-\versionid $Id: faq.but,v 1.28 2002/05/15 19:16:45 simon Exp $
+\versionid $Id: faq.but,v 1.40 2002/12/15 11:51:21 jacob Exp $
\A{faq} PuTTY FAQ
Yes. SSH v2 support has been available in PuTTY since version 0.50.
However, currently the \e{default} SSH protocol is v1; to select SSH
v2 if your server supports both, go to the SSH panel and change the
-\e{Preferred SSH protocol version} option.
+\e{Preferred SSH protocol version} option. (The factory default will
+\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ssh2-default.html}{change to v2}
+in the next full release.)
Public key authentication (both RSA and DSA) in SSH v2 is new in
version 0.52.
\S{faq-ssh2-keyfmt}{Question} Does PuTTY support reading OpenSSH or
\cw{ssh.com} SSHv2 private key files?
-Version 0.52 doesn't, but in the latest development snapshots
-PuTTYgen can load and save both OpenSSH and \cw{ssh.com} private key
-files.
+PuTTY doesn't support this natively, but as of 0.53
+PuTTYgen can convert both OpenSSH and \cw{ssh.com} private key
+files into PuTTY's format.
\S{faq-ssh1}{Question} Does PuTTY support SSH v1?
\H{faq-ports} Ports to other operating systems
The eventual goal is for PuTTY to be a multi-platform program, able
-to run on at least Windows, MacOS and Unix. Whether this will
-actually ever happen I have no idea, but it is the plan. A Mac port
-has been started, but is only half-finished and currently not moving
-very fast.
+to run on at least Windows, Mac OS and Unix.
Porting will become easier once PuTTY has a generalised porting
layer, drawing a clear line between platform-dependent and
-platform-independent code. The general intention is for this porting
-layer to evolve naturally as part of the process of doing the first
-port. One particularly nasty part of this will be separating the
-many configuration options into platform-dependent and
-platform-independent ones; for example, the options controlling when
-the Windows System menu appears will be pretty much meaningless
-under X11 or perhaps other windowing systems, whereas Telnet Passive
-Mode is universal and shouldn't need to be specified once for each
-platform.
+platform-independent code. The general intention was for this
+porting layer to evolve naturally as part of the process of doing
+the first port; a Unix port is now under way and the plan seems to
+be working so far.
\S{faq-ports-general}{Question} What ports of PuTTY exist?
-Currently, PuTTY only runs on full Win32 systems. This includes
-Windows 95, 98, and ME, and it includes Windows NT, Windows 2000 and
-Windows XP.
+Currently, release versions of PuTTY only run on full Win32 systems.
+This includes Windows 95, 98, and ME, and it includes Windows NT,
+Windows 2000 and Windows XP. In the development code, partial ports
+to Unix (see \k{faq-unix}) and the Mac OS (see \k{faq-mac-port}).
+are under way.
-It does \e{not} include Windows CE (see \k{faq-wince}), and it does
-not quite include the Win32s environment under Windows 3.1 (see
-\k{faq-win31}).
+Currently PuTTY does \e{not} run on Windows CE (see \k{faq-wince}),
+and it does not quite run on the Win32s environment under Windows
+3.1 (see \k{faq-win31}).
-We do not have ports for any other systems at the present time. If
-anyone told you we had a Unix port, or an iPaq port, or any other
-port of PuTTY, they were mistaken. We don't.
+We do not have release-quality ports for any other systems at the
+present time. If anyone told you we had a Mac port, or an iPaq port,
+or any other port of PuTTY, they were mistaken. We don't.
-\S{faq-wince}{Question} Will there be a port to Windows CE?
+\S{faq-unix}{Question} Will there be a port to Unix?
+
+It's currently being worked on. If you look at the nightly source
+snapshots, you should find a \c{unix} subdirectory, which should
+build you a Unix port of Plink, and also \c{pterm} - an
+\cw{xterm}-type program which supports the same terminal emulation
+as PuTTY.
+
+It isn't yet clear whether we will bother combining the terminal
+emulator and network back end into the same process, to provide a
+Unix port of the full GUI form of PuTTY. It wouldn't be as useful a
+thing on Unix as it would be on Windows; its major value would
+probably be as a pathfinding effort for other ports. If anyone
+really wants it, we'd be interested to know why :-)
+
+\S{faq-wince}{Question} Will there be a port to Windows CE or PocketPC?
Probably not in the particularly near future. Despite sharing large
parts of the Windows API, in practice WinCE doesn't appear to be
\S{faq-mac-port}{Question} Will there be a port to the Mac?
-A Mac port was started once and is half-finished, but development
-has been static for some time and the main PuTTY code has moved on,
-so it's not clear how quickly development would resume even if
-developer effort were available.
-
-\S{faq-unix}{Question} Will there be a port to Unix?
-
-I hope so, if only so that I can have an \cw{xterm}-like program
-that supports exactly the same terminal emulation as PuTTY. If and
-when we do do a Unix port, it will have a local-terminal back end so
-it can be used like an \cw{xterm}, rather than only being usable as
-a network utility.
+Eventually. The terminal emulation code has been ported, as has the
+saved-settings infrastructure, but networking and a configuration GUI
+still need to be done before the port will be of any use.
\S{faq-epoc}{Question} Will there be a port to EPOC?
create a Windows shortcut that invokes PuTTY with a command line
like
-\c \path\name\to\putty.exe @mysession
+\c \path\name\to\putty.exe -load mysession
+
+(Note: prior to 0.53, the syntax was \c{@session}. This is now
+deprecated and may be removed at some point.)
\S{faq-startssh}{Question} How can I start an SSH session straight
from the command line?
This is a new feature in version 0.52. You should upgrade.
\S{faq-options}{Question} How do I use all PuTTY's features (public
-keys, port forwarding, SSH v2, etc.) in PSCP, PSFTP and Plink?
+keys, proxying, cipher selection, etc.) in PSCP, PSFTP and Plink?
-The command-line tools are currently rather short of command line
-options to enable this sort of thing. However, you can use most of
+Most major features (e.g., public keys, port forwarding) are available
+through command line options. See the documentation.
+
+Not all features are accessible from the command line yet, although
+we'd like to fix this. In the meantime, you can use most of
PuTTY's features if you create a PuTTY saved session, and then use
the name of the saved session on the command line in place of a
hostname. This works for PSCP, PSFTP and Plink (but don't expect
repeated one hour after the start of the connection, and PuTTY will
get this wrong.
-Upgrade to version 0.52 and the problem should go away.
+Upgrade to version 0.52 or better and the problem should go away.
\S{faq-outofmem}{Question} After trying to establish an SSH 2
connection, PuTTY says \q{Out of memory} and dies.
AltGr key.
In PuTTY version 0.51, the AltGr key was broken. Upgrade to version
-0.52.
+0.52 or better.
\S{faq-idleout}{Question} My PuTTY sessions unexpectedly close after
they are idle for a while.
page} on the PuTTY website (also provided as \k{feedback} in the
manual), and follow the guidelines contained in that.
-\S{faq-broken-openssh31}{Question} Since my SSH server was upgraded to
-OpenSSH 3.1p1, I can no longer connect with PuTTY.
+\S{faq-openssh-bad-openssl}{Question} Since my SSH server was upgraded
+to OpenSSH 3.1p1/3.4p1, I can no longer connect with PuTTY.
There is a known problem when OpenSSH has been built against an
incorrect version of OpenSSL; the quick workaround is to configure
PuTTY to use SSH protocol 2 and the Blowfish cipher.
+For more details and OpenSSH patches, see
+\W{http://bugzilla.mindrot.org/show_bug.cgi?id=138}{bug 138} in the
+OpenSSH BTS.
+
This is not a PuTTY-specific problem; if you try to connect with
-another client you'll likely have similar problems.
+another client you'll likely have similar problems. (Although PuTTY's
+default cipher differs from many other clients.)
-Configurations known to be broken (and symptoms):
+\e{OpenSSH 3.1p1:} configurations known to be broken (and symptoms):
\b SSH 2 with AES cipher (PuTTY says "Assertion failed! Expression:
(len & 15) == 0" in sshaes.c, or "Out of memory", or crashes)
\b SSH 1 with 3DES
-For more details and OpenSSH patches, see
-\W{http://bugzilla.mindrot.org/show_bug.cgi?id=138}{bug 138} in the
-OpenSSH BTS.
+\e{OpenSSH 3.4p1:} as of 3.4p1, only the problem with SSH 1 and
+Blowfish remains. Rebuild your server, apply the patch linked to from
+bug 138 above, or use another cipher (e.g., 3DES) instead.
+
+\e{Other versions:} we occasionally get reports of the same symptom
+and workarounds with older versions of OpenSSH, although it's not
+clear the underlying cause is the same.
+
+\S{faq-ssh2key-ssh1conn}{Question} Why do I see "Couldn't load private
+key from ..."? Why can PuTTYgen load my key but not PuTTY?
+
+It's likely that you've generated an SSH protocol 2 key with PuTTYgen,
+but you're trying to use it in an SSH 1 connection. SSH1 and SSH2 keys
+have different formats, and (at least in 0.52) PuTTY's reporting of a
+key in the wrong format isn't optimal.
+
+To connect using SSH 2 to a server that supports both versions, you
+need to change the configuration from the default (see \k{faq-ssh2}).
+
+\S{faq-rh8-utf8}{Question} When I'm connected to a Red Hat Linux 8.0
+system, some characters don't display properly.
+
+A common complaint is that hyphens in man pages show up as a-acute.
+
+With release 8.0, Red Hat appear to have made UTF-8 the default
+character set. There appears to be no way for terminal emulators such
+as PuTTY to know this (as far as we know, the appropriate escape
+sequence to switch into UTF-8 mode isn't sent).
+
+A fix is to configure sessions to RH8 systems to use UTF-8
+translation - see \k{config-charset} in the documentation. (Note that
+if you use \q{Change Settings}, changes may not take place immediately
+- see \k{faq-resetterm}.)
+
+If you really want to change the character set used by the server, the
+right place is \c{/etc/sysconfig/i18n}, but this shouldn't be
+necessary.
\H{faq-secure} Security questions
probably OK. However, if you have the choice, we still recommend you
use RSA instead.
+\S{faq-virtuallock}{Question} Couldn't Pageant use
+\cw{VirtualLock()} to stop private keys being written to disk?
+
+Unfortunately not. The \cw{VirtualLock()} function in the Windows
+API doesn't do a proper job: it may prevent small pieces of a
+process's memory from being paged to disk while the process is
+running, but it doesn't stop the process's memory as a whole from
+being swapped completely out to disk when the process is long-term
+inactive. And Pageant spends most of its time inactive.
+
\H{faq-admin} Administrative questions
\S{faq-domain}{Question} Would you like me to register you a nicer
something worthwhile, ask us first. If you don't like these terms,
feel perfectly free not to donate. We don't mind.
+\H{faq-misc} Miscellaneous questions
+
+\S{faq-openssh}{Question} Is PuTTY a port of OpenSSH, or based on
+OpenSSH?
+
+No, it isn't. PuTTY is almost completely composed of code written
+from scratch for PuTTY. The only code we share with OpenSSH is the
+detector for SSH1 CRC compensation attacks, written by CORE SDI S.A.
+
\S{faq-sillyputty}{Question} Where can I buy silly putty?
You're looking at the wrong web site; the only PuTTY we know about
projects / u / mdw / putty / blobdiff