Make that last checkin more explicit, and in particular reference the
[sgt/putty] / doc / faq.but
CommitLineData
f348999d 1\versionid $Id: faq.but,v 1.51 2003/11/19 19:09:07 jacob Exp $
8f1529bc 2
ee46ef84 3\A{faq} PuTTY FAQ
4
5This FAQ is published on the PuTTY web site, and also provided as an
6appendix in the manual.
7
8\H{faq-support} Features supported in PuTTY
9
10In general, if you want to know if PuTTY supports a particular
11feature, you should look for it on the
12\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/}{PuTTY web site}.
13In particular:
14
15\b try the
16\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html}{changes
17page}, and see if you can find the feature on there. If a feature is
18listed there, it's been implemented. If it's listed as a change made
19\e{since} the latest version, it should be available in the
20development snapshots, in which case testing will be very welcome.
21
22\b try the
ebe9a956 23\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/}{Wishlist
ee46ef84 24page}, and see if you can find the feature there. If it's on there,
b21091fb 25and not in the \q{Recently fixed} section, it probably \e{hasn't} been
26implemented.
ee46ef84 27
a1d2976b 28\S{faq-ssh2}{Question} Does PuTTY support SSH v2?
ee46ef84 29
30Yes. SSH v2 support has been available in PuTTY since version 0.50.
ee46ef84 31
32c37ecd 32Public key authentication (both RSA and DSA) in SSH v2 is new in
33version 0.52.
ee46ef84 34
a1d2976b 35\S{faq-ssh2-keyfmt}{Question} Does PuTTY support reading OpenSSH or
ee46ef84 36\cw{ssh.com} SSHv2 private key files?
37
a58b605b 38PuTTY doesn't support this natively, but as of 0.53
39PuTTYgen can convert both OpenSSH and \cw{ssh.com} private key
40files into PuTTY's format.
ee46ef84 41
a1d2976b 42\S{faq-ssh1}{Question} Does PuTTY support SSH v1?
ee46ef84 43
44Yes. SSH 1 support has always been available in PuTTY.
45
a1d2976b 46\S{faq-localecho}{Question} Does PuTTY support local echo?
ee46ef84 47
32c37ecd 48Yes. Version 0.52 has proper support for local echo.
ee46ef84 49
32c37ecd 50In version 0.51 and before, local echo could not be separated from
ee46ef84 51local line editing (where you type a line of text locally, and it is
52not sent to the server until you press Return, so you have the
53chance to edit it and correct mistakes \e{before} the server sees
32c37ecd 54it). New in version 0.52, local echo and local line editing are
55separate options, and by default PuTTY will try to determine
56automatically whether to enable them or not, based on which protocol
57you have selected and also based on hints from the server. If you
58have a problem with PuTTY's default choice, you can force each
59option to be enabled or disabled as you choose. The controls are in
60the Terminal panel, in the section marked \q{Line discipline
61options}.
ee46ef84 62
a1d2976b 63\S{faq-disksettings}{Question} Does PuTTY support storing its
70706890 64settings in a disk file?
ee46ef84 65
66Not at present, although \k{config-file} in the documentation gives
67a method of achieving the same effect.
68
a1d2976b 69\S{faq-fullscreen}{Question} Does PuTTY support full-screen mode,
70706890 70like a DOS box?
ee46ef84 71
32c37ecd 72Yes; this is a new feature in version 0.52.
ee46ef84 73
babac7bd 74\S{faq-password-remember}{Question} Does PuTTY have the ability to
75remember my password so I don't have to type it every time?
ee46ef84 76
77No, it doesn't.
78
79Remembering your password is a bad plan for obvious security
80reasons: anyone who gains access to your machine while you're away
81from your desk can find out the remembered password, and use it,
82abuse it or change it.
83
84In addition, it's not even \e{possible} for PuTTY to automatically
85send your password in a Telnet session, because Telnet doesn't give
86the client software any indication of which part of the login
87process is the password prompt. PuTTY would have to guess, by
88looking for words like \q{password} in the session data; and if your
89login program is written in something other than English, this won't
90work.
91
92In SSH, remembering your password would be possible in theory, but
93there doesn't seem to be much point since SSH supports public key
94authentication, which is more flexible and more secure. See
95\k{pubkey} in the documentation for a full discussion of public key
96authentication.
97
a1d2976b 98\S{faq-hostkeys}{Question} Is there an option to turn off the
70706890 99annoying host key prompts?
cad566a9 100
101No, there isn't. And there won't be. Even if you write it yourself
102and send us the patch, we won't accept it.
103
104Those annoying host key prompts are the \e{whole point} of SSH.
105Without them, all the cryptographic technology SSH uses to secure
106your session is doing nothing more than making an attacker's job
107slightly harder; instead of sitting between you and the server with
108a packet sniffer, the attacker must actually subvert a router and
109start modifying the packets going back and forth. But that's not all
110that much harder than just sniffing; and without host key checking,
111it will go completely undetected by client or server.
112
113Host key checking is your guarantee that the encryption you put on
114your data at the client end is the \e{same} encryption taken off the
115data at the server end; it's your guarantee that it hasn't been
116removed and replaced somewhere on the way. Host key checking makes
117the attacker's job \e{astronomically} hard, compared to packet
118sniffing, and even compared to subverting a router. Instead of
119applying a little intelligence and keeping an eye on Bugtraq, the
120attacker must now perform a brute-force attack against at least one
121military-strength cipher. That insignificant host key prompt really
122does make \e{that} much difference.
123
124If you're having a specific problem with host key checking - perhaps
125you want an automated batch job to make use of PSCP or Plink, and
126the interactive host key prompt is hanging the batch process - then
127the right way to fix it is to add the correct host key to the
128Registry in advance. That way, you retain the \e{important} feature
129of host key checking: the right key will be accepted and the wrong
130ones will not. Adding an option to turn host key checking off
131completely is the wrong solution and we will not do it.
132
a1d2976b 133\S{faq-server}{Question} Will you write an SSH server for the PuTTY
70706890 134suite, to go with the client?
ae915483 135
136No. The only reason we might want to would be if we could easily
137re-use existing code and significantly cut down the effort. We don't
138believe this is the case; there just isn't enough common ground
139between an SSH client and server to make it worthwhile.
140
141If someone else wants to use bits of PuTTY in the process of writing
142a Windows SSH server, they'd be perfectly welcome to of course, but
143I really can't see it being a lot less effort for us to do that than
144it would be for us to write a server from the ground up. We don't
145have time, and we don't have motivation. The code is available if
146anyone else wants to try it.
147
67325335 148\S{faq-pscp-ascii}{Question} Can PSCP or PSFTP transfer files in
149ASCII mode?
150
d2df61b3 151Unfortunately not.
67325335 152
d2df61b3 153Until recently, this was a limitation of the file transfer protocols:
154the SCP and SFTP protocols had no notion of transferring a file in
155anything other than binary mode. (This is still true of SCP.)
156
157The current draft protocol spec of SFTP proposes a means of
158implementing ASCII transfer. At some point PSCP/PSFTP may implement
159this proposal.
67325335 160
ee46ef84 161\H{faq-ports} Ports to other operating systems
162
163The eventual goal is for PuTTY to be a multi-platform program, able
b18bcea3 164to run on at least Windows, Mac OS and Unix.
ee46ef84 165
166Porting will become easier once PuTTY has a generalised porting
167layer, drawing a clear line between platform-dependent and
59adac11 168platform-independent code. The general intention was for this
169porting layer to evolve naturally as part of the process of doing
170the first port; a Unix port is now under way and the plan seems to
171be working so far.
ee46ef84 172
aff5267a 173\S{faq-ports-general}{Question} What ports of PuTTY exist?
174
59adac11 175Currently, release versions of PuTTY only run on full Win32 systems.
176This includes Windows 95, 98, and ME, and it includes Windows NT,
b18bcea3 177Windows 2000 and Windows XP. In the development code, partial ports
178to Unix (see \k{faq-unix}) and the Mac OS (see \k{faq-mac-port}).
179are under way.
aff5267a 180
59adac11 181Currently PuTTY does \e{not} run on Windows CE (see \k{faq-wince}),
182and it does not quite run on the Win32s environment under Windows
1833.1 (see \k{faq-win31}).
aff5267a 184
59adac11 185We do not have release-quality ports for any other systems at the
186present time. If anyone told you we had a Mac port, or an iPaq port,
187or any other port of PuTTY, they were mistaken. We don't.
188
189\S{faq-unix}{Question} Will there be a port to Unix?
190
191It's currently being worked on. If you look at the nightly source
192snapshots, you should find a \c{unix} subdirectory, which should
ad58c9bc 193build you Unix ports of Plink, PuTTY itself, PSCP, PSFTP, and
194also \c{pterm} - an \cw{xterm}-type program which supports the
195same terminal emulation as PuTTY. We do not yet have Unix ports of
196Pageant or PuTTYgen.
aff5267a 197
70cd2027 198\S{faq-wince}{Question} Will there be a port to Windows CE or PocketPC?
ee46ef84 199
4f2fd423 200It's currently being worked on, but it's only in its early stages yet,
201and certainly isn't yet useful. PuTTY on portable devices would
202clearly be a useful thing, so in the long term I hope it can be
203brought up to release quality.
ee46ef84 204
f82f00d0 205\S{faq-win31}{Question} Is there a port to Windows 3.1?
206
207PuTTY is a 32-bit application from the ground up, so it won't run on
208Windows 3.1 as a native 16-bit program; and it would be \e{very}
209hard to port it to do so, because of Windows 3.1's vile memory
210allocation mechanisms.
211
212However, it is possible in theory to compile the existing PuTTY
213source in such a way that it will run under Win32s (an extension to
214Windows 3.1 to let you run 32-bit programs). In order to do this
215you'll need the right kind of C compiler - modern versions of Visual
216C at least have stopped being backwards compatible to Win32s. Also,
217the last time we tried this it didn't work very well.
218
219If you're interested in running PuTTY under Windows 3.1, help and
220testing in this area would be very welcome!
221
babac7bd 222\S{faq-mac-port}{Question} Will there be a port to the Mac?
ee46ef84 223
4f2fd423 224There is a port to the Mac OS in progress. It's just about usable, but
225has an awful lot of gaps and rough edges that will need cleaning up
226before release.
ee46ef84 227
a1d2976b 228\S{faq-epoc}{Question} Will there be a port to EPOC?
ee46ef84 229
230I hope so, but given that ports aren't really progressing very fast
231even on systems the developers \e{do} already know how to program
232for, it might be a long time before any of us get round to learning
233a new system and doing the port for that.
234
4f2fd423 235However, some of the work has been done by other people, and a beta
236port of PuTTY for the Nokia 9200 Communicator series is available
237from \W{http://www.s2.org/putty/}\cw{http://www.s2.org/putty/}
238
ee46ef84 239\H{faq-embedding} Embedding PuTTY in other programs
240
a1d2976b 241\S{faq-dll}{Question} Is the SSH or Telnet code available as a DLL?
ee46ef84 242
243No, it isn't. It would take a reasonable amount of rewriting for
244this to be possible, and since the PuTTY project itself doesn't
245believe in DLLs (they make installation more error-prone) none of us
246has taken the time to do it.
247
248Most of the code cleanup work would be a good thing to happen in
249general, so if anyone feels like helping, we wouldn't say no.
250
a1d2976b 251\S{faq-vb}{Question} Is the SSH or Telnet code available as a Visual
70706890 252Basic component?
ee46ef84 253
254No, it isn't. None of the PuTTY team uses Visual Basic, and none of
255us has any particular need to make SSH connections from a Visual
256Basic application. In addition, all the preliminary work to turn it
257into a DLL would be necessary first; and furthermore, we don't even
258know how to write VB components.
259
260If someone offers to do some of this work for us, we might consider
261it, but unless that happens I can't see VB integration being
262anywhere other than the very bottom of our priority list.
263
a1d2976b 264\S{faq-ipc}{Question} How can I use PuTTY to make an SSH connection
70706890 265from within another program?
ee46ef84 266
267Probably your best bet is to use Plink, the command-line connection
268tool. If you can start Plink as a second Windows process, and
269arrange for your primary process to be able to send data to the
270Plink process, and receive data from it, through pipes, then you
271should be able to make SSH connections from your program.
272
273This is what CVS for Windows does, for example.
274
275\H{faq-details} Details of PuTTY's operation
276
a1d2976b 277\S{faq-term}{Question} What terminal type does PuTTY use?
ee46ef84 278
279For most purposes, PuTTY can be considered to be an \cw{xterm}
32c37ecd 280terminal.
ee46ef84 281
282PuTTY also supports some terminal control sequences not supported by
283the real \cw{xterm}: notably the Linux console sequences that
284reconfigure the colour palette, and the title bar control sequences
285used by \cw{DECterm} (which are different from the \cw{xterm} ones;
286PuTTY supports both).
287
288By default, PuTTY announces its terminal type to the server as
289\c{xterm}. If you have a problem with this, you can reconfigure it
290to say something else; \c{vt220} might help if you have trouble.
291
a1d2976b 292\S{faq-settings}{Question} Where does PuTTY store its data?
ee46ef84 293
294PuTTY stores most of its data (saved sessions, SSH host keys) in the
295Registry. The precise location is
296
297\c HKEY_CURRENT_USER\Software\SimonTatham\PuTTY
298
299and within that area, saved sessions are stored under \c{Sessions}
300while host keys are stored under \c{SshHostKeys}.
301
302PuTTY also requires a random number seed file, to improve the
303unpredictability of randomly chosen data needed as part of the SSH
304cryptography. This is stored by default in your Windows home
305directory (\c{%HOMEDRIVE%\\%HOMEPATH%}), or in the actual Windows
306directory (such as \c{C:\\WINDOWS}) if the home directory doesn't
307exist, for example if you're using Win95. If you want to change the
308location of the random number seed file, you can put your chosen
309pathname in the Registry, at
310
311\c HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\RandSeedFile
312
313\H{faq-howto} HOWTO questions
314
a1d2976b 315\S{faq-startmax}{Question} How can I make PuTTY start up maximised?
ee46ef84 316
317Create a Windows shortcut to start PuTTY from, and set it as \q{Run
318Maximized}.
319
a1d2976b 320\S{faq-startsess}{Question} How can I create a Windows shortcut to
70706890 321start a particular saved session directly?
ee46ef84 322
323To run a PuTTY session saved under the name \q{\cw{mysession}},
324create a Windows shortcut that invokes PuTTY with a command line
325like
326
a58b605b 327\c \path\name\to\putty.exe -load mysession
328
329(Note: prior to 0.53, the syntax was \c{@session}. This is now
330deprecated and may be removed at some point.)
ee46ef84 331
a1d2976b 332\S{faq-startssh}{Question} How can I start an SSH session straight
70706890 333from the command line?
ee46ef84 334
335Use the command line \c{putty -ssh host.name}. Alternatively, create
336a saved session that specifies the SSH protocol, and start the saved
337session as shown in \k{faq-startsess}.
338
a1d2976b 339\S{faq-cutpaste}{Question} How do I copy and paste between PuTTY and
70706890 340other Windows applications?
ee46ef84 341
342Copy and paste works similarly to the X Window System. You use the
343left mouse button to select text in the PuTTY window. The act of
344selection \e{automatically} copies the text to the clipboard: there
345is no need to press Ctrl-Ins or Ctrl-C or anything else. In fact,
346pressing Ctrl-C will send a Ctrl-C character to the other end of
347your connection (just like it does the rest of the time), which may
348have unpleasant effects. The \e{only} thing you need to do, to copy
349text to the clipboard, is to select it.
350
351To paste the clipboard contents into a PuTTY window, by default you
352click the right mouse button. If you have a three-button mouse and
353are used to X applications, you can configure pasting to be done by
354the middle button instead, but this is not the default because most
355Windows users don't have a middle button at all.
356
357You can also paste by pressing Shift-Ins.
358
a1d2976b 359\S{faq-tunnels}{Question} How do I use X forwarding and port
70706890 360forwarding? I can't find the Tunnels panel.
f2003e32 361
32c37ecd 362This is a new feature in version 0.52. You should upgrade.
f2003e32 363
a1d2976b 364\S{faq-options}{Question} How do I use all PuTTY's features (public
a58b605b 365keys, proxying, cipher selection, etc.) in PSCP, PSFTP and Plink?
366
367Most major features (e.g., public keys, port forwarding) are available
368through command line options. See the documentation.
72be5b5e 369
a58b605b 370Not all features are accessible from the command line yet, although
371we'd like to fix this. In the meantime, you can use most of
72be5b5e 372PuTTY's features if you create a PuTTY saved session, and then use
373the name of the saved session on the command line in place of a
374hostname. This works for PSCP, PSFTP and Plink (but don't expect
375port forwarding in the file transfer applications!).
f2003e32 376
a1d2976b 377\S{faq-pscp}{Question} How do I use PSCP.EXE? When I double-click it
70706890 378gives me a command prompt window which then closes instantly.
ee46ef84 379
380PSCP is a command-line application, not a GUI application. If you
381run it without arguments, it will simply print a help message and
382terminate.
383
384To use PSCP properly, run it from a Command Prompt window. See
385\k{pscp} in the documentation for more details.
386
a1d2976b 387\S{faq-pscp-spaces}{Question} How do I use PSCP to copy a file whose
70706890 388name has spaces in?
ee46ef84 389
390If PSCP is using the traditional SCP protocol, this is confusing. If
391you're specifying a file at the local end, you just use one set of
392quotes as you would normally do:
393
394\c pscp "local filename with spaces" user@host:
395\c pscp user@host:myfile "local filename with spaces"
396
397But if the filename you're specifying is on the \e{remote} side, you
398have to use backslashes and two sets of quotes:
399
400\c pscp user@host:"\"remote filename with spaces\"" local_filename
401\c pscp local_filename user@host:"\"remote filename with spaces\""
402
403Worse still, in a remote-to-local copy you have to specify the local
404file name explicitly, otherwise PSCP will complain that they don't
405match (unless you specified the \c{-unsafe} option). The following
406command will give an error message:
407
408\c c:\>pscp user@host:"\"oo er\"" .
e9cee352 409\c warning: remote host tried to write to a file called 'oo er'
410\c when we requested a file called '"oo er"'.
ee46ef84 411
e9cee352 412Instead, you need to specify the local file name in full:
413
414\c c:\>pscp user@host:"\"oo er\"" "oo er"
415
ee46ef84 416If PSCP is using the newer SFTP protocol, none of this is a problem,
417and all filenames with spaces in are specified using a single pair
418of quotes in the obvious way:
419
420\c pscp "local file" user@host:
421\c pscp user@host:"remote file" .
422
423\H{faq-trouble} Troubleshooting
424
babac7bd 425\S{faq-incorrect-mac}{Question} Why do I see \q{Incorrect MAC
426received on packet}?
ee46ef84 427
f348999d 428One possible cause of this that used to be common is a bug in old
429SSH 2 servers distributed by \cw{ssh.com}. (This is not the only
430possible cause; see \k{errors-crc} in the documentation.)
431Version 2.3.0 and below of their SSH 2 server
ee46ef84 432constructs Message Authentication Codes in the wrong way, and
433expects the client to construct them in the same wrong way. PuTTY
434constructs the MACs correctly by default, and hence these old
435servers will fail to work with it.
436
32c37ecd 437If you are using PuTTY version 0.52 or better, this should work
438automatically: PuTTY should detect the buggy servers from their
439version number announcement, and automatically start to construct
440its MACs in the same incorrect manner as they do, so it will be able
441to work with them.
ee46ef84 442
32c37ecd 443If you are using PuTTY version 0.51 or below, you can enable the
444workaround by going to the SSH panel and ticking the box labelled
445\q{Imitate SSH 2 MAC bug}. It's possible that you might have to do
446this with 0.52 as well, if a buggy server exists that PuTTY doesn't
447know about.
ee46ef84 448
b7e2c163 449In this context MAC stands for Message Authentication Code. It's a
450cryptographic term, and it has nothing at all to do with Ethernet
451MAC (Media Access Control) addresses.
452
67325335 453\S{faq-pscp-protocol}{Question} Why do I see \q{Fatal: Protocol
454error: Expected control record} in PSCP?
455
456This happens because PSCP was expecting to see data from the server
457that was part of the PSCP protocol exchange, and instead it saw data
458that it couldn't make any sense of at all.
459
460This almost always happens because the startup scripts in your
461account on the server machine are generating output. This is
462impossible for PSCP, or any other SCP client, to work around. You
463should never use startup files (\c{.bashrc}, \c{.cshrc} and so on)
464which generate output in non-interactive sessions.
465
466This is not actually a PuTTY problem. If PSCP fails in this way,
467then all other SCP clients are likely to fail in exactly the same
468way. The problem is at the server end.
469
a1d2976b 470\S{faq-colours}{Question} I clicked on a colour in the Colours
70706890 471panel, and the colour didn't change in my terminal.
ee46ef84 472
473That isn't how you're supposed to use the Colours panel.
474
475During the course of a session, PuTTY potentially uses \e{all} the
476colours listed in the Colours panel. It's not a question of using
477only one of them and you choosing which one; PuTTY will use them
478\e{all}. The purpose of the Colours panel is to let you adjust the
479appearance of all the colours. So to change the colour of the
480cursor, for example, you would select \q{Cursor Colour}, press the
481\q{Modify} button, and select a new colour from the dialog box that
482appeared. Similarly, if you want your session to appear in green,
483you should select \q{Default Foreground} and press \q{Modify}.
484Clicking on \q{ANSI Green} won't turn your session green; it will
485only allow you to adjust the \e{shade} of green used when PuTTY is
486instructed by the server to display green text.
487
a1d2976b 488\S{faq-winsock2}{Question} Plink on Windows 95 says it can't find
70706890 489\cw{WS2_32.DLL}.
ee46ef84 490
491Plink requires the extended Windows network library, WinSock version
4922. This is installed as standard on Windows 98 and above, and on
493Windows NT, and even on later versions of Windows 95; but early
494Win95 installations don't have it.
495
496In order to use Plink on these systems, you will need to download
497the
498\W{http://www.microsoft.com/windows95/downloads/contents/wuadmintools/s_wunetworkingtools/w95sockets2/}{WinSock 2 upgrade}:
499
500\c http://www.microsoft.com/windows95/downloads/contents/wuadmintools/
501\c s_wunetworkingtools/w95sockets2/
502
a1d2976b 503\S{faq-rekey}{Question} My PuTTY sessions close after an hour and
70706890 504tell me \q{Server failed host key check}.
ee46ef84 505
506This is a bug in all versions of PuTTY up to and including 0.51. SSH
507v2 servers from \cw{ssh.com} will require the key exchange to be
508repeated one hour after the start of the connection, and PuTTY will
509get this wrong.
510
a58b605b 511Upgrade to version 0.52 or better and the problem should go away.
ee46ef84 512
a1d2976b 513\S{faq-outofmem}{Question} After trying to establish an SSH 2
70706890 514connection, PuTTY says \q{Out of memory} and dies.
ee46ef84 515
516If this happens just while the connection is starting up, this often
517indicates that for some reason the client and server have failed to
518establish a session encryption key. Somehow, they have performed
519calculations that should have given each of them the same key, but
520have ended up with different keys; so data encrypted by one and
521decrypted by the other looks like random garbage.
522
523This causes an \q{out of memory} error because the first encrypted
524data PuTTY expects to see is the length of an SSH message. Normally
525this will be something well under 100 bytes. If the decryption has
526failed, PuTTY will see a completely random length in the region of
527two \e{gigabytes}, and will try to allocate enough memory to store
528this non-existent message. This will immediately lead to it thinking
529it doesn't have enough memory, and panicking.
530
531If this happens to you, it is quite likely to still be a PuTTY bug
532and you should report it (although it might be a bug in your SSH
533server instead); but it doesn't necessarily mean you've actually run
534out of memory.
535
9accb45d 536\S{faq-outofmem2}{Question} When attempting a file transfer, either
537PSCP or PSFTP says \q{Out of memory} and dies.
538
539This is almost always caused by your login scripts on the server
540generating output. PSCP or PSFTP will receive that output when they
541were expecting to see the start of a file transfer protocol, and
542they will attempt to interpret the output as file-transfer protocol.
543This will usually lead to an \q{out of memory} error for much the
544same reasons as given in \k{faq-outofmem}.
545
546This is a setup problem in your account on your server, \e{not} a
547PSCP/PSFTP bug. Your login scripts should \e{never} generate output
548during non-interactive sessions; secure file transfer is not the
549only form of remote access that will break if they do.
550
551On Unix, a simple fix is to ensure that all the parts of your login
552script that might generate output are in \c{.profile} (if you use a
553Bourne shell derivative) or \c{.login} (if you use a C shell).
554Putting them in more general files such as \c{.bashrc} or \c{.cshrc}
555is liable to lead to problems.
556
7b24f677 557\S{faq-psftp-slow}{Question} PSFTP transfers files much slower than PSCP.
9accb45d 558
559We believe this is because the SFTP and SSH2 protocols are less
560efficient at bulk data transfer than SCP and SSH1, because every
561block of data transferred requires an acknowledgment from the far
562end. It would in theory be possible to queue several blocks of data
563to get round this speed problem, but as yet we haven't done the
564coding. If you really want this fixed, feel free to offer to help.
565
a1d2976b 566\S{faq-bce}{Question} When I run full-colour applications, I see
70706890 567areas of black space where colour ought to be.
f1453e5c 568
569You almost certainly need to enable the \q{Use background colour to
570erase screen} setting in the Terminal panel. Note that if you do
571this in mid-session, it won't take effect until you reset the
572terminal (see \k{faq-resetterm}).
573
a1d2976b 574\S{faq-resetterm}{Question} When I change some terminal settings,
70706890 575nothing happens.
f1453e5c 576
577Some of the terminal options (notably Auto Wrap and
578background-colour screen erase) actually represent the \e{default}
579setting, rather than the currently active setting. The server can
580send sequences that modify these options in mid-session, but when
581the terminal is reset (by server action, or by you choosing \q{Reset
582Terminal} from the System menu) the defaults are restored.
583
584If you want to change one of these options in the middle of a
585session, you will find that the change does not immediately take
586effect. It will only take effect once you reset the terminal.
587
a1d2976b 588\S{faq-altgr}{Question} I can't type characters that require the
70706890 589AltGr key.
ee46ef84 590
32c37ecd 591In PuTTY version 0.51, the AltGr key was broken. Upgrade to version
a58b605b 5920.52 or better.
ee46ef84 593
a1d2976b 594\S{faq-idleout}{Question} My PuTTY sessions unexpectedly close after
70706890 595they are idle for a while.
ee46ef84 596
597Some types of firewall, and almost any router doing Network Address
598Translation (NAT, also known as IP masquerading), will forget about
599a connection through them if the connection does nothing for too
600long. This will cause the connection to be rudely cut off when
601contact is resumed.
602
603You can try to combat this by telling PuTTY to send \e{keepalives}:
604packets of data which have no effect on the actual session, but
605which reassure the router or firewall that the network connection is
606still active and worth remembering about.
607
608Keepalives don't solve everything, unfortunately; although they
609cause greater robustness against this sort of router, they can also
610cause a \e{loss} of robustness against network dropouts. See
611\k{config-keepalive} in the documentation for more discussion of
612this.
613
a1d2976b 614\S{faq-timeout}{Question} PuTTY's network connections time out too
70706890 615quickly when network connectivity is temporarily lost.
ee46ef84 616
617This is a Windows problem, not a PuTTY problem. The timeout value
618can't be set on per application or per session basis. To increase
619the TCP timeout globally, you need to tinker with the Registry.
620
621On Windows 95, 98 or ME, the registry key you need to change is
622
623\c HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\
624\c MSTCP\MaxDataRetries
625
626(it must be of type DWORD in Win95, or String in Win98/ME).
627
628On Windows NT or 2000, the registry key is
629
630\c HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\
631\c Parameters\TcpMaxDataRetransmissions
632
633and it must be of type DWORD.
634
635Set the key's value to something like 10. This will cause Windows to
636try harder to keep connections alive instead of abandoning them.
637
a1d2976b 638\S{faq-puttyputty}{Question} When I \cw{cat} a binary file, I get
ee46ef84 639`PuTTYPuTTYPuTTY' on my command line.
640
a5a6cb30 641Don't do that, then.
ee46ef84 642
643This is designed behaviour; when PuTTY receives the character
644Control-E from the remote server, it interprets it as a request to
645identify itself, and so it sends back the string \q{\cw{PuTTY}} as
646if that string had been entered at the keyboard. Control-E should
647only be sent by programs that are prepared to deal with the
648response. Writing a binary file to your terminal is likely to output
649many Control-E characters, and cause this behaviour. Don't do it.
650It's a bad plan.
651
a5a6cb30 652To mitigate the effects, you could configure the answerback string
653to be empty (see \k{config-answerback}); but writing binary files to
654your terminal is likely to cause various other unpleasant behaviour,
655so this is only a small remedy.
656
babac7bd 657\S{faq-wintitle}{Question} When I \cw{cat} a binary file, my window
658title changes to a nonsense string.
ee46ef84 659
a5a6cb30 660Don't do that, then.
ee46ef84 661
662It is designed behaviour that PuTTY should have the ability to
663adjust the window title on instructions from the server. Normally
664the control sequence that does this should only be sent
665deliberately, by programs that know what they are doing and intend
666to put meaningful text in the window title. Writing a binary file to
667your terminal runs the risk of sending the same control sequence by
668accident, and cause unexpected changes in the window title. Don't do
669it.
670
babac7bd 671\S{faq-password-fails}{Question} My keyboard stops working once
672PuTTY displays the password prompt.
59c1f1f6 673
674No, it doesn't. PuTTY just doesn't display the password you type, so
675that someone looking at your screen can't see what it is.
676
677Unlike the Windows login prompts, PuTTY doesn't display the password
678as a row of asterisks either. This is so that someone looking at
679your screen can't even tell how \e{long} your password is, which
680might be valuable information.
681
b5bee048 682\S{faq-keyboard}{Question} One or more function keys don't do what I
683expected in a server-side application.
684
685If you've already tried all the relevant options in the PuTTY
686Keyboard panel, you may need to mail the PuTTY maintainers and ask.
687
688It is \e{not} usually helpful just to tell us which application,
689which server operating system, and which key isn't working; in order
690to replicate the problem we would need to have a copy of every
691operating system, and every application, that anyone has ever
692complained about.
693
694PuTTY responds to function key presses by sending a sequence of
695control characters to the server. If a function key isn't doing what
696you expect, it's likely that the character sequence your application
697is expecting to receive is not the same as the one PuTTY is sending.
698Therefore what we really need to know is \e{what} sequence the
699application is expecting.
700
701The simplest way to investigate this is to find some other terminal
702environment, in which that function key \e{does} work; and then
703investigate what sequence the function key is sending in that
704situation. One reasonably easy way to do this on a Unix system is to
705type the command \c{cat}, and then press the function key. This is
706likely to produce output of the form \c{^[[11~}. You can also do
707this in PuTTY, to find out what sequence the function key is
708producing in that. Then you can mail the PuTTY maintainers and tell
709us \q{I wanted the F1 key to send \c{^[[11~}, but instead it's
710sending \c{^[OP}, can this be done?}, or something similar.
711
712You should still read the
713\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/feedback.html}{Feedback
714page} on the PuTTY website (also provided as \k{feedback} in the
715manual), and follow the guidelines contained in that.
716
941d39e2 717\S{faq-openssh-bad-openssl}{Question} Since my SSH server was upgraded
718to OpenSSH 3.1p1/3.4p1, I can no longer connect with PuTTY.
1d2a9c9c 719
720There is a known problem when OpenSSH has been built against an
721incorrect version of OpenSSL; the quick workaround is to configure
722PuTTY to use SSH protocol 2 and the Blowfish cipher.
723
941d39e2 724For more details and OpenSSH patches, see
725\W{http://bugzilla.mindrot.org/show_bug.cgi?id=138}{bug 138} in the
726OpenSSH BTS.
727
1d2a9c9c 728This is not a PuTTY-specific problem; if you try to connect with
941d39e2 729another client you'll likely have similar problems. (Although PuTTY's
730default cipher differs from many other clients.)
1d2a9c9c 731
941d39e2 732\e{OpenSSH 3.1p1:} configurations known to be broken (and symptoms):
1d2a9c9c 733
734\b SSH 2 with AES cipher (PuTTY says "Assertion failed! Expression:
735(len & 15) == 0" in sshaes.c, or "Out of memory", or crashes)
736
9712b085 737\b SSH 2 with 3DES (PuTTY says "Incorrect MAC received on packet")
738
1d2a9c9c 739\b SSH 1 with Blowfish (PuTTY says "Incorrect CRC received on
740packet")
741
742\b SSH 1 with 3DES
743
941d39e2 744\e{OpenSSH 3.4p1:} as of 3.4p1, only the problem with SSH 1 and
745Blowfish remains. Rebuild your server, apply the patch linked to from
746bug 138 above, or use another cipher (e.g., 3DES) instead.
59f76022 747
46ccbe20 748\e{Other versions:} we occasionally get reports of the same symptom
749and workarounds with older versions of OpenSSH, although it's not
750clear the underlying cause is the same.
751
1bb76745 752\S{faq-ssh2key-ssh1conn}{Question} Why do I see "Couldn't load private
753key from ..."? Why can PuTTYgen load my key but not PuTTY?
754
755It's likely that you've generated an SSH protocol 2 key with PuTTYgen,
756but you're trying to use it in an SSH 1 connection. SSH1 and SSH2 keys
757have different formats, and (at least in 0.52) PuTTY's reporting of a
758key in the wrong format isn't optimal.
759
760To connect using SSH 2 to a server that supports both versions, you
761need to change the configuration from the default (see \k{faq-ssh2}).
762
2c4b913d 763\S{faq-rh8-utf8}{Question} When I'm connected to a Red Hat Linux 8.0
764system, some characters don't display properly.
765
766A common complaint is that hyphens in man pages show up as a-acute.
767
768With release 8.0, Red Hat appear to have made UTF-8 the default
769character set. There appears to be no way for terminal emulators such
770as PuTTY to know this (as far as we know, the appropriate escape
771sequence to switch into UTF-8 mode isn't sent).
772
773A fix is to configure sessions to RH8 systems to use UTF-8
774translation - see \k{config-charset} in the documentation. (Note that
775if you use \q{Change Settings}, changes may not take place immediately
776- see \k{faq-resetterm}.)
777
778If you really want to change the character set used by the server, the
779right place is \c{/etc/sysconfig/i18n}, but this shouldn't be
780necessary.
781
ee46ef84 782\H{faq-secure} Security questions
783
a1d2976b 784\S{faq-publicpc}{Question} Is it safe for me to download PuTTY and
70706890 785use it on a public PC?
ee46ef84 786
787It depends on whether you trust that PC. If you don't trust the
788public PC, don't use PuTTY on it, and don't use any other software
789you plan to type passwords into either. It might be watching your
790keystrokes, or it might tamper with the PuTTY binary you download.
791There is \e{no} program safe enough that you can run it on an
792actively malicious PC and get away with typing passwords into it.
793
794If you do trust the PC, then it's probably OK to use PuTTY on it
795(but if you don't trust the network, then the PuTTY download might
796be tampered with, so it would be better to carry PuTTY with you on a
797floppy).
798
a1d2976b 799\S{faq-cleanup}{Question} What does PuTTY leave on a system? How can
70706890 800I clean up after it?
ee46ef84 801
802PuTTY will leave some Registry entries, and a random seed file, on
803the PC (see \k{faq-settings}). If you are using PuTTY on a public
804PC, or somebody else's PC, you might want to clean these up when you
805leave. You can do that automatically, by running the command
806\c{putty -cleanup}.
807
a1d2976b 808\S{faq-dsa}{Question} How come PuTTY now supports DSA, when the
70706890 809website used to say how insecure it was?
ee46ef84 810
811DSA has a major weakness \e{if badly implemented}: it relies on a
812random number generator to far too great an extent. If the random
813number generator produces a number an attacker can predict, the DSA
814private key is exposed - meaning that the attacker can log in as you
815on all systems that accept that key.
816
817The PuTTY policy changed because the developers were informed of
818ways to implement DSA which do not suffer nearly as badly from this
819weakness, and indeed which don't need to rely on random numbers at
820all. For this reason we now believe PuTTY's DSA implementation is
821probably OK. However, if you have the choice, we still recommend you
822use RSA instead.
823
ee4b471f 824\S{faq-virtuallock}{Question} Couldn't Pageant use
825\cw{VirtualLock()} to stop private keys being written to disk?
f9908cf7 826
ee4b471f 827Unfortunately not. The \cw{VirtualLock()} function in the Windows
828API doesn't do a proper job: it may prevent small pieces of a
829process's memory from being paged to disk while the process is
830running, but it doesn't stop the process's memory as a whole from
831being swapped completely out to disk when the process is long-term
832inactive. And Pageant spends most of its time inactive.
f9908cf7 833
ee46ef84 834\H{faq-admin} Administrative questions
835
a1d2976b 836\S{faq-domain}{Question} Would you like me to register you a nicer
70706890 837domain name?
ee46ef84 838
839No, thank you. Even if you can find one (most of them seem to have
840been registered already, by people who didn't ask whether we
841actually wanted it before they applied), we're happy with the PuTTY
842web site being exactly where it is. It's not hard to find (just type
843\q{putty} into \W{http://www.google.com/}{google.com} and we're the
844first link returned), and we don't believe the administrative hassle
845of moving the site would be worth the benefit.
846
847In addition, if we \e{did} want a custom domain name, we would want
848to run it ourselves, so we knew for certain that it would continue
849to point where we wanted it, and wouldn't suddenly change or do
850strange things. Having it registered for us by a third party who we
851don't even know is not the best way to achieve this.
852
a1d2976b 853\S{faq-webhosting}{Question} Would you like free web hosting for the
70706890 854PuTTY web site?
ee46ef84 855
856We already have some, thanks.
857
a1d2976b 858\S{faq-sourceforge}{Question} Why don't you move PuTTY to
70706890 859SourceForge?
ee46ef84 860
861Partly, because we don't want to move the web site location (see
862\k{faq-domain}).
863
864Also, security reasons. PuTTY is a security product, and as such it
865is particularly important to guard the code and the web site against
866unauthorised modifications which might introduce subtle security
867flaws. Therefore, we prefer that the CVS repository, web site and
868FTP site remain where they are, under the direct control of system
869administrators we know and trust personally, rather than being run
870by a large organisation full of people we've never met and which is
871known to have had breakins in the past.
872
873No offence to SourceForge; I think they do a wonderful job. But
874they're not ideal for everyone, and in particular they're not ideal
875for us.
876
a1d2976b 877\S{faq-mailinglist1}{Question} Why can't I subscribe to the
70706890 878putty-bugs mailing list?
ee46ef84 879
880Because you're not a member of the PuTTY core development team. The
881putty-bugs mailing list is not a general newsgroup-like discussion
882forum; it's a contact address for the core developers, and an
883\e{internal} mailing list for us to discuss things among ourselves.
884If we opened it up for everybody to subscribe to, it would turn into
885something more like a newsgroup and we would be completely
886overwhelmed by the volume of traffic. It's hard enough to keep up
887with the list as it is.
888
a1d2976b 889\S{faq-mailinglist2}{Question} If putty-bugs isn't a
70706890 890general-subscription mailing list, what is?
ee46ef84 891
892There isn't one, that we know of.
893
be86e512 894If someone else wants to set up a mailing list or other forum for
895PuTTY users to help each other with common problems, that would be
896fine with us, though the PuTTY team would almost certainly not have the
897time to read it. It's probably better to use the established
898newsgroup \cw{comp.security.ssh} for this purpose.
ee46ef84 899
a1d2976b 900\S{faq-donations}{Question} How can I donate to PuTTY development?
ee46ef84 901
902Please, \e{please} don't feel you have to. PuTTY is completely free
903software, and not shareware. We think it's very important that
904\e{everybody} who wants to use PuTTY should be able to, whether they
905have any money or not; so the last thing we would want is for a
906PuTTY user to feel guilty because they haven't paid us any money. If
907you want to keep your money, please do keep it. We wouldn't dream of
908asking for any.
909
910Having said all that, if you still really \e{want} to give us money,
911we won't argue :-) The easiest way for us to accept donations is if
912you go to \W{http://www.e-gold.com}\cw{www.e-gold.com}, and deposit
913your donation in account number 174769. Then send us e-mail to let
914us know you've done so (otherwise we might not notice for months!).
9cd3f7b0 915Alternatively, if e-gold isn't convenient for you, you can donate to
916\cw{<anakin@pobox.com>} using PayPal
917(\W{http://www.paypal.com/}\cw{www.paypal.com}).
ee46ef84 918
919Small donations (tens of dollars or tens of euros) will probably be
920spent on beer or curry, which helps motivate our volunteer team to
921continue doing this for the world. Larger donations will be spent on
922something that actually helps development, if we can find anything
9cd3f7b0 923(perhaps new hardware, or a copy of Windows XP), but if we can't
ee46ef84 924find anything then we'll just distribute the money among the
925developers. If you want to be sure your donation is going towards
926something worthwhile, ask us first. If you don't like these terms,
927feel perfectly free not to donate. We don't mind.
928
f9908cf7 929\H{faq-misc} Miscellaneous questions
930
931\S{faq-openssh}{Question} Is PuTTY a port of OpenSSH, or based on
932OpenSSH?
933
934No, it isn't. PuTTY is almost completely composed of code written
935from scratch for PuTTY. The only code we share with OpenSSH is the
936detector for SSH1 CRC compensation attacks, written by CORE SDI S.A.
937
606398fb 938\S{faq-sillyputty}{Question} Where can I buy silly putty?
939
940You're looking at the wrong web site; the only PuTTY we know about
941here is the name of a computer program.
942
943If you want the kind of putty you can buy as an executive toy, the
944PuTTY team can personally recommend Thinking Putty, which you can
945buy from Crazy Aaron's Putty World, at
946\W{http://www.puttyworld.com}\cw{www.puttyworld.com}.
947
fa58cf81 948\S{faq-meaning}{Question} What does \q{PuTTY} mean?
ee46ef84 949
fa58cf81 950It's the name of a popular SSH and Telnet client. Any other meaning
951is in the eye of the beholder. It's been rumoured that \q{PuTTY}
952is the antonym of \q{\cw{getty}}, or that it's the stuff that makes your
953Windows useful, or that it's a kind of plutonium Teletype. We
954couldn't possibly comment on such allegations.
955
956\S{faq-pronounce}{Question} How do I pronounce \q{PuTTY}?
957
958Exactly like the English word \q{putty}, which we pronounce
959/\u02C8{'}p\u028C{V}t\u026A{I}/.