. |
34185d04 |
1164 | |
a1d2976b |
1165 | \S{faq-sourceforge}{Question} Why don't you move PuTTY to |
70706890 |
1166 | SourceForge? |
ee46ef84 |
1167 | |
1168 | Partly, because we don't want to move the web site location (see |
1169 | \k{faq-domain}). |
1170 | |
1171 | Also, security reasons. PuTTY is a security product, and as such it |
1172 | is particularly important to guard the code and the web site against |
1173 | unauthorised modifications which might introduce subtle security |
51e759ee |
1174 | flaws. Therefore, we prefer that the Subversion repository, web site and |
ee46ef84 |
1175 | FTP site remain where they are, under the direct control of system |
1176 | administrators we know and trust personally, rather than being run |
1177 | by a large organisation full of people we've never met and which is |
1178 | known to have had breakins in the past. |
1179 | |
1180 | No offence to SourceForge; I think they do a wonderful job. But |
1181 | they're not ideal for everyone, and in particular they're not ideal |
1182 | for us. |
1183 | |
a1d2976b |
1184 | \S{faq-mailinglist1}{Question} Why can't I subscribe to the |
70706890 |
1185 | putty-bugs mailing list? |
ee46ef84 |
1186 | |
1187 | Because you're not a member of the PuTTY core development team. The |
1188 | putty-bugs mailing list is not a general newsgroup-like discussion |
1189 | forum; it's a contact address for the core developers, and an |
1190 | \e{internal} mailing list for us to discuss things among ourselves. |
1191 | If we opened it up for everybody to subscribe to, it would turn into |
1192 | something more like a newsgroup and we would be completely |
1193 | overwhelmed by the volume of traffic. It's hard enough to keep up |
1194 | with the list as it is. |
1195 | |
a1d2976b |
1196 | \S{faq-mailinglist2}{Question} If putty-bugs isn't a |
70706890 |
1197 | general-subscription mailing list, what is? |
ee46ef84 |
1198 | |
1199 | There isn't one, that we know of. |
1200 | |
be86e512 |
1201 | If someone else wants to set up a mailing list or other forum for |
1202 | PuTTY users to help each other with common problems, that would be |
1203 | fine with us, though the PuTTY team would almost certainly not have the |
87b461db |
1204 | time to read it. It's probably better to use one of the established |
1205 | newsgroups for this purpose (see \k{feedback-other-fora}). |
ee46ef84 |
1206 | |
a1d2976b |
1207 | \S{faq-donations}{Question} How can I donate to PuTTY development? |
ee46ef84 |
1208 | |
1209 | Please, \e{please} don't feel you have to. PuTTY is completely free |
1210 | software, and not shareware. We think it's very important that |
1211 | \e{everybody} who wants to use PuTTY should be able to, whether they |
1212 | have any money or not; so the last thing we would want is for a |
1213 | PuTTY user to feel guilty because they haven't paid us any money. If |
1214 | you want to keep your money, please do keep it. We wouldn't dream of |
1215 | asking for any. |
1216 | |
1217 | Having said all that, if you still really \e{want} to give us money, |
1218 | we won't argue :-) The easiest way for us to accept donations is if |
2244ea7b |
1219 | you send money to \cw{<anakin@pobox.com>} using PayPal |
d3b774ba |
1220 | (\W{http://www.paypal.com/}\cw{www.paypal.com}). If you don't like |
1221 | PayPal, talk to us; we can probably arrange some alternative means. |
ee46ef84 |
1222 | |
1223 | Small donations (tens of dollars or tens of euros) will probably be |
1224 | spent on beer or curry, which helps motivate our volunteer team to |
1225 | continue doing this for the world. Larger donations will be spent on |
1226 | something that actually helps development, if we can find anything |
9cd3f7b0 |
1227 | (perhaps new hardware, or a copy of Windows XP), but if we can't |
ee46ef84 |
1228 | find anything then we'll just distribute the money among the |
1229 | developers. If you want to be sure your donation is going towards |
1230 | something worthwhile, ask us first. If you don't like these terms, |
1231 | feel perfectly free not to donate. We don't mind. |
1232 | |
150ef9c6 |
1233 | \S{faq-permission}{Question} Can I have permission to put PuTTY on a |
1234 | cover disk / distribute it with other software / etc? |
1235 | |
30a6b820 |
1236 | Yes. For most things, you need not bother asking us explicitly for |
1237 | permission; our licence already grants you permission. |
1238 | |
1239 | See \k{feedback-permission} for more details. |
150ef9c6 |
1240 | |
6894fbe1 |
1241 | \S{faq-indemnity}{Question} Can you sign an agreement indemnifying |
1242 | us against security problems in PuTTY? |
1243 | |
1244 | No! |
1245 | |
1246 | A vendor of physical security products (e.g. locks) might plausibly |
1247 | be willing to accept financial liability for a product that failed |
1248 | to perform as advertised and resulted in damage (e.g. valuables |
1249 | being stolen). The reason they can afford to do this is because they |
1250 | sell a \e{lot} of units, and only a small proportion of them will |
1251 | fail; so they can meet their financial liability out of the income |
1252 | from all the rest of their sales, and still have enough left over to |
1253 | make a profit. Financial liability is intrinsically linked to |
1254 | selling your product for money. |
1255 | |
1256 | There are two reasons why PuTTY is not analogous to a physical lock |
1257 | in this context. One is that software products don't exhibit random |
1258 | variation: \e{if} PuTTY has a security hole (which does happen, |
1259 | although we do our utmost to prevent it and to respond quickly when |
1260 | it does), every copy of PuTTY will have the same hole, so it's |
1261 | likely to affect all the users at the same time. So even if our |
1262 | users were all paying us to use PuTTY, we wouldn't be able to |
1263 | \e{simultaneously} pay every affected user compensation in excess of |
1264 | the amount they had paid us in the first place. It just wouldn't |
1265 | work. |
1266 | |
1267 | The second, much more important, reason is that PuTTY users |
1268 | \e{don't} pay us. The PuTTY team does not have an income; it's a |
1269 | volunteer effort composed of people spending their spare time to try |
1270 | to write useful software. We aren't even a company or any kind of |
1271 | legally recognised organisation. We're just a bunch of people who |
1272 | happen to do some stuff in our spare time. |
1273 | |
1274 | Therefore, to ask us to assume financial liability is to ask us to |
1275 | assume a risk of having to pay it out of our own \e{personal} |
1276 | pockets: out of the same budget from which we buy food and clothes |
1277 | and pay our rent. That's more than we're willing to give. We're |
1278 | already giving a lot of our spare \e{time} to developing software |
1279 | for free; if we had to pay our own \e{money} to do it as well, we'd |
1280 | start to wonder why we were bothering. |
1281 | |
1282 | Free software fundamentally does not work on the basis of financial |
1283 | guarantees. Your guarantee of the software functioning correctly is |
1284 | simply that you have the source code and can check it before you use |
1285 | it. If you want to be sure there aren't any security holes, do a |
1286 | security audit of the PuTTY code, or hire a security engineer if you |
1287 | don't have the necessary skills yourself: instead of trying to |
1288 | ensure you can get compensation in the event of a disaster, try to |
1289 | ensure there isn't a disaster in the first place. |
1290 | |
1291 | If you \e{really} want financial security, see if you can find a |
1292 | security engineer who will take financial responsibility for the |
1293 | correctness of their review. (This might be less likely to suffer |
1294 | from the everything-failing-at-once problem mentioned above, because |
1295 | such an engineer would probably be reviewing a lot of \e{different} |
1296 | products which would tend to fail independently.) Failing that, see |
1297 | if you can persuade an insurance company to insure you against |
1298 | security incidents, and if the insurer demands it as a condition |
1299 | then get our code reviewed by a security engineer they're happy |
1300 | with. |
1301 | |
1302 | \S{faq-permission-form}{Question} Can you sign this form granting us |
1303 | permission to use/distribute PuTTY? |
1304 | |
1305 | If your form contains any clause along the lines of \q{the |
1306 | undersigned represents and warrants}, we're not going to sign it. |
1307 | This is particularly true if it asks us to warrant that PuTTY is |
1308 | secure; see \k{faq-indemnity} for more discussion of this. But it |
1309 | doesn't really matter what we're supposed to be warranting: even if |
1310 | it's something we already believe is true, such as that we don't |
1311 | infringe any third-party copyright, we will not sign a document |
1312 | accepting any legal or financial liability. This is simply because |
1313 | the PuTTY development project has no income out of which to satisfy |
1314 | that liability, or pay legal costs, should it become necessary. We |
1315 | cannot afford to be sued. We are assuring you that \e{we have done |
1316 | our best}; if that isn't good enough for you, tough. |
1317 | |
1318 | The existing PuTTY licence document already gives you permission to |
1319 | use or distribute PuTTY in pretty much any way which does not |
1320 | involve pretending you wrote it or suing us if it goes wrong. We |
1321 | think that really ought to be enough for anybody. |
1322 | |
1323 | See also \k{faq-permission-general} for another reason why we don't |
1324 | want to do this sort of thing. |
1325 | |
1326 | \S{faq-permission-future}{Question} Can you write us a formal notice |
1327 | of permission to use PuTTY? |
1328 | |
1329 | We could, in principle, but it isn't clear what use it would be. If |
1330 | you think there's a serious chance of one of the PuTTY copyright |
1331 | holders suing you (which we don't!), you would presumably want a |
1332 | signed notice from \e{all} of them; and we couldn't provide that |
1333 | even if we wanted to, because many of the copyright holders are |
1334 | people who contributed some code in the past and with whom we |
1335 | subsequently lost contact. Therefore the best we would be able to do |
1336 | \e{even in theory} would be to have the core development team sign |
1337 | the document, which wouldn't guarantee you that some other copyright |
1338 | holder might not sue. |
1339 | |
1340 | See also \k{faq-permission-general} for another reason why we don't |
1341 | want to do this sort of thing. |
1342 | |
1343 | \S{faq-permission-general}{Question} Can you sign \e{anything} for |
1344 | us? |
1345 | |
1346 | Not unless there's an incredibly good reason. |
1347 | |
1348 | We are generally unwilling to set a precedent that involves us |
1349 | having to enter into individual agreements with PuTTY users. We |
1350 | estimate that we have literally \e{millions} of users, and we |
1351 | absolutely would not have time to go round signing specific |
1352 | agreements with every one of them. So if you want us to sign |
1353 | something specific for you, you might usefully stop to consider |
1354 | whether there's anything special that distinguishes you from 999,999 |
1355 | other users, and therefore any reason we should be willing to sign |
1356 | something for you without it setting such a precedent. |
1357 | |
1358 | If your company policy requires you to have an individual agreement |
1359 | with the supplier of any software you use, then your company policy |
1360 | is simply not well suited to using popular free software, and we |
1361 | urge you to consider this as a flaw in your policy. |
1362 | |
1363 | \S{faq-permission-assurance}{Question} If you won't sign anything, |
1364 | can you give us some sort of assurance that you won't make PuTTY |
1365 | closed-source in future? |
1366 | |
1367 | Yes and no. |
1368 | |
1369 | If what you want is an assurance that some \e{current version} of |
1370 | PuTTY which you've already downloaded will remain free, then you |
1371 | already have that assurance: it's called the PuTTY Licence. It |
1372 | grants you permission to use, distribute and copy the software to |
1373 | which it applies; once we've granted that permission (which we |
1374 | have), we can't just revoke it. |
1375 | |
1376 | On the other hand, if you want an assurance that \e{future} versions |
1377 | of PuTTY won't be closed-source, that's more difficult. We could in |
1378 | principle sign a document stating that we would never release a |
1379 | closed-source PuTTY, but that wouldn't assure you that we \e{would} |
1380 | keep releasing \e{open}-source PuTTYs: we would still have the |
1381 | option of ceasing to develop PuTTY at all, which would surely be |
1382 | even worse for you than making it closed-source! (And we almost |
1383 | certainly wouldn't \e{want} to sign a document guaranteeing that we |
1384 | would actually continue to do development work on PuTTY; we |
1385 | certainly wouldn't sign it for free. Documents like that are called |
1386 | contracts of employment, and are generally not signed except in |
1387 | return for a sizeable salary.) |
1388 | |
1389 | If we \e{were} to stop developing PuTTY, or to decide to make all |
1390 | future releases closed-source, then you would still be free to copy |
1391 | the last open release in accordance with the current licence, and in |
1392 | particular you could start your own fork of the project from that |
1393 | release. If this happened, I confidently predict that \e{somebody} |
1394 | would do that, and that some kind of a free PuTTY would continue to |
1395 | be developed. There's already precedent for that sort of thing |
1396 | happening in free software. We can't guarantee that somebody |
1397 | \e{other than you} would do it, of course; you might have to do it |
1398 | yourself. But we can assure you that there would be nothing |
1399 | \e{preventing} anyone from continuing free development if we |
1400 | stopped. |
1401 | |
1402 | (Finally, we can also confidently predict that if we made PuTTY |
1403 | closed-source and someone made an open-source fork, most people |
1404 | would switch to the latter. Therefore, it would be pretty stupid of |
1405 | us to try it.) |
1406 | |
84889c2c |
1407 | \S{faq-export-cert}{Question} Can you provide us with export control |
1408 | information / FIPS certification for PuTTY? |
1409 | |
1410 | Some people have asked us for an Export Control Classification Number |
1411 | (ECCN) for PuTTY. We don't know whether we have one, and as a team of |
1412 | free software developers based in the UK we don't have the time, |
1413 | money, or effort to deal with US bureaucracy to investigate any |
1414 | further. We believe that PuTTY falls under 5D002 on the US Commerce |
1415 | Control List, but that shouldn't be taken as definitive. If you need |
1416 | to know more you should seek professional legal advice. The same |
1417 | applies to any other country's legal requirements and restrictions. |
1418 | |
1419 | Similarly, some people have asked us for FIPS certification of the |
1420 | PuTTY tools. Unless someone else is prepared to do the necessary work |
1421 | and pay any costs, we can't provide this. |
1422 | |
f9908cf7 |
1423 | \H{faq-misc} Miscellaneous questions |
1424 | |
421406a4 |
1425 | \S{faq-openssh}{Question} Is PuTTY a port of \i{OpenSSH}, or based on |
928f5301 |
1426 | OpenSSH or OpenSSL? |
f9908cf7 |
1427 | |
1428 | No, it isn't. PuTTY is almost completely composed of code written |
1429 | from scratch for PuTTY. The only code we share with OpenSSH is the |
928f5301 |
1430 | detector for SSH-1 CRC compensation attacks, written by CORE SDI |
1431 | S.A; we share no code at all with OpenSSL. |
f9908cf7 |
1432 | |
606398fb |
1433 | \S{faq-sillyputty}{Question} Where can I buy silly putty? |
1434 | |
1435 | You're looking at the wrong web site; the only PuTTY we know about |
1436 | here is the name of a computer program. |
1437 | |
1438 | If you want the kind of putty you can buy as an executive toy, the |
1439 | PuTTY team can personally recommend Thinking Putty, which you can |
1440 | buy from Crazy Aaron's Putty World, at |
1441 | \W{http://www.puttyworld.com}\cw{www.puttyworld.com}. |
1442 | |
fa58cf81 |
1443 | \S{faq-meaning}{Question} What does \q{PuTTY} mean? |
ee46ef84 |
1444 | |
fa58cf81 |
1445 | It's the name of a popular SSH and Telnet client. Any other meaning |
1446 | is in the eye of the beholder. It's been rumoured that \q{PuTTY} |
1447 | is the antonym of \q{\cw{getty}}, or that it's the stuff that makes your |
1448 | Windows useful, or that it's a kind of plutonium Teletype. We |
1449 | couldn't possibly comment on such allegations. |
1450 | |
1451 | \S{faq-pronounce}{Question} How do I pronounce \q{PuTTY}? |
1452 | |
1453 | Exactly like the English word \q{putty}, which we pronounce |
65b15d17 |
1454 | /\u02C8{'}p\u028C{V}ti/. |