| 1 | \define{versionidconfig} \versionid $Id$ |
| 2 | |
| 3 | \C{config} Configuring PuTTY |
| 4 | |
| 5 | This chapter describes all the \i{configuration options} in PuTTY. |
| 6 | |
| 7 | PuTTY is configured using the control panel that comes up before you |
| 8 | start a session. Some options can also be changed in the middle of a |
| 9 | session, by selecting \q{Change Settings} from the window menu. |
| 10 | |
| 11 | \H{config-session} The Session panel |
| 12 | |
| 13 | The Session configuration panel contains the basic options you need |
| 14 | to specify in order to open a session at all, and also allows you to |
| 15 | save your settings to be reloaded later. |
| 16 | |
| 17 | \S{config-hostname} The \i{host name} section |
| 18 | |
| 19 | \cfg{winhelp-topic}{session.hostname} |
| 20 | |
| 21 | The top box on the Session panel, labelled \q{Specify your |
| 22 | connection by host name}, contains the details that need to be |
| 23 | filled in before PuTTY can open a session at all. |
| 24 | |
| 25 | \b The \q{Host Name} box is where you type the name, or the \i{IP |
| 26 | address}, of the server you want to connect to. |
| 27 | |
| 28 | \b The \q{Protocol} radio buttons let you choose what type of |
| 29 | connection you want to make: a \I{raw TCP connections}raw |
| 30 | connection, a \i{Telnet} connection, an \i{Rlogin} connection |
| 31 | or an \i{SSH} connection. (See \k{which-one} for a |
| 32 | summary of the differences between SSH, Telnet and rlogin, and |
| 33 | \k{using-rawprot} for an explanation of \q{raw} connections.) |
| 34 | |
| 35 | \b The \q{Port} box lets you specify which \i{port number} on the server |
| 36 | to connect to. If you select Telnet, Rlogin, or SSH, this box will |
| 37 | be filled in automatically to the usual value, and you will only |
| 38 | need to change it if you have an unusual server. If you select Raw |
| 39 | mode, you will almost certainly need to fill in the \q{Port} box. |
| 40 | |
| 41 | \S{config-saving} \ii{Loading and storing saved sessions} |
| 42 | |
| 43 | \cfg{winhelp-topic}{session.saved} |
| 44 | |
| 45 | The next part of the Session configuration panel allows you to save |
| 46 | your preferred PuTTY options so they will appear automatically the |
| 47 | next time you start PuTTY. It also allows you to create \e{saved |
| 48 | sessions}, which contain a full set of configuration options plus a |
| 49 | host name and protocol. A saved session contains all the information |
| 50 | PuTTY needs to start exactly the session you want. |
| 51 | |
| 52 | \b To save your default settings: first set up the settings the way |
| 53 | you want them saved. Then come back to the Session panel. Select the |
| 54 | \q{\i{Default Settings}} entry in the saved sessions list, with a single |
| 55 | click. Then press the \q{Save} button. |
| 56 | |
| 57 | \lcont{ |
| 58 | Note that PuTTY does not allow you to save a host name into the |
| 59 | Default Settings entry. This ensures that when PuTTY is started up, |
| 60 | the host name box is always empty, so a user can always just type in |
| 61 | a host name and connect. |
| 62 | } |
| 63 | |
| 64 | If there is a specific host you want to store the details of how to |
| 65 | connect to, you should create a saved session, which will be |
| 66 | separate from the Default Settings. |
| 67 | |
| 68 | \b To save a session: first go through the rest of the configuration |
| 69 | box setting up all the options you want. Then come back to the |
| 70 | Session panel. Enter a name for the saved session in the \q{Saved |
| 71 | Sessions} input box. (The server name is often a good choice for a |
| 72 | saved session name.) Then press the \q{Save} button. Your saved |
| 73 | session name should now appear in the list box. |
| 74 | |
| 75 | \lcont{ |
| 76 | You can also save settings in mid-session, from the \q{Change Settings} |
| 77 | dialog. Settings changed since the start of the session will be saved |
| 78 | with their current values; as well as settings changed through the |
| 79 | dialog, this includes changes in window size, window title changes |
| 80 | sent by the server, and so on. |
| 81 | } |
| 82 | |
| 83 | \b To reload a saved session: single-click to select the session |
| 84 | name in the list box, and then press the \q{Load} button. Your saved |
| 85 | settings should all appear in the configuration panel. |
| 86 | |
| 87 | \b To modify a saved session: first load it as described above. Then |
| 88 | make the changes you want. Come back to the Session panel, and press |
| 89 | the \q{Save} button. The new settings will be saved over the top of |
| 90 | the old ones. |
| 91 | |
| 92 | \lcont{ |
| 93 | To save the new settings under a different name, you can enter the new |
| 94 | name in the \q{Saved Sessions} box, or single-click to select a |
| 95 | session name in the list box to overwrite that session. To save |
| 96 | \q{Default Settings}, you must single-click the name before saving. |
| 97 | } |
| 98 | |
| 99 | \b To start a saved session immediately: double-click on the session |
| 100 | name in the list box. |
| 101 | |
| 102 | \b To delete a saved session: single-click to select the session |
| 103 | name in the list box, and then press the \q{Delete} button. |
| 104 | |
| 105 | Each saved session is independent of the Default Settings |
| 106 | configuration. If you change your preferences and update Default |
| 107 | Settings, you must also update every saved session separately. |
| 108 | |
| 109 | Saved sessions are stored in the \i{Registry}, at the location |
| 110 | |
| 111 | \c HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\Sessions |
| 112 | |
| 113 | If you need to store them in a file, you could try the method |
| 114 | described in \k{config-file}. |
| 115 | |
| 116 | \S{config-closeonexit} \q{\ii{Close Window} on Exit} |
| 117 | |
| 118 | \cfg{winhelp-topic}{session.coe} |
| 119 | |
| 120 | Finally in the Session panel, there is an option labelled \q{Close |
| 121 | Window on Exit}. This controls whether the PuTTY \i{terminal window} |
| 122 | disappears as soon as the session inside it terminates. If you are |
| 123 | likely to want to copy and paste text out of the session after it |
| 124 | has terminated, or restart the session, you should arrange for this |
| 125 | option to be off. |
| 126 | |
| 127 | \q{Close Window On Exit} has three settings. \q{Always} means always |
| 128 | close the window on exit; \q{Never} means never close on exit |
| 129 | (always leave the window open, but \I{inactive window}inactive). The |
| 130 | third setting, and the default one, is \q{Only on clean exit}. In this |
| 131 | mode, a session which terminates normally will cause its window to |
| 132 | close, but one which is aborted unexpectedly by network trouble or a |
| 133 | confusing message from the server will leave the window up. |
| 134 | |
| 135 | \H{config-logging} The Logging panel |
| 136 | |
| 137 | \cfg{winhelp-topic}{logging.main} |
| 138 | |
| 139 | The Logging configuration panel allows you to save \i{log file}s of your |
| 140 | PuTTY sessions, for debugging, analysis or future reference. |
| 141 | |
| 142 | The main option is a radio-button set that specifies whether PuTTY |
| 143 | will log anything at all. The options are |
| 144 | |
| 145 | \b \q{Logging turned off completely}. This is the default option; in |
| 146 | this mode PuTTY will not create a log file at all. |
| 147 | |
| 148 | \b \q{Log printable output only}. In this mode, a log file will be |
| 149 | created and written to, but only printable text will be saved into |
| 150 | it. The various terminal control codes that are typically sent down |
| 151 | an interactive session alongside the printable text will be omitted. |
| 152 | This might be a useful mode if you want to read a log file in a text |
| 153 | editor and hope to be able to make sense of it. |
| 154 | |
| 155 | \b \q{Log all session output}. In this mode, \e{everything} sent by |
| 156 | the server into your terminal session is logged. If you view the log |
| 157 | file in a text editor, therefore, you may well find it full of |
| 158 | strange control characters. This is a particularly useful mode if |
| 159 | you are experiencing problems with PuTTY's terminal handling: you |
| 160 | can record everything that went to the terminal, so that someone |
| 161 | else can replay the session later in slow motion and watch to see |
| 162 | what went wrong. |
| 163 | |
| 164 | \b \q{\i{Log SSH packet data}}. In this mode (which is only used by SSH |
| 165 | connections), the SSH message packets sent over the encrypted |
| 166 | connection are written to the log file. You might need this to debug |
| 167 | a network-level problem, or more likely to send to the PuTTY authors |
| 168 | as part of a bug report. \e{BE WARNED} that if you log in using a |
| 169 | password, the password can appear in the log file; see |
| 170 | \k{config-logssh} for options that may help to remove sensitive |
| 171 | material from the log file before you send it to anyone else. |
| 172 | |
| 173 | \S{config-logfilename} \q{Log file name} |
| 174 | |
| 175 | \cfg{winhelp-topic}{logging.filename} |
| 176 | |
| 177 | In this edit box you enter the name of the file you want to log the |
| 178 | session to. The \q{Browse} button will let you look around your file |
| 179 | system to find the right place to put the file; or if you already |
| 180 | know exactly where you want it to go, you can just type a pathname |
| 181 | into the edit box. |
| 182 | |
| 183 | There are a few special features in this box. If you use the \c{&} |
| 184 | character in the file name box, PuTTY will insert details of the |
| 185 | current session in the name of the file it actually opens. The |
| 186 | precise replacements it will do are: |
| 187 | |
| 188 | \b \c{&Y} will be replaced by the current year, as four digits. |
| 189 | |
| 190 | \b \c{&M} will be replaced by the current month, as two digits. |
| 191 | |
| 192 | \b \c{&D} will be replaced by the current day of the month, as two |
| 193 | digits. |
| 194 | |
| 195 | \b \c{&T} will be replaced by the current time, as six digits |
| 196 | (HHMMSS) with no punctuation. |
| 197 | |
| 198 | \b \c{&H} will be replaced by the host name you are connecting to. |
| 199 | |
| 200 | For example, if you enter the host name |
| 201 | \c{c:\\puttylogs\\log-&h-&y&m&d-&t.dat}, you will end up with files looking |
| 202 | like |
| 203 | |
| 204 | \c log-server1.example.com-20010528-110859.dat |
| 205 | \c log-unixbox.somewhere.org-20010611-221001.dat |
| 206 | |
| 207 | \S{config-logfileexists} \q{What to do if the log file already exists} |
| 208 | |
| 209 | \cfg{winhelp-topic}{logging.exists} |
| 210 | |
| 211 | This control allows you to specify what PuTTY should do if it tries |
| 212 | to start writing to a log file and it finds the file already exists. |
| 213 | You might want to automatically destroy the existing log file and |
| 214 | start a new one with the same name. Alternatively, you might want to |
| 215 | open the existing log file and add data to the \e{end} of it. |
| 216 | Finally (the default option), you might not want to have any |
| 217 | automatic behaviour, but to ask the user every time the problem |
| 218 | comes up. |
| 219 | |
| 220 | \S{config-logflush} \I{log file, flushing}\q{Flush log file frequently} |
| 221 | |
| 222 | \cfg{winhelp-topic}{logging.flush} |
| 223 | |
| 224 | This option allows you to control how frequently logged data is |
| 225 | flushed to disc. By default, PuTTY will flush data as soon as it is |
| 226 | displayed, so that if you view the log file while a session is still |
| 227 | open, it will be up to date; and if the client system crashes, there's |
| 228 | a greater chance that the data will be preserved. |
| 229 | |
| 230 | However, this can incur a performance penalty. If PuTTY is running |
| 231 | slowly with logging enabled, you could try unchecking this option. Be |
| 232 | warned that the log file may not always be up to date as a result |
| 233 | (although it will of course be flushed when it is closed, for instance |
| 234 | at the end of a session). |
| 235 | |
| 236 | \S{config-logssh} Options specific to \i{SSH packet log}ging |
| 237 | |
| 238 | These options only apply if SSH packet data is being logged. |
| 239 | |
| 240 | The following options allow particularly sensitive portions of |
| 241 | unencrypted packets to be automatically left out of the log file. |
| 242 | They are only intended to deter casual nosiness; an attacker could |
| 243 | glean a lot of useful information from even these obfuscated logs |
| 244 | (e.g., length of password). |
| 245 | |
| 246 | \S2{config-logssh-omitpw} \q{Omit known password fields} |
| 247 | |
| 248 | \cfg{winhelp-topic}{logging.ssh.omitpassword} |
| 249 | |
| 250 | When checked, password fields are removed from the log of transmitted |
| 251 | packets. (This includes any user responses to challenge-response |
| 252 | authentication methods such as \q{keyboard-interactive}.) This does |
| 253 | not include X11 authentication data if using X11 forwarding. |
| 254 | |
| 255 | Note that this will only omit data that PuTTY \e{knows} to be a |
| 256 | password. However, if you start another login session within your |
| 257 | PuTTY session, for instance, any password used will appear in the |
| 258 | clear in the packet log. The next option may be of use to protect |
| 259 | against this. |
| 260 | |
| 261 | This option is enabled by default. |
| 262 | |
| 263 | \S2{config-logssh-omitdata} \q{Omit session data} |
| 264 | |
| 265 | \cfg{winhelp-topic}{logging.ssh.omitdata} |
| 266 | |
| 267 | When checked, all \q{session data} is omitted; this is defined as data |
| 268 | in terminal sessions and in forwarded channels (TCP, X11, and |
| 269 | authentication agent). This will usually substantially reduce the size |
| 270 | of the resulting log file. |
| 271 | |
| 272 | This option is disabled by default. |
| 273 | |
| 274 | \H{config-terminal} The Terminal panel |
| 275 | |
| 276 | The Terminal configuration panel allows you to control the behaviour |
| 277 | of PuTTY's \i{terminal emulation}. |
| 278 | |
| 279 | \S{config-autowrap} \q{Auto wrap mode initially on} |
| 280 | |
| 281 | \cfg{winhelp-topic}{terminal.autowrap} |
| 282 | |
| 283 | \ii{Auto wrap mode} controls what happens when text printed in a PuTTY |
| 284 | window reaches the right-hand edge of the window. |
| 285 | |
| 286 | With auto wrap mode on, if a long line of text reaches the |
| 287 | right-hand edge, it will wrap over on to the next line so you can |
| 288 | still see all the text. With auto wrap mode off, the cursor will |
| 289 | stay at the right-hand edge of the screen, and all the characters in |
| 290 | the line will be printed on top of each other. |
| 291 | |
| 292 | If you are running a full-screen application and you occasionally |
| 293 | find the screen scrolling up when it looks as if it shouldn't, you |
| 294 | could try turning this option off. |
| 295 | |
| 296 | Auto wrap mode can be turned on and off by \i{control sequence}s sent by |
| 297 | the server. This configuration option controls the \e{default} |
| 298 | state, which will be restored when you reset the terminal (see |
| 299 | \k{reset-terminal}). However, if you modify this option in |
| 300 | mid-session using \q{Change Settings}, it will take effect |
| 301 | immediately. |
| 302 | |
| 303 | \S{config-decom} \q{DEC Origin Mode initially on} |
| 304 | |
| 305 | \cfg{winhelp-topic}{terminal.decom} |
| 306 | |
| 307 | \i{DEC Origin Mode} is a minor option which controls how PuTTY |
| 308 | interprets cursor-position \i{control sequence}s sent by the server. |
| 309 | |
| 310 | The server can send a control sequence that restricts the \i{scrolling |
| 311 | region} of the display. For example, in an editor, the server might |
| 312 | reserve a line at the top of the screen and a line at the bottom, |
| 313 | and might send a control sequence that causes scrolling operations |
| 314 | to affect only the remaining lines. |
| 315 | |
| 316 | With DEC Origin Mode on, \i{cursor coordinates} are counted from the top |
| 317 | of the scrolling region. With it turned off, cursor coordinates are |
| 318 | counted from the top of the whole screen regardless of the scrolling |
| 319 | region. |
| 320 | |
| 321 | It is unlikely you would need to change this option, but if you find |
| 322 | a full-screen application is displaying pieces of text in what looks |
| 323 | like the wrong part of the screen, you could try turning DEC Origin |
| 324 | Mode on to see whether that helps. |
| 325 | |
| 326 | DEC Origin Mode can be turned on and off by control sequences sent |
| 327 | by the server. This configuration option controls the \e{default} |
| 328 | state, which will be restored when you reset the terminal (see |
| 329 | \k{reset-terminal}). However, if you modify this option in |
| 330 | mid-session using \q{Change Settings}, it will take effect |
| 331 | immediately. |
| 332 | |
| 333 | \S{config-crlf} \q{Implicit CR in every LF} |
| 334 | |
| 335 | \cfg{winhelp-topic}{terminal.lfhascr} |
| 336 | |
| 337 | Most servers send two control characters, \i{CR} and \i{LF}, to start a |
| 338 | \i{new line} of the screen. The CR character makes the cursor return to the |
| 339 | left-hand side of the screen. The LF character makes the cursor move |
| 340 | one line down (and might make the screen scroll). |
| 341 | |
| 342 | Some servers only send LF, and expect the terminal to move the |
| 343 | cursor over to the left automatically. If you come across a server |
| 344 | that does this, you will see a \I{stair-stepping}stepped effect on the |
| 345 | screen, like this: |
| 346 | |
| 347 | \c First line of text |
| 348 | \c Second line |
| 349 | \c Third line |
| 350 | |
| 351 | If this happens to you, try enabling the \q{Implicit CR in every LF} |
| 352 | option, and things might go back to normal: |
| 353 | |
| 354 | \c First line of text |
| 355 | \c Second line |
| 356 | \c Third line |
| 357 | |
| 358 | \S{config-erase} \q{Use \i{background colour} to erase screen} |
| 359 | |
| 360 | \cfg{winhelp-topic}{terminal.bce} |
| 361 | |
| 362 | Not all terminals agree on what colour to turn the screen when the |
| 363 | server sends a \q{\i{clear screen}} sequence. Some terminals believe the |
| 364 | screen should always be cleared to the \e{default} background |
| 365 | colour. Others believe the screen should be cleared to whatever the |
| 366 | server has selected as a background colour. |
| 367 | |
| 368 | There exist applications that expect both kinds of behaviour. |
| 369 | Therefore, PuTTY can be configured to do either. |
| 370 | |
| 371 | With this option disabled, screen clearing is always done in the |
| 372 | default background colour. With this option enabled, it is done in |
| 373 | the \e{current} background colour. |
| 374 | |
| 375 | Background-colour erase can be turned on and off by \i{control |
| 376 | sequences} sent by the server. This configuration option controls the |
| 377 | \e{default} state, which will be restored when you reset the |
| 378 | terminal (see \k{reset-terminal}). However, if you modify this |
| 379 | option in mid-session using \q{Change Settings}, it will take effect |
| 380 | immediately. |
| 381 | |
| 382 | \S{config-blink} \q{Enable \i{blinking text}} |
| 383 | |
| 384 | \cfg{winhelp-topic}{terminal.blink} |
| 385 | |
| 386 | The server can ask PuTTY to display text that blinks on and off. |
| 387 | This is very distracting, so PuTTY allows you to turn blinking text |
| 388 | off completely. |
| 389 | |
| 390 | When blinking text is disabled and the server attempts to make some |
| 391 | text blink, PuTTY will instead display the text with a \I{background |
| 392 | colour, bright}bolded background colour. |
| 393 | |
| 394 | Blinking text can be turned on and off by \i{control sequence}s sent by |
| 395 | the server. This configuration option controls the \e{default} |
| 396 | state, which will be restored when you reset the terminal (see |
| 397 | \k{reset-terminal}). However, if you modify this option in |
| 398 | mid-session using \q{Change Settings}, it will take effect |
| 399 | immediately. |
| 400 | |
| 401 | \S{config-answerback} \q{\ii{Answerback} to ^E} |
| 402 | |
| 403 | \cfg{winhelp-topic}{terminal.answerback} |
| 404 | |
| 405 | This option controls what PuTTY will send back to the server if the |
| 406 | server sends it the ^E \i{enquiry character}. Normally it just sends |
| 407 | the string \q{PuTTY}. |
| 408 | |
| 409 | If you accidentally write the contents of a binary file to your |
| 410 | terminal, you will probably find that it contains more than one ^E |
| 411 | character, and as a result your next command line will probably read |
| 412 | \q{PuTTYPuTTYPuTTY...} as if you had typed the answerback string |
| 413 | multiple times at the keyboard. If you set the answerback string to |
| 414 | be empty, this problem should go away, but doing so might cause |
| 415 | other problems. |
| 416 | |
| 417 | Note that this is \e{not} the feature of PuTTY which the server will |
| 418 | typically use to determine your terminal type. That feature is the |
| 419 | \q{Terminal-type string} in the Connection panel; see |
| 420 | \k{config-termtype} for details. |
| 421 | |
| 422 | You can include control characters in the answerback string using |
| 423 | \c{^C} notation. (Use \c{^~} to get a literal \c{^}.) |
| 424 | |
| 425 | \S{config-localecho} \q{\ii{Local echo}} |
| 426 | |
| 427 | \cfg{winhelp-topic}{terminal.localecho} |
| 428 | |
| 429 | With local echo disabled, characters you type into the PuTTY window |
| 430 | are not echoed in the window \e{by PuTTY}. They are simply sent to |
| 431 | the server. (The \e{server} might choose to \I{remote echo}echo them |
| 432 | back to you; this can't be controlled from the PuTTY control panel.) |
| 433 | |
| 434 | Some types of session need local echo, and many do not. In its |
| 435 | default mode, PuTTY will automatically attempt to deduce whether or |
| 436 | not local echo is appropriate for the session you are working in. If |
| 437 | you find it has made the wrong decision, you can use this |
| 438 | configuration option to override its choice: you can force local |
| 439 | echo to be turned on, or force it to be turned off, instead of |
| 440 | relying on the automatic detection. |
| 441 | |
| 442 | \S{config-localedit} \q{\ii{Local line editing}} |
| 443 | |
| 444 | \cfg{winhelp-topic}{terminal.localedit} |
| 445 | |
| 446 | Normally, every character you type into the PuTTY window is sent |
| 447 | immediately to the server the moment you type it. |
| 448 | |
| 449 | If you enable local line editing, this changes. PuTTY will let you |
| 450 | edit a whole line at a time locally, and the line will only be sent |
| 451 | to the server when you press Return. If you make a mistake, you can |
| 452 | use the Backspace key to correct it before you press Return, and the |
| 453 | server will never see the mistake. |
| 454 | |
| 455 | Since it is hard to edit a line locally without being able to see |
| 456 | it, local line editing is mostly used in conjunction with \i{local echo} |
| 457 | (\k{config-localecho}). This makes it ideal for use in raw mode |
| 458 | \#{FIXME} or when connecting to \i{MUD}s or \i{talker}s. (Although some more |
| 459 | advanced MUDs do occasionally turn local line editing on and turn |
| 460 | local echo off, in order to accept a password from the user.) |
| 461 | |
| 462 | Some types of session need local line editing, and many do not. In |
| 463 | its default mode, PuTTY will automatically attempt to deduce whether |
| 464 | or not local line editing is appropriate for the session you are |
| 465 | working in. If you find it has made the wrong decision, you can use |
| 466 | this configuration option to override its choice: you can force |
| 467 | local line editing to be turned on, or force it to be turned off, |
| 468 | instead of relying on the automatic detection. |
| 469 | |
| 470 | \S{config-printing} \ii{Remote-controlled printing} |
| 471 | |
| 472 | \cfg{winhelp-topic}{terminal.printing} |
| 473 | |
| 474 | A lot of VT100-compatible terminals support printing under control |
| 475 | of the remote server. PuTTY supports this feature as well, but it is |
| 476 | turned off by default. |
| 477 | |
| 478 | To enable remote-controlled printing, choose a printer from the |
| 479 | \q{Printer to send ANSI printer output to} drop-down list box. This |
| 480 | should allow you to select from all the printers you have installed |
| 481 | drivers for on your computer. Alternatively, you can type the |
| 482 | network name of a networked printer (for example, |
| 483 | \c{\\\\printserver\\printer1}) even if you haven't already |
| 484 | installed a driver for it on your own machine. |
| 485 | |
| 486 | When the remote server attempts to print some data, PuTTY will send |
| 487 | that data to the printer \e{raw} - without translating it, |
| 488 | attempting to format it, or doing anything else to it. It is up to |
| 489 | you to ensure your remote server knows what type of printer it is |
| 490 | talking to. |
| 491 | |
| 492 | Since PuTTY sends data to the printer raw, it cannot offer options |
| 493 | such as portrait versus landscape, print quality, or paper tray |
| 494 | selection. All these things would be done by your PC printer driver |
| 495 | (which PuTTY bypasses); if you need them done, you will have to find |
| 496 | a way to configure your remote server to do them. |
| 497 | |
| 498 | To disable remote printing again, choose \q{None (printing |
| 499 | disabled)} from the printer selection list. This is the default |
| 500 | state. |
| 501 | |
| 502 | \H{config-keyboard} The Keyboard panel |
| 503 | |
| 504 | The Keyboard configuration panel allows you to control the behaviour |
| 505 | of the \i{keyboard} in PuTTY. |
| 506 | |
| 507 | \S{config-backspace} Changing the action of the \ii{Backspace key} |
| 508 | |
| 509 | \cfg{winhelp-topic}{keyboard.backspace} |
| 510 | |
| 511 | Some terminals believe that the Backspace key should send the same |
| 512 | thing to the server as \i{Control-H} (ASCII code 8). Other terminals |
| 513 | believe that the Backspace key should send ASCII code 127 (usually |
| 514 | known as \i{Control-?}) so that it can be distinguished from Control-H. |
| 515 | This option allows you to choose which code PuTTY generates when you |
| 516 | press Backspace. |
| 517 | |
| 518 | If you are connecting over SSH, PuTTY by default tells the server |
| 519 | the value of this option (see \k{config-ttymodes}), so you may find |
| 520 | that the Backspace key does the right thing either way. Similarly, |
| 521 | if you are connecting to a \i{Unix} system, you will probably find that |
| 522 | the Unix \i\c{stty} command lets you configure which the server |
| 523 | expects to see, so again you might not need to change which one PuTTY |
| 524 | generates. On other systems, the server's expectation might be fixed |
| 525 | and you might have no choice but to configure PuTTY. |
| 526 | |
| 527 | If you do have the choice, we recommend configuring PuTTY to |
| 528 | generate Control-? and configuring the server to expect it, because |
| 529 | that allows applications such as \c{emacs} to use Control-H for |
| 530 | help. |
| 531 | |
| 532 | (Typing \i{Shift-Backspace} will cause PuTTY to send whichever code |
| 533 | isn't configured here as the default.) |
| 534 | |
| 535 | \S{config-homeend} Changing the action of the \I{Home and End keys} |
| 536 | |
| 537 | \cfg{winhelp-topic}{keyboard.homeend} |
| 538 | |
| 539 | The Unix terminal emulator \i\c{rxvt} disagrees with the rest of the |
| 540 | world about what character sequences should be sent to the server by |
| 541 | the Home and End keys. |
| 542 | |
| 543 | \i\c{xterm}, and other terminals, send \c{ESC [1~} for the Home key, |
| 544 | and \c{ESC [4~} for the End key. \c{rxvt} sends \c{ESC [H} for the |
| 545 | Home key and \c{ESC [Ow} for the End key. |
| 546 | |
| 547 | If you find an application on which the Home and End keys aren't |
| 548 | working, you could try switching this option to see if it helps. |
| 549 | |
| 550 | \S{config-funkeys} Changing the action of the \i{function keys} and |
| 551 | \i{keypad} |
| 552 | |
| 553 | \cfg{winhelp-topic}{keyboard.funkeys} |
| 554 | |
| 555 | This option affects the function keys (F1 to F12) and the top row of |
| 556 | the numeric keypad. |
| 557 | |
| 558 | \b In the default mode, labelled \c{ESC [n~}, the function keys |
| 559 | generate sequences like \c{ESC [11~}, \c{ESC [12~} and so on. This |
| 560 | matches the general behaviour of Digital's terminals. |
| 561 | |
| 562 | \b In Linux mode, F6 to F12 behave just like the default mode, but |
| 563 | F1 to F5 generate \c{ESC [[A} through to \c{ESC [[E}. This mimics the |
| 564 | \i{Linux virtual console}. |
| 565 | |
| 566 | \b In \I{xterm}Xterm R6 mode, F5 to F12 behave like the default mode, but F1 |
| 567 | to F4 generate \c{ESC OP} through to \c{ESC OS}, which are the |
| 568 | sequences produced by the top row of the \e{keypad} on Digital's |
| 569 | terminals. |
| 570 | |
| 571 | \b In \i{VT400} mode, all the function keys behave like the default |
| 572 | mode, but the actual top row of the numeric keypad generates \c{ESC |
| 573 | OP} through to \c{ESC OS}. |
| 574 | |
| 575 | \b In \i{VT100+} mode, the function keys generate \c{ESC OP} through to |
| 576 | \c{ESC O[} |
| 577 | |
| 578 | \b In \i{SCO} mode, the function keys F1 to F12 generate \c{ESC [M} |
| 579 | through to \c{ESC [X}. Together with shift, they generate \c{ESC [Y} |
| 580 | through to \c{ESC [j}. With control they generate \c{ESC [k} through |
| 581 | to \c{ESC [v}, and with shift and control together they generate |
| 582 | \c{ESC [w} through to \c{ESC [\{}. |
| 583 | |
| 584 | If you don't know what any of this means, you probably don't need to |
| 585 | fiddle with it. |
| 586 | |
| 587 | \S{config-appcursor} Controlling \i{Application Cursor Keys} mode |
| 588 | |
| 589 | \cfg{winhelp-topic}{keyboard.appcursor} |
| 590 | |
| 591 | Application Cursor Keys mode is a way for the server to change the |
| 592 | control sequences sent by the arrow keys. In normal mode, the arrow |
| 593 | keys send \c{ESC [A} through to \c{ESC [D}. In application mode, |
| 594 | they send \c{ESC OA} through to \c{ESC OD}. |
| 595 | |
| 596 | Application Cursor Keys mode can be turned on and off by the server, |
| 597 | depending on the application. PuTTY allows you to configure the |
| 598 | initial state. |
| 599 | |
| 600 | You can also disable application cursor keys mode completely, using |
| 601 | the \q{Features} configuration panel; see |
| 602 | \k{config-features-application}. |
| 603 | |
| 604 | \S{config-appkeypad} Controlling \i{Application Keypad} mode |
| 605 | |
| 606 | \cfg{winhelp-topic}{keyboard.appkeypad} |
| 607 | |
| 608 | Application Keypad mode is a way for the server to change the |
| 609 | behaviour of the numeric keypad. |
| 610 | |
| 611 | In normal mode, the keypad behaves like a normal Windows keypad: |
| 612 | with \i{NumLock} on, the number keys generate numbers, and with NumLock |
| 613 | off they act like the arrow keys and Home, End etc. |
| 614 | |
| 615 | In application mode, all the keypad keys send special control |
| 616 | sequences, \e{including} Num Lock. Num Lock stops behaving like Num |
| 617 | Lock and becomes another function key. |
| 618 | |
| 619 | Depending on which version of Windows you run, you may find the Num |
| 620 | Lock light still flashes on and off every time you press Num Lock, |
| 621 | even when application mode is active and Num Lock is acting like a |
| 622 | function key. This is unavoidable. |
| 623 | |
| 624 | Application keypad mode can be turned on and off by the server, |
| 625 | depending on the application. PuTTY allows you to configure the |
| 626 | initial state. |
| 627 | |
| 628 | You can also disable application keypad mode completely, using the |
| 629 | \q{Features} configuration panel; see |
| 630 | \k{config-features-application}. |
| 631 | |
| 632 | \S{config-nethack} Using \i{NetHack keypad mode} |
| 633 | |
| 634 | \cfg{winhelp-topic}{keyboard.nethack} |
| 635 | |
| 636 | PuTTY has a special mode for playing NetHack. You can enable it by |
| 637 | selecting \q{NetHack} in the \q{Initial state of numeric keypad} |
| 638 | control. |
| 639 | |
| 640 | In this mode, the numeric keypad keys 1-9 generate the NetHack |
| 641 | movement commands (\cw{hjklyubn}). The 5 key generates the \c{.} |
| 642 | command (do nothing). |
| 643 | |
| 644 | Better still, pressing Shift with the keypad keys generates the |
| 645 | capital forms of the commands (\cw{HJKLYUBN}), which tells NetHack |
| 646 | to keep moving you in the same direction until you encounter |
| 647 | something interesting. |
| 648 | |
| 649 | For some reason, this feature only works properly when \i{Num Lock} is |
| 650 | on. We don't know why. |
| 651 | |
| 652 | \S{config-compose} Enabling a DEC-like \ii{Compose key} |
| 653 | |
| 654 | \cfg{winhelp-topic}{keyboard.compose} |
| 655 | |
| 656 | DEC terminals have a Compose key, which provides an easy-to-remember |
| 657 | way of typing \i{accented characters}. You press Compose and then type |
| 658 | two more characters. The two characters are \q{combined} to produce |
| 659 | an accented character. The choices of character are designed to be |
| 660 | easy to remember; for example, composing \q{e} and \q{`} produces |
| 661 | the \q{\u00e8{e-grave}} character. |
| 662 | |
| 663 | If your keyboard has a Windows \i{Application key}, it acts as a Compose |
| 664 | key in PuTTY. Alternatively, if you enable the \q{\i{AltGr} acts as |
| 665 | Compose key} option, the AltGr key will become a Compose key. |
| 666 | |
| 667 | \S{config-ctrlalt} \q{Control-Alt is different from \i{AltGr}} |
| 668 | |
| 669 | \cfg{winhelp-topic}{keyboard.ctrlalt} |
| 670 | |
| 671 | Some old keyboards do not have an AltGr key, which can make it |
| 672 | difficult to type some characters. PuTTY can be configured to treat |
| 673 | the key combination Ctrl + Left Alt the same way as the AltGr key. |
| 674 | |
| 675 | By default, this checkbox is checked, and the key combination Ctrl + |
| 676 | Left Alt does something completely different. PuTTY's usual handling |
| 677 | of the left Alt key is to prefix the Escape (Control-\cw{[}) |
| 678 | character to whatever character sequence the rest of the keypress |
| 679 | would generate. For example, Alt-A generates Escape followed by |
| 680 | \c{a}. So Alt-Ctrl-A would generate Escape, followed by Control-A. |
| 681 | |
| 682 | If you uncheck this box, Ctrl-Alt will become a synonym for AltGr, |
| 683 | so you can use it to type extra graphic characters if your keyboard |
| 684 | has any. |
| 685 | |
| 686 | (However, Ctrl-Alt will never act as a Compose key, regardless of the |
| 687 | setting of \q{AltGr acts as Compose key} described in |
| 688 | \k{config-compose}.) |
| 689 | |
| 690 | \H{config-bell} The Bell panel |
| 691 | |
| 692 | The Bell panel controls the \i{terminal bell} feature: the server's |
| 693 | ability to cause PuTTY to beep at you. |
| 694 | |
| 695 | In the default configuration, when the server sends the character |
| 696 | with ASCII code 7 (Control-G), PuTTY will play the \i{Windows Default |
| 697 | Beep} sound. This is not always what you want the terminal bell |
| 698 | feature to do; the Bell panel allows you to configure alternative |
| 699 | actions. |
| 700 | |
| 701 | \S{config-bellstyle} \q{Set the style of bell} |
| 702 | |
| 703 | \cfg{winhelp-topic}{bell.style} |
| 704 | |
| 705 | This control allows you to select various different actions to occur |
| 706 | on a terminal bell: |
| 707 | |
| 708 | \b Selecting \q{None} \I{terminal bell, disabling}disables the bell |
| 709 | completely. In this mode, the server can send as many Control-G |
| 710 | characters as it likes and nothing at all will happen. |
| 711 | |
| 712 | \b \q{Make default system alert sound} is the default setting. It |
| 713 | causes the Windows \q{Default Beep} sound to be played. To change |
| 714 | what this sound is, or to test it if nothing seems to be happening, |
| 715 | use the Sound configurer in the Windows Control Panel. |
| 716 | |
| 717 | \b \q{\ii{Visual bell}} is a silent alternative to a beeping computer. In |
| 718 | this mode, when the server sends a Control-G, the whole PuTTY window |
| 719 | will flash white for a fraction of a second. |
| 720 | |
| 721 | \b \q{Beep using the \i{PC speaker}} is self-explanatory. |
| 722 | |
| 723 | \b \q{Play a custom \i{sound file}} allows you to specify a particular |
| 724 | sound file to be used by PuTTY alone, or even by a particular |
| 725 | individual PuTTY session. This allows you to distinguish your PuTTY |
| 726 | beeps from any other beeps on the system. If you select this option, |
| 727 | you will also need to enter the name of your sound file in the edit |
| 728 | control \q{Custom sound file to play as a bell}. |
| 729 | |
| 730 | \S{config-belltaskbar} \q{\ii{Taskbar}/\I{window caption}caption |
| 731 | indication on bell} |
| 732 | |
| 733 | \cfg{winhelp-topic}{bell.taskbar} |
| 734 | |
| 735 | This feature controls what happens to the PuTTY window's entry in |
| 736 | the Windows Taskbar if a bell occurs while the window does not have |
| 737 | the input focus. |
| 738 | |
| 739 | In the default state (\q{Disabled}) nothing unusual happens. |
| 740 | |
| 741 | If you select \q{Steady}, then when a bell occurs and the window is |
| 742 | not in focus, the window's Taskbar entry and its title bar will |
| 743 | change colour to let you know that PuTTY session is asking for your |
| 744 | attention. The change of colour will persist until you select the |
| 745 | window, so you can leave several PuTTY windows minimised in your |
| 746 | terminal, go away from your keyboard, and be sure not to have missed |
| 747 | any important beeps when you get back. |
| 748 | |
| 749 | \q{Flashing} is even more eye-catching: the Taskbar entry will |
| 750 | continuously flash on and off until you select the window. |
| 751 | |
| 752 | \S{config-bellovl} \q{Control the \i{bell overload} behaviour} |
| 753 | |
| 754 | \cfg{winhelp-topic}{bell.overload} |
| 755 | |
| 756 | A common user error in a terminal session is to accidentally run the |
| 757 | Unix command \c{cat} (or equivalent) on an inappropriate file type, |
| 758 | such as an executable, image file, or ZIP file. This produces a huge |
| 759 | stream of non-text characters sent to the terminal, which typically |
| 760 | includes a lot of bell characters. As a result of this the terminal |
| 761 | often doesn't stop beeping for ten minutes, and everybody else in |
| 762 | the office gets annoyed. |
| 763 | |
| 764 | To try to avoid this behaviour, or any other cause of excessive |
| 765 | beeping, PuTTY includes a bell overload management feature. In the |
| 766 | default configuration, receiving more than five bell characters in a |
| 767 | two-second period will cause the overload feature to activate. Once |
| 768 | the overload feature is active, further bells will \I{terminal bell, |
| 769 | disabling} have no effect at all, so the rest of your binary file |
| 770 | will be sent to the screen in silence. After a period of five seconds |
| 771 | during which no further bells are received, the overload feature will |
| 772 | turn itself off again and bells will be re-enabled. |
| 773 | |
| 774 | If you want this feature completely disabled, you can turn it off |
| 775 | using the checkbox \q{Bell is temporarily disabled when over-used}. |
| 776 | |
| 777 | Alternatively, if you like the bell overload feature but don't agree |
| 778 | with the settings, you can configure the details: how many bells |
| 779 | constitute an overload, how short a time period they have to arrive |
| 780 | in to do so, and how much silent time is required before the |
| 781 | overload feature will deactivate itself. |
| 782 | |
| 783 | Bell overload mode is always deactivated by any keypress in the |
| 784 | terminal. This means it can respond to large unexpected streams of |
| 785 | data, but does not interfere with ordinary command-line activities |
| 786 | that generate beeps (such as filename completion). |
| 787 | |
| 788 | \H{config-features} The Features panel |
| 789 | |
| 790 | PuTTY's \i{terminal emulation} is very highly featured, and can do a lot |
| 791 | of things under remote server control. Some of these features can |
| 792 | cause problems due to buggy or strangely configured server |
| 793 | applications. |
| 794 | |
| 795 | The Features configuration panel allows you to disable some of |
| 796 | PuTTY's more advanced terminal features, in case they cause trouble. |
| 797 | |
| 798 | \S{config-features-application} Disabling application keypad and cursor keys |
| 799 | |
| 800 | \cfg{winhelp-topic}{features.application} |
| 801 | |
| 802 | \I{Application Keypad}Application keypad mode (see |
| 803 | \k{config-appkeypad}) and \I{Application Cursor Keys}application |
| 804 | cursor keys mode (see \k{config-appcursor}) alter the behaviour of |
| 805 | the keypad and cursor keys. Some applications enable these modes but |
| 806 | then do not deal correctly with the modified keys. You can force |
| 807 | these modes to be permanently disabled no matter what the server |
| 808 | tries to do. |
| 809 | |
| 810 | \S{config-features-mouse} Disabling \cw{xterm}-style \i{mouse reporting} |
| 811 | |
| 812 | \cfg{winhelp-topic}{features.mouse} |
| 813 | |
| 814 | PuTTY allows the server to send \i{control codes} that let it take over |
| 815 | the mouse and use it for purposes other than \i{copy and paste}. |
| 816 | Applications which use this feature include the text-mode web |
| 817 | browser \i\c{links}, the Usenet newsreader \i\c{trn} version 4, and the |
| 818 | file manager \i\c{mc} (Midnight Commander). |
| 819 | |
| 820 | If you find this feature inconvenient, you can disable it using the |
| 821 | \q{Disable xterm-style mouse reporting} control. With this box |
| 822 | ticked, the mouse will \e{always} do copy and paste in the normal |
| 823 | way. |
| 824 | |
| 825 | Note that even if the application takes over the mouse, you can |
| 826 | still manage PuTTY's copy and paste by holding down the Shift key |
| 827 | while you select and paste, unless you have deliberately turned this |
| 828 | feature off (see \k{config-mouseshift}). |
| 829 | |
| 830 | \S{config-features-resize} Disabling remote \i{terminal resizing} |
| 831 | |
| 832 | \cfg{winhelp-topic}{features.resize} |
| 833 | |
| 834 | PuTTY has the ability to change the terminal's size and position in |
| 835 | response to commands from the server. If you find PuTTY is doing |
| 836 | this unexpectedly or inconveniently, you can tell PuTTY not to |
| 837 | respond to those server commands. |
| 838 | |
| 839 | \S{config-features-altscreen} Disabling switching to the \i{alternate screen} |
| 840 | |
| 841 | \cfg{winhelp-topic}{features.altscreen} |
| 842 | |
| 843 | Many terminals, including PuTTY, support an \q{alternate screen}. |
| 844 | This is the same size as the ordinary terminal screen, but separate. |
| 845 | Typically a screen-based program such as a text editor might switch |
| 846 | the terminal to the alternate screen before starting up. Then at the |
| 847 | end of the run, it switches back to the primary screen, and you see |
| 848 | the screen contents just as they were before starting the editor. |
| 849 | |
| 850 | Some people prefer this not to happen. If you want your editor to |
| 851 | run in the same screen as the rest of your terminal activity, you |
| 852 | can disable the alternate screen feature completely. |
| 853 | |
| 854 | \S{config-features-retitle} Disabling remote \i{window title} changing |
| 855 | |
| 856 | \cfg{winhelp-topic}{features.retitle} |
| 857 | |
| 858 | PuTTY has the ability to change the window title in response to |
| 859 | commands from the server. If you find PuTTY is doing this |
| 860 | unexpectedly or inconveniently, you can tell PuTTY not to respond to |
| 861 | those server commands. |
| 862 | |
| 863 | \S{config-features-qtitle} Disabling remote \i{window title} querying |
| 864 | |
| 865 | \cfg{winhelp-topic}{features.qtitle} |
| 866 | |
| 867 | PuTTY can optionally provide the xterm service of allowing server |
| 868 | applications to find out the local window title. This feature is |
| 869 | disabled by default, but you can turn it on if you really want it. |
| 870 | |
| 871 | NOTE that this feature is a \e{potential \i{security hazard}}. If a |
| 872 | malicious application can write data to your terminal (for example, |
| 873 | if you merely \c{cat} a file owned by someone else on the server |
| 874 | machine), it can change your window title (unless you have disabled |
| 875 | this as mentioned in \k{config-features-retitle}) and then use this |
| 876 | service to have the new window title sent back to the server as if |
| 877 | typed at the keyboard. This allows an attacker to fake keypresses |
| 878 | and potentially cause your server-side applications to do things you |
| 879 | didn't want. Therefore this feature is disabled by default, and we |
| 880 | recommend you do not turn it on unless you \e{really} know what you |
| 881 | are doing. |
| 882 | |
| 883 | \S{config-features-dbackspace} Disabling \i{destructive backspace} |
| 884 | |
| 885 | \cfg{winhelp-topic}{features.dbackspace} |
| 886 | |
| 887 | Normally, when PuTTY receives character 127 (^?) from the server, it |
| 888 | will perform a \q{destructive backspace}: move the cursor one space |
| 889 | left and delete the character under it. This can apparently cause |
| 890 | problems in some applications, so PuTTY provides the ability to |
| 891 | configure character 127 to perform a normal backspace (without |
| 892 | deleting a character) instead. |
| 893 | |
| 894 | \S{config-features-charset} Disabling remote \i{character set} |
| 895 | configuration |
| 896 | |
| 897 | \cfg{winhelp-topic}{features.charset} |
| 898 | |
| 899 | PuTTY has the ability to change its character set configuration in |
| 900 | response to commands from the server. Some programs send these |
| 901 | commands unexpectedly or inconveniently. In particular, \I{BitchX} (an |
| 902 | IRC client) seems to have a habit of reconfiguring the character set |
| 903 | to something other than the user intended. |
| 904 | |
| 905 | If you find that accented characters are not showing up the way you |
| 906 | expect them to, particularly if you're running BitchX, you could try |
| 907 | disabling the remote character set configuration commands. |
| 908 | |
| 909 | \S{config-features-shaping} Disabling \i{Arabic text shaping} |
| 910 | |
| 911 | \cfg{winhelp-topic}{features.arabicshaping} |
| 912 | |
| 913 | PuTTY supports shaping of Arabic text, which means that if your |
| 914 | server sends text written in the basic \i{Unicode} Arabic alphabet then |
| 915 | it will convert it to the correct display forms before printing it |
| 916 | on the screen. |
| 917 | |
| 918 | If you are using full-screen software which was not expecting this |
| 919 | to happen (especially if you are not an Arabic speaker and you |
| 920 | unexpectedly find yourself dealing with Arabic text files in |
| 921 | applications which are not Arabic-aware), you might find that the |
| 922 | \i{display becomes corrupted}. By ticking this box, you can disable |
| 923 | Arabic text shaping so that PuTTY displays precisely the characters |
| 924 | it is told to display. |
| 925 | |
| 926 | You may also find you need to disable bidirectional text display; |
| 927 | see \k{config-features-bidi}. |
| 928 | |
| 929 | \S{config-features-bidi} Disabling \i{bidirectional text} display |
| 930 | |
| 931 | \cfg{winhelp-topic}{features.bidi} |
| 932 | |
| 933 | PuTTY supports bidirectional text display, which means that if your |
| 934 | server sends text written in a language which is usually displayed |
| 935 | from right to left (such as \i{Arabic} or \i{Hebrew}) then PuTTY will |
| 936 | automatically flip it round so that it is displayed in the right |
| 937 | direction on the screen. |
| 938 | |
| 939 | If you are using full-screen software which was not expecting this |
| 940 | to happen (especially if you are not an Arabic speaker and you |
| 941 | unexpectedly find yourself dealing with Arabic text files in |
| 942 | applications which are not Arabic-aware), you might find that the |
| 943 | \i{display becomes corrupted}. By ticking this box, you can disable |
| 944 | bidirectional text display, so that PuTTY displays text from left to |
| 945 | right in all situations. |
| 946 | |
| 947 | You may also find you need to disable Arabic text shaping; |
| 948 | see \k{config-features-shaping}. |
| 949 | |
| 950 | \H{config-window} The Window panel |
| 951 | |
| 952 | The Window configuration panel allows you to control aspects of the |
| 953 | \i{PuTTY window}. |
| 954 | |
| 955 | \S{config-winsize} Setting the \I{window size}size of the PuTTY window |
| 956 | |
| 957 | \cfg{winhelp-topic}{window.size} |
| 958 | |
| 959 | The \q{\ii{Rows}} and \q{\ii{Columns}} boxes let you set the PuTTY |
| 960 | window to a precise size. Of course you can also \I{window resizing}drag |
| 961 | the window to a new size while a session is running. |
| 962 | |
| 963 | \S{config-winsizelock} What to do when the window is resized |
| 964 | |
| 965 | \cfg{winhelp-topic}{window.resize} |
| 966 | |
| 967 | These options allow you to control what happens when the user tries |
| 968 | to \I{window resizing}resize the PuTTY window using its window furniture. |
| 969 | |
| 970 | There are four options here: |
| 971 | |
| 972 | \b \q{Change the number of rows and columns}: the font size will not |
| 973 | change. (This is the default.) |
| 974 | |
| 975 | \b \q{Change the size of the font}: the number of rows and columns in |
| 976 | the terminal will stay the same, and the \i{font size} will change. |
| 977 | |
| 978 | \b \q{Change font size when maximised}: when the window is resized, |
| 979 | the number of rows and columns will change, \e{except} when the window |
| 980 | is \i{maximise}d (or restored), when the font size will change. |
| 981 | |
| 982 | \b \q{Forbid resizing completely}: the terminal will refuse to be |
| 983 | resized at all. |
| 984 | |
| 985 | \S{config-scrollback} Controlling \i{scrollback} |
| 986 | |
| 987 | \cfg{winhelp-topic}{window.scrollback} |
| 988 | |
| 989 | These options let you configure the way PuTTY keeps text after it |
| 990 | scrolls off the top of the screen (see \k{using-scrollback}). |
| 991 | |
| 992 | The \q{Lines of scrollback} box lets you configure how many lines of |
| 993 | text PuTTY keeps. The \q{Display scrollbar} options allow you to |
| 994 | hide the \i{scrollbar} (although you can still view the scrollback using |
| 995 | the keyboard as described in \k{using-scrollback}). You can separately |
| 996 | configure whether the scrollbar is shown in \i{full-screen} mode and in |
| 997 | normal modes. |
| 998 | |
| 999 | If you are viewing part of the scrollback when the server sends more |
| 1000 | text to PuTTY, the screen will revert to showing the current |
| 1001 | terminal contents. You can disable this behaviour by turning off |
| 1002 | \q{Reset scrollback on display activity}. You can also make the |
| 1003 | screen revert when you press a key, by turning on \q{Reset |
| 1004 | scrollback on keypress}. |
| 1005 | |
| 1006 | \S{config-erasetoscrollback} \q{Push erased text into scrollback} |
| 1007 | |
| 1008 | \cfg{winhelp-topic}{window.erased} |
| 1009 | |
| 1010 | When this option is enabled, the contents of the terminal screen |
| 1011 | will be pushed into the scrollback when a server-side application |
| 1012 | clears the screen, so that your scrollback will contain a better |
| 1013 | record of what was on your screen in the past. |
| 1014 | |
| 1015 | If the application switches to the \i{alternate screen} (see |
| 1016 | \k{config-features-altscreen} for more about this), then the |
| 1017 | contents of the primary screen will be visible in the scrollback |
| 1018 | until the application switches back again. |
| 1019 | |
| 1020 | This option is enabled by default. |
| 1021 | |
| 1022 | \H{config-appearance} The Appearance panel |
| 1023 | |
| 1024 | The Appearance configuration panel allows you to control aspects of |
| 1025 | the appearance of \I{PuTTY window}PuTTY's window. |
| 1026 | |
| 1027 | \S{config-cursor} Controlling the appearance of the \i{cursor} |
| 1028 | |
| 1029 | \cfg{winhelp-topic}{appearance.cursor} |
| 1030 | |
| 1031 | The \q{Cursor appearance} option lets you configure the cursor to be |
| 1032 | a block, an underline, or a vertical line. A block cursor becomes an |
| 1033 | empty box when the window loses focus; an underline or a vertical |
| 1034 | line becomes dotted. |
| 1035 | |
| 1036 | The \q{\ii{Cursor blinks}} option makes the cursor blink on and off. This |
| 1037 | works in any of the cursor modes. |
| 1038 | |
| 1039 | \S{config-font} Controlling the \i{font} used in the terminal window |
| 1040 | |
| 1041 | \cfg{winhelp-topic}{appearance.font} |
| 1042 | |
| 1043 | This option allows you to choose what font, in what \I{font size}size, |
| 1044 | the PuTTY terminal window uses to display the text in the session. You |
| 1045 | will be offered a choice from all the fixed-width fonts installed on the |
| 1046 | system. (VT100-style terminal handling can only deal with fixed-width |
| 1047 | fonts.) |
| 1048 | |
| 1049 | \S{config-mouseptr} \q{Hide \i{mouse pointer} when typing in window} |
| 1050 | |
| 1051 | \cfg{winhelp-topic}{appearance.hidemouse} |
| 1052 | |
| 1053 | If you enable this option, the mouse pointer will disappear if the |
| 1054 | PuTTY window is selected and you press a key. This way, it will not |
| 1055 | obscure any of the text in the window while you work in your |
| 1056 | session. As soon as you move the mouse, the pointer will reappear. |
| 1057 | |
| 1058 | This option is disabled by default, so the mouse pointer remains |
| 1059 | visible at all times. |
| 1060 | |
| 1061 | \S{config-winborder} Controlling the \i{window border} |
| 1062 | |
| 1063 | \cfg{winhelp-topic}{appearance.border} |
| 1064 | |
| 1065 | PuTTY allows you to configure the appearance of the window border to |
| 1066 | some extent. |
| 1067 | |
| 1068 | The checkbox marked \q{Sunken-edge border} changes the appearance of |
| 1069 | the window border to something more like a DOS box: the inside edge |
| 1070 | of the border is highlighted as if it sank down to meet the surface |
| 1071 | inside the window. This makes the border a little bit thicker as |
| 1072 | well. It's hard to describe well. Try it and see if you like it. |
| 1073 | |
| 1074 | You can also configure a completely blank gap between the text in |
| 1075 | the window and the border, using the \q{Gap between text and window |
| 1076 | edge} control. By default this is set at one pixel. You can reduce |
| 1077 | it to zero, or increase it further. |
| 1078 | |
| 1079 | \H{config-behaviour} The Behaviour panel |
| 1080 | |
| 1081 | The Behaviour configuration panel allows you to control aspects of |
| 1082 | the behaviour of \I{PuTTY window}PuTTY's window. |
| 1083 | |
| 1084 | \S{config-title} Controlling the \i{window title} |
| 1085 | |
| 1086 | \cfg{winhelp-topic}{appearance.title} |
| 1087 | |
| 1088 | The \q{Window title} edit box allows you to set the title of the |
| 1089 | PuTTY window. By default the window title will contain the \i{host name} |
| 1090 | followed by \q{PuTTY}, for example \c{server1.example.com - PuTTY}. |
| 1091 | If you want a different window title, this is where to set it. |
| 1092 | |
| 1093 | PuTTY allows the server to send \c{xterm} \i{control sequence}s which |
| 1094 | modify the title of the window in mid-session (unless this is disabled - |
| 1095 | see \k{config-features-retitle}); the title string set here |
| 1096 | is therefore only the \e{initial} window title. |
| 1097 | |
| 1098 | As well as the \e{window} title, there is also an \c{xterm} |
| 1099 | sequence to modify the \I{icon title}title of the window's \e{icon}. |
| 1100 | This makes sense in a windowing system where the window becomes an |
| 1101 | icon when minimised, such as Windows 3.1 or most X Window System |
| 1102 | setups; but in the Windows 95-like user interface it isn't as |
| 1103 | applicable. |
| 1104 | |
| 1105 | By default, PuTTY only uses the server-supplied \e{window} title, and |
| 1106 | ignores the icon title entirely. If for some reason you want to see |
| 1107 | both titles, check the box marked \q{Separate window and icon titles}. |
| 1108 | If you do this, PuTTY's window title and Taskbar \I{window caption}caption will |
| 1109 | change into the server-supplied icon title if you \i{minimise} the PuTTY |
| 1110 | window, and change back to the server-supplied window title if you |
| 1111 | restore it. (If the server has not bothered to supply a window or |
| 1112 | icon title, none of this will happen.) |
| 1113 | |
| 1114 | \S{config-warnonclose} \q{Warn before \i{closing window}} |
| 1115 | |
| 1116 | \cfg{winhelp-topic}{behaviour.closewarn} |
| 1117 | |
| 1118 | If you press the \i{Close button} in a PuTTY window that contains a |
| 1119 | running session, PuTTY will put up a warning window asking if you |
| 1120 | really meant to close the window. A window whose session has already |
| 1121 | terminated can always be closed without a warning. |
| 1122 | |
| 1123 | If you want to be able to close a window quickly, you can disable |
| 1124 | the \q{Warn before closing window} option. |
| 1125 | |
| 1126 | \S{config-altf4} \q{Window closes on \i{ALT-F4}} |
| 1127 | |
| 1128 | \cfg{winhelp-topic}{behaviour.altf4} |
| 1129 | |
| 1130 | By default, pressing ALT-F4 causes the \I{closing window}window to |
| 1131 | close (or a warning box to appear; see \k{config-warnonclose}). If you |
| 1132 | disable the \q{Window closes on ALT-F4} option, then pressing ALT-F4 |
| 1133 | will simply send a key sequence to the server. |
| 1134 | |
| 1135 | \S{config-altspace} \q{\ii{System menu} appears on \i{ALT-Space}} |
| 1136 | |
| 1137 | \cfg{winhelp-topic}{behaviour.altspace} |
| 1138 | |
| 1139 | If this option is enabled, then pressing ALT-Space will bring up the |
| 1140 | PuTTY window's menu, like clicking on the top left corner. If it is |
| 1141 | disabled, then pressing ALT-Space will just send \c{ESC SPACE} to |
| 1142 | the server. |
| 1143 | |
| 1144 | Some \i{accessibility} programs for Windows may need this option |
| 1145 | enabling to be able to control PuTTY's window successfully. For |
| 1146 | instance, \i{Dragon NaturallySpeaking} requires it both to open the |
| 1147 | system menu via voice, and to close, minimise, maximise and restore |
| 1148 | the window. |
| 1149 | |
| 1150 | \S{config-altonly} \q{\ii{System menu} appears on \i{Alt} alone} |
| 1151 | |
| 1152 | \cfg{winhelp-topic}{behaviour.altonly} |
| 1153 | |
| 1154 | If this option is enabled, then pressing and releasing ALT will |
| 1155 | bring up the PuTTY window's menu, like clicking on the top left |
| 1156 | corner. If it is disabled, then pressing and releasing ALT will have |
| 1157 | no effect. |
| 1158 | |
| 1159 | \S{config-alwaysontop} \q{Ensure window is \i{always on top}} |
| 1160 | |
| 1161 | \cfg{winhelp-topic}{behaviour.alwaysontop} |
| 1162 | |
| 1163 | If this option is enabled, the PuTTY window will stay on top of all |
| 1164 | other windows. |
| 1165 | |
| 1166 | \S{config-fullscreen} \q{\ii{Full screen} on Alt-Enter} |
| 1167 | |
| 1168 | \cfg{winhelp-topic}{behaviour.altenter} |
| 1169 | |
| 1170 | If this option is enabled, then pressing Alt-Enter will cause the |
| 1171 | PuTTY window to become full-screen. Pressing Alt-Enter again will |
| 1172 | restore the previous window size. |
| 1173 | |
| 1174 | The full-screen feature is also available from the \ii{System menu}, even |
| 1175 | when it is configured not to be available on the Alt-Enter key. See |
| 1176 | \k{using-fullscreen}. |
| 1177 | |
| 1178 | \H{config-translation} The Translation panel |
| 1179 | |
| 1180 | The Translation configuration panel allows you to control the |
| 1181 | translation between the \i{character set} understood by the server and |
| 1182 | the character set understood by PuTTY. |
| 1183 | |
| 1184 | \S{config-charset} Controlling character set translation |
| 1185 | |
| 1186 | \cfg{winhelp-topic}{translation.codepage} |
| 1187 | |
| 1188 | During an interactive session, PuTTY receives a stream of 8-bit |
| 1189 | bytes from the server, and in order to display them on the screen it |
| 1190 | needs to know what character set to interpret them in. |
| 1191 | |
| 1192 | There are a lot of character sets to choose from. The \q{Received |
| 1193 | data assumed to be in which character set} option lets you select |
| 1194 | one. By default PuTTY will attempt to choose a character set that is |
| 1195 | right for your \i{locale} as reported by Windows; if it gets it wrong, |
| 1196 | you can select a different one using this control. |
| 1197 | |
| 1198 | A few notable character sets are: |
| 1199 | |
| 1200 | \b The \i{ISO-8859} series are all standard character sets that include |
| 1201 | various accented characters appropriate for different sets of |
| 1202 | languages. |
| 1203 | |
| 1204 | \b The \i{Win125x} series are defined by Microsoft, for similar |
| 1205 | purposes. In particular Win1252 is almost equivalent to ISO-8859-1, |
| 1206 | but contains a few extra characters such as matched quotes and the |
| 1207 | Euro symbol. |
| 1208 | |
| 1209 | \b If you want the old IBM PC character set with block graphics and |
| 1210 | line-drawing characters, you can select \q{\i{CP437}}. |
| 1211 | |
| 1212 | \b PuTTY also supports \i{Unicode} mode, in which the data coming from |
| 1213 | the server is interpreted as being in the \i{UTF-8} encoding of Unicode. |
| 1214 | If you select \q{UTF-8} as a character set you can use this mode. |
| 1215 | Not all server-side applications will support it. |
| 1216 | |
| 1217 | If you need support for a numeric \i{code page} which is not listed in |
| 1218 | the drop-down list, such as code page 866, then you can try entering |
| 1219 | its name manually (\c{\i{CP866}} for example) in the list box. If the |
| 1220 | underlying version of Windows has the appropriate translation table |
| 1221 | installed, PuTTY will use it. |
| 1222 | |
| 1223 | \S{config-cjk-ambig-wide} \q{Treat \i{CJK} ambiguous characters as wide} |
| 1224 | |
| 1225 | \cfg{winhelp-topic}{translation.cjkambigwide} |
| 1226 | |
| 1227 | There are \I{East Asian Ambiguous characters}some Unicode characters |
| 1228 | whose \I{character width}width is not well-defined. In most contexts, such |
| 1229 | characters should be treated as single-width for the purposes of \I{wrapping, |
| 1230 | terminal}wrapping and so on; however, in some CJK contexts, they are better |
| 1231 | treated as double-width for historical reasons, and some server-side |
| 1232 | applications may expect them to be displayed as such. Setting this option |
| 1233 | will cause PuTTY to take the double-width interpretation. |
| 1234 | |
| 1235 | If you use legacy CJK applications, and you find your lines are |
| 1236 | wrapping in the wrong places, or you are having other display |
| 1237 | problems, you might want to play with this setting. |
| 1238 | |
| 1239 | This option only has any effect in \i{UTF-8} mode (see \k{config-charset}). |
| 1240 | |
| 1241 | \S{config-cyr} \q{\i{Caps Lock} acts as \i{Cyrillic} switch} |
| 1242 | |
| 1243 | \cfg{winhelp-topic}{translation.cyrillic} |
| 1244 | |
| 1245 | This feature allows you to switch between a US/UK keyboard layout |
| 1246 | and a Cyrillic keyboard layout by using the Caps Lock key, if you |
| 1247 | need to type (for example) \i{Russian} and English side by side in the |
| 1248 | same document. |
| 1249 | |
| 1250 | Currently this feature is not expected to work properly if your |
| 1251 | native keyboard layout is not US or UK. |
| 1252 | |
| 1253 | \S{config-linedraw} Controlling display of \i{line-drawing characters} |
| 1254 | |
| 1255 | \cfg{winhelp-topic}{translation.linedraw} |
| 1256 | |
| 1257 | VT100-series terminals allow the server to send \i{control sequence}s that |
| 1258 | shift temporarily into a separate character set for drawing simple |
| 1259 | lines and boxes. However, there are a variety of ways in which PuTTY |
| 1260 | can attempt to find appropriate characters, and the right one to use |
| 1261 | depends on the locally configured \i{font}. In general you should probably |
| 1262 | try lots of options until you find one that your particular font |
| 1263 | supports. |
| 1264 | |
| 1265 | \b \q{Use Unicode line drawing code points} tries to use the box |
| 1266 | characters that are present in \i{Unicode}. For good Unicode-supporting |
| 1267 | fonts this is probably the most reliable and functional option. |
| 1268 | |
| 1269 | \b \q{Poor man's line drawing} assumes that the font \e{cannot} |
| 1270 | generate the line and box characters at all, so it will use the |
| 1271 | \c{+}, \c{-} and \c{|} characters to draw approximations to boxes. |
| 1272 | You should use this option if none of the other options works. |
| 1273 | |
| 1274 | \b \q{Font has XWindows encoding} is for use with fonts that have a |
| 1275 | special encoding, where the lowest 32 character positions (below the |
| 1276 | ASCII printable range) contain the line-drawing characters. This is |
| 1277 | unlikely to be the case with any standard Windows font; it will |
| 1278 | probably only apply to custom-built fonts or fonts that have been |
| 1279 | automatically converted from the X Window System. |
| 1280 | |
| 1281 | \b \q{Use font in both ANSI and OEM modes} tries to use the same |
| 1282 | font in two different character sets, to obtain a wider range of |
| 1283 | characters. This doesn't always work; some fonts claim to be a |
| 1284 | different size depending on which character set you try to use. |
| 1285 | |
| 1286 | \b \q{Use font in OEM mode only} is more reliable than that, but can |
| 1287 | miss out other characters from the main character set. |
| 1288 | |
| 1289 | \S{config-linedrawpaste} Controlling \i{copy and paste} of line drawing |
| 1290 | characters |
| 1291 | |
| 1292 | \cfg{winhelp-topic}{selection.linedraw} |
| 1293 | |
| 1294 | By default, when you copy and paste a piece of the PuTTY screen that |
| 1295 | contains VT100 line and box drawing characters, PuTTY will paste |
| 1296 | them in the form they appear on the screen: either \i{Unicode} line |
| 1297 | drawing code points, or the \q{poor man's} line-drawing characters |
| 1298 | \c{+}, \c{-} and \c{|}. The checkbox \q{Copy and paste VT100 line |
| 1299 | drawing chars as lqqqk} disables this feature, so line-drawing |
| 1300 | characters will be pasted as the \i{ASCII} characters that were printed |
| 1301 | to produce them. This will typically mean they come out mostly as |
| 1302 | \c{q} and \c{x}, with a scattering of \c{jklmntuvw} at the corners. |
| 1303 | This might be useful if you were trying to recreate the same box |
| 1304 | layout in another program, for example. |
| 1305 | |
| 1306 | Note that this option only applies to line-drawing characters which |
| 1307 | \e{were} printed by using the VT100 mechanism. Line-drawing |
| 1308 | characters that were received as Unicode code points will paste as |
| 1309 | Unicode always. |
| 1310 | |
| 1311 | \H{config-selection} The Selection panel |
| 1312 | |
| 1313 | The Selection panel allows you to control the way \i{copy and paste} |
| 1314 | work in the PuTTY window. |
| 1315 | |
| 1316 | \S{config-rtfpaste} Pasting in \i{Rich Text Format} |
| 1317 | |
| 1318 | \cfg{winhelp-topic}{selection.rtf} |
| 1319 | |
| 1320 | If you enable \q{Paste to clipboard in RTF as well as plain text}, |
| 1321 | PuTTY will write formatting information to the clipboard as well as |
| 1322 | the actual text you copy. Currently the only effect of this will be |
| 1323 | that if you paste into (say) a word processor, the text will appear |
| 1324 | in the word processor in the same \i{font} PuTTY was using to display |
| 1325 | it. In future it is likely that other formatting information (bold, |
| 1326 | underline, colours) will be copied as well. |
| 1327 | |
| 1328 | This option can easily be inconvenient, so by default it is |
| 1329 | disabled. |
| 1330 | |
| 1331 | \S{config-mouse} Changing the actions of the mouse buttons |
| 1332 | |
| 1333 | \cfg{winhelp-topic}{selection.buttons} |
| 1334 | |
| 1335 | PuTTY's copy and paste mechanism is by default modelled on the Unix |
| 1336 | \c{xterm} application. The X Window System uses a three-button mouse, |
| 1337 | and the convention is that the \i{left button} \I{selecting text}selects, |
| 1338 | the \i{right button} extends an existing selection, and the |
| 1339 | \i{middle button} pastes. |
| 1340 | |
| 1341 | Windows often only has two mouse buttons, so in PuTTY's default |
| 1342 | configuration (\q{Compromise}), the \e{right} button pastes, and the |
| 1343 | \e{middle} button (if you have one) \I{adjusting a selection}extends |
| 1344 | a selection. |
| 1345 | |
| 1346 | If you have a \i{three-button mouse} and you are already used to the |
| 1347 | \c{xterm} arrangement, you can select it using the \q{Action of |
| 1348 | mouse buttons} control. |
| 1349 | |
| 1350 | Alternatively, with the \q{Windows} option selected, the middle |
| 1351 | button extends, and the right button brings up a \i{context menu} (on |
| 1352 | which one of the options is \q{Paste}). (This context menu is always |
| 1353 | available by holding down Ctrl and right-clicking, regardless of the |
| 1354 | setting of this option.) |
| 1355 | |
| 1356 | \S{config-mouseshift} \q{Shift overrides application's use of mouse} |
| 1357 | |
| 1358 | \cfg{winhelp-topic}{selection.shiftdrag} |
| 1359 | |
| 1360 | PuTTY allows the server to send \i{control codes} that let it |
| 1361 | \I{mouse reporting}take over the mouse and use it for purposes other |
| 1362 | than \i{copy and paste}. |
| 1363 | Applications which use this feature include the text-mode web |
| 1364 | browser \c{links}, the Usenet newsreader \c{trn} version 4, and the |
| 1365 | file manager \c{mc} (Midnight Commander). |
| 1366 | |
| 1367 | When running one of these applications, pressing the mouse buttons |
| 1368 | no longer performs copy and paste. If you do need to copy and paste, |
| 1369 | you can still do so if you hold down Shift while you do your mouse |
| 1370 | clicks. |
| 1371 | |
| 1372 | However, it is possible in theory for applications to even detect |
| 1373 | and make use of Shift + mouse clicks. We don't know of any |
| 1374 | applications that do this, but in case someone ever writes one, |
| 1375 | unchecking the \q{Shift overrides application's use of mouse} |
| 1376 | checkbox will cause Shift + mouse clicks to go to the server as well |
| 1377 | (so that mouse-driven copy and paste will be completely disabled). |
| 1378 | |
| 1379 | If you want to prevent the application from taking over the mouse at |
| 1380 | all, you can do this using the Features control panel; see |
| 1381 | \k{config-features-mouse}. |
| 1382 | |
| 1383 | \S{config-rectselect} Default selection mode |
| 1384 | |
| 1385 | \cfg{winhelp-topic}{selection.rect} |
| 1386 | |
| 1387 | As described in \k{using-selection}, PuTTY has two modes of |
| 1388 | selecting text to be copied to the clipboard. In the default mode |
| 1389 | (\q{Normal}), dragging the mouse from point A to point B selects to |
| 1390 | the end of the line containing A, all the lines in between, and from |
| 1391 | the very beginning of the line containing B. In the other mode |
| 1392 | (\q{Rectangular block}), dragging the mouse between two points |
| 1393 | defines a rectangle, and everything within that rectangle is copied. |
| 1394 | |
| 1395 | Normally, you have to hold down Alt while dragging the mouse to |
| 1396 | select a rectangular block. Using the \q{Default selection mode} |
| 1397 | control, you can set \i{rectangular selection} as the default, and then |
| 1398 | you have to hold down Alt to get the \e{normal} behaviour. |
| 1399 | |
| 1400 | \S{config-charclasses} Configuring \i{word-by-word selection} |
| 1401 | |
| 1402 | \cfg{winhelp-topic}{selection.charclasses} |
| 1403 | |
| 1404 | PuTTY will select a word at a time in the terminal window if you |
| 1405 | \i{double-click} to begin the drag. This panel allows you to control |
| 1406 | precisely what is considered to be a word. |
| 1407 | |
| 1408 | Each character is given a \e{class}, which is a small number |
| 1409 | (typically 0, 1 or 2). PuTTY considers a single word to be any |
| 1410 | number of adjacent characters in the same class. So by modifying the |
| 1411 | assignment of characters to classes, you can modify the word-by-word |
| 1412 | selection behaviour. |
| 1413 | |
| 1414 | In the default configuration, the \i{character classes} are: |
| 1415 | |
| 1416 | \b Class 0 contains \i{white space} and control characters. |
| 1417 | |
| 1418 | \b Class 1 contains most \i{punctuation}. |
| 1419 | |
| 1420 | \b Class 2 contains letters, numbers and a few pieces of punctuation |
| 1421 | (the double quote, minus sign, period, forward slash and |
| 1422 | underscore). |
| 1423 | |
| 1424 | So, for example, if you assign the \c{@} symbol into character class |
| 1425 | 2, you will be able to select an e-mail address with just a double |
| 1426 | click. |
| 1427 | |
| 1428 | In order to adjust these assignments, you start by selecting a group |
| 1429 | of characters in the list box. Then enter a class number in the edit |
| 1430 | box below, and press the \q{Set} button. |
| 1431 | |
| 1432 | This mechanism currently only covers ASCII characters, because it |
| 1433 | isn't feasible to expand the list to cover the whole of Unicode. |
| 1434 | |
| 1435 | Character class definitions can be modified by \i{control sequence}s |
| 1436 | sent by the server. This configuration option controls the |
| 1437 | \e{default} state, which will be restored when you reset the |
| 1438 | terminal (see \k{reset-terminal}). However, if you modify this |
| 1439 | option in mid-session using \q{Change Settings}, it will take effect |
| 1440 | immediately. |
| 1441 | |
| 1442 | \H{config-colours} The Colours panel |
| 1443 | |
| 1444 | The Colours panel allows you to control PuTTY's use of \i{colour}. |
| 1445 | |
| 1446 | \S{config-ansicolour} \q{Allow terminal to specify \i{ANSI colours}} |
| 1447 | |
| 1448 | \cfg{winhelp-topic}{colours.ansi} |
| 1449 | |
| 1450 | This option is enabled by default. If it is disabled, PuTTY will |
| 1451 | ignore any \i{control sequence}s sent by the server to request coloured |
| 1452 | text. |
| 1453 | |
| 1454 | If you have a particularly garish application, you might want to |
| 1455 | turn this option off and make PuTTY only use the default foreground |
| 1456 | and background colours. |
| 1457 | |
| 1458 | \S{config-xtermcolour} \q{Allow terminal to use xterm \i{256-colour mode}} |
| 1459 | |
| 1460 | \cfg{winhelp-topic}{colours.xterm256} |
| 1461 | |
| 1462 | This option is enabled by default. If it is disabled, PuTTY will |
| 1463 | ignore any control sequences sent by the server which use the |
| 1464 | extended 256-colour mode supported by recent versions of \cw{xterm}. |
| 1465 | |
| 1466 | If you have an application which is supposed to use 256-colour mode |
| 1467 | and it isn't working, you may find you need to tell your server that |
| 1468 | your terminal supports 256 colours. On Unix, you do this by ensuring |
| 1469 | that the setting of \i\cw{TERM} describes a 256-colour-capable |
| 1470 | terminal. You can check this using a command such as \c{infocmp}: |
| 1471 | |
| 1472 | \c $ infocmp | grep colors |
| 1473 | \c colors#256, cols#80, it#8, lines#24, pairs#256, |
| 1474 | \e bbbbbbbbbb |
| 1475 | |
| 1476 | If you do not see \cq{colors#256} in the output, you may need to |
| 1477 | change your terminal setting. On modern Linux machines, you could |
| 1478 | try \cq{xterm-256color}. |
| 1479 | |
| 1480 | \S{config-boldcolour} \q{Bolded text is a different colour} |
| 1481 | |
| 1482 | \cfg{winhelp-topic}{colours.bold} |
| 1483 | |
| 1484 | When the server sends a \i{control sequence} indicating that some text |
| 1485 | should be displayed in \i{bold}, PuTTY can handle this two ways. It can |
| 1486 | either change the \i{font} for a bold version, or use the same font in a |
| 1487 | brighter colour. This control lets you choose which. |
| 1488 | |
| 1489 | By default the box is checked, so non-bold text is displayed in |
| 1490 | light grey and bold text is displayed in bright white (and similarly |
| 1491 | in other colours). If you uncheck the box, bold and non-bold text |
| 1492 | will be displayed in the same colour, and instead the font will |
| 1493 | change to indicate the difference. |
| 1494 | |
| 1495 | \S{config-logpalette} \q{Attempt to use \i{logical palettes}} |
| 1496 | |
| 1497 | \cfg{winhelp-topic}{colours.logpal} |
| 1498 | |
| 1499 | Logical palettes are a mechanism by which a Windows application |
| 1500 | running on an \i{8-bit colour} display can select precisely the colours |
| 1501 | it wants instead of going with the Windows standard defaults. |
| 1502 | |
| 1503 | If you are not getting the colours you ask for on an 8-bit display, |
| 1504 | you can try enabling this option. However, be warned that it's never |
| 1505 | worked very well. |
| 1506 | |
| 1507 | \S{config-syscolour} \q{Use \i{system colours}} |
| 1508 | |
| 1509 | \cfg{winhelp-topic}{colours.system} |
| 1510 | |
| 1511 | Enabling this option will cause PuTTY to ignore the configured colours |
| 1512 | for \I{default background}\I{default foreground}\q{Default |
| 1513 | Background/Foreground} and \I{cursor colour}\q{Cursor Colour/Text} (see |
| 1514 | \k{config-colourcfg}), instead going with the system-wide defaults. |
| 1515 | |
| 1516 | Note that non-bold and \i{bold text} will be the same colour if this |
| 1517 | option is enabled. You might want to change to indicating bold text |
| 1518 | by font changes (see \k{config-boldcolour}). |
| 1519 | |
| 1520 | \S{config-colourcfg} Adjusting the colours in the \i{terminal window} |
| 1521 | |
| 1522 | \cfg{winhelp-topic}{colours.config} |
| 1523 | |
| 1524 | The main colour control allows you to specify exactly what colours |
| 1525 | things should be displayed in. To modify one of the PuTTY colours, |
| 1526 | use the list box to select which colour you want to modify. The \i{RGB |
| 1527 | values} for that colour will appear on the right-hand side of the |
| 1528 | list box. Now, if you press the \q{Modify} button, you will be |
| 1529 | presented with a colour selector, in which you can choose a new |
| 1530 | colour to go in place of the old one. |
| 1531 | |
| 1532 | PuTTY allows you to set the \i{cursor colour}, the \i{default foreground} |
| 1533 | and \I{default background}background, and the precise shades of all the |
| 1534 | \I{ANSI colours}ANSI configurable colours (black, red, green, yellow, blue, |
| 1535 | magenta, cyan, and white). You can also modify the precise shades used for |
| 1536 | the \i{bold} versions of these colours; these are used to display bold text |
| 1537 | if you have selected \q{Bolded text is a different colour}, and can also be |
| 1538 | used if the server asks specifically to use them. (Note that \q{Default |
| 1539 | Bold Background} is \e{not} the background colour used for bold text; |
| 1540 | it is only used if the server specifically asks for a bold |
| 1541 | background.) |
| 1542 | |
| 1543 | \H{config-connection} The Connection panel |
| 1544 | |
| 1545 | The Connection panel allows you to configure options that apply to |
| 1546 | more than one type of \i{connection}. |
| 1547 | |
| 1548 | \S{config-keepalive} Using \i{keepalives} to prevent disconnection |
| 1549 | |
| 1550 | \cfg{winhelp-topic}{connection.keepalive} |
| 1551 | |
| 1552 | If you find your sessions are closing unexpectedly (most often with |
| 1553 | \q{Connection reset by peer}) after they have been idle for a while, |
| 1554 | you might want to try using this option. |
| 1555 | |
| 1556 | Some network \i{routers} and \i{firewalls} need to keep track of all |
| 1557 | connections through them. Usually, these firewalls will assume a |
| 1558 | connection is dead if no data is transferred in either direction |
| 1559 | after a certain time interval. This can cause PuTTY sessions to be |
| 1560 | unexpectedly closed by the firewall if no traffic is seen in the |
| 1561 | session for some time. |
| 1562 | |
| 1563 | The keepalive option (\q{Seconds between keepalives}) allows you to |
| 1564 | configure PuTTY to send data through the session at regular |
| 1565 | intervals, in a way that does not disrupt the actual terminal |
| 1566 | session. If you find your firewall is cutting \i{idle connections} off, |
| 1567 | you can try entering a non-zero value in this field. The value is |
| 1568 | measured in seconds; so, for example, if your firewall cuts |
| 1569 | connections off after ten minutes then you might want to enter 300 |
| 1570 | seconds (5 minutes) in the box. |
| 1571 | |
| 1572 | Note that keepalives are not always helpful. They help if you have a |
| 1573 | firewall which drops your connection after an idle period; but if |
| 1574 | the network between you and the server suffers from \i{breaks in |
| 1575 | connectivity} then keepalives can actually make things worse. If a |
| 1576 | session is idle, and connectivity is temporarily lost between the |
| 1577 | endpoints, but the connectivity is restored before either side tries |
| 1578 | to send anything, then there will be no problem - neither endpoint |
| 1579 | will notice that anything was wrong. However, if one side does send |
| 1580 | something during the break, it will repeatedly try to re-send, and |
| 1581 | eventually give up and abandon the connection. Then when |
| 1582 | connectivity is restored, the other side will find that the first |
| 1583 | side doesn't believe there is an open connection any more. |
| 1584 | Keepalives can make this sort of problem worse, because they |
| 1585 | increase the probability that PuTTY will attempt to send data during |
| 1586 | a break in connectivity. Therefore, you might find they help |
| 1587 | connection loss, or you might find they make it worse, depending on |
| 1588 | what \e{kind} of network problems you have between you and the |
| 1589 | server. |
| 1590 | |
| 1591 | Keepalives are only supported in Telnet and SSH; the Rlogin and Raw |
| 1592 | protocols offer no way of implementing them. (For an alternative, see |
| 1593 | \k{config-tcp-keepalives}.) |
| 1594 | |
| 1595 | Note that if you are using \i{SSH-1} and the server has a bug that makes |
| 1596 | it unable to deal with SSH-1 ignore messages (see |
| 1597 | \k{config-ssh-bug-ignore1}), enabling keepalives will have no effect. |
| 1598 | |
| 1599 | \S{config-nodelay} \q{Disable \i{Nagle's algorithm}} |
| 1600 | |
| 1601 | \cfg{winhelp-topic}{connection.nodelay} |
| 1602 | |
| 1603 | Nagle's algorithm is a detail of TCP/IP implementations that tries |
| 1604 | to minimise the number of small data packets sent down a network |
| 1605 | connection. With Nagle's algorithm enabled, PuTTY's \i{bandwidth} usage |
| 1606 | will be slightly more efficient; with it disabled, you may find you |
| 1607 | get a faster response to your keystrokes when connecting to some |
| 1608 | types of server. |
| 1609 | |
| 1610 | The Nagle algorithm is disabled by default for \i{interactive connections}. |
| 1611 | |
| 1612 | \S{config-tcp-keepalives} \q{Enable \i{TCP keepalives}} |
| 1613 | |
| 1614 | \cfg{winhelp-topic}{connection.tcpkeepalive} |
| 1615 | |
| 1616 | \e{NOTE:} TCP keepalives should not be confused with the |
| 1617 | application-level keepalives described in \k{config-keepalive}. If in |
| 1618 | doubt, you probably want application-level keepalives; TCP keepalives |
| 1619 | are provided for completeness. |
| 1620 | |
| 1621 | The idea of TCP keepalives is similar to application-level keepalives, |
| 1622 | and the same caveats apply. The main differences are: |
| 1623 | |
| 1624 | \b TCP keepalives are available on \e{all} connection types, including |
| 1625 | Raw and Rlogin. |
| 1626 | |
| 1627 | \b The interval between TCP keepalives is usually much longer, |
| 1628 | typically two hours; this is set by the operating system, and cannot |
| 1629 | be configured within PuTTY. |
| 1630 | |
| 1631 | \b If the operating system does not receive a response to a keepalive, |
| 1632 | it may send out more in quick succession and terminate the connection |
| 1633 | if no response is received. |
| 1634 | |
| 1635 | TCP keepalives may be more useful for ensuring that \i{half-open connections} |
| 1636 | are terminated than for keeping a connection alive. |
| 1637 | |
| 1638 | TCP keepalives are disabled by default. |
| 1639 | |
| 1640 | \S{config-address-family} \I{Internet protocol version}\q{Internet protocol} |
| 1641 | |
| 1642 | \cfg{winhelp-topic}{connection.ipversion} |
| 1643 | |
| 1644 | This option allows the user to select between the old and new |
| 1645 | Internet protocols and addressing schemes (\i{IPv4} and \i{IPv6}). The |
| 1646 | default setting is \q{Auto}, which means PuTTY will do something |
| 1647 | sensible and try to guess which protocol you wanted. (If you specify |
| 1648 | a literal \i{Internet address}, it will use whichever protocol that |
| 1649 | address implies. If you provide a \i{hostname}, it will see what kinds |
| 1650 | of address exist for that hostname; it will use IPv6 if there is an |
| 1651 | IPv6 address available, and fall back to IPv4 if not.) |
| 1652 | |
| 1653 | If you need to force PuTTY to use a particular protocol, you can |
| 1654 | explicitly set this to \q{IPv4} or \q{IPv6}. |
| 1655 | |
| 1656 | \H{config-data} The Data panel |
| 1657 | |
| 1658 | The Data panel allows you to configure various pieces of data which |
| 1659 | can be sent to the server to affect your connection at the far end. |
| 1660 | |
| 1661 | Each option on this panel applies to more than one protocol. |
| 1662 | Options which apply to only one protocol appear on that protocol's |
| 1663 | configuration panels. |
| 1664 | |
| 1665 | \S{config-username} \q{\ii{Auto-login username}} |
| 1666 | |
| 1667 | \cfg{winhelp-topic}{connection.username} |
| 1668 | |
| 1669 | All three of the SSH, Telnet and Rlogin protocols allow you to |
| 1670 | specify what user name you want to log in as, without having to type |
| 1671 | it explicitly every time. (Some Telnet servers don't support this.) |
| 1672 | |
| 1673 | In this box you can type that user name. |
| 1674 | |
| 1675 | \S{config-termtype} \q{\ii{Terminal-type} string} |
| 1676 | |
| 1677 | \cfg{winhelp-topic}{connection.termtype} |
| 1678 | |
| 1679 | Most servers you might connect to with PuTTY are designed to be |
| 1680 | connected to from lots of different types of terminal. In order to |
| 1681 | send the right \i{control sequence}s to each one, the server will need |
| 1682 | to know what type of terminal it is dealing with. Therefore, each of |
| 1683 | the SSH, Telnet and Rlogin protocols allow a text string to be sent |
| 1684 | down the connection describing the terminal. |
| 1685 | |
| 1686 | PuTTY attempts to emulate the Unix \i\c{xterm} program, and by default |
| 1687 | it reflects this by sending \c{xterm} as a terminal-type string. If |
| 1688 | you find this is not doing what you want - perhaps the remote |
| 1689 | system reports \q{Unknown terminal type} - you could try setting |
| 1690 | this to something different, such as \i\c{vt220}. |
| 1691 | |
| 1692 | If you're not sure whether a problem is due to the terminal type |
| 1693 | setting or not, you probably need to consult the manual for your |
| 1694 | application or your server. |
| 1695 | |
| 1696 | \S{config-termspeed} \q{\ii{Terminal speed}s} |
| 1697 | |
| 1698 | \cfg{winhelp-topic}{connection.termspeed} |
| 1699 | |
| 1700 | The Telnet, Rlogin, and SSH protocols allow the client to specify |
| 1701 | terminal speeds to the server. |
| 1702 | |
| 1703 | This parameter does \e{not} affect the actual speed of the connection, |
| 1704 | which is always \q{as fast as possible}; it is just a hint that is |
| 1705 | sometimes used by server software to modify its behaviour. For |
| 1706 | instance, if a slow speed is indicated, the server may switch to a |
| 1707 | less \i{bandwidth}-hungry display mode. |
| 1708 | |
| 1709 | The value is usually meaningless in a network environment, but |
| 1710 | PuTTY lets you configure it, in case you find the server is reacting |
| 1711 | badly to the default value. |
| 1712 | |
| 1713 | The format is a pair of numbers separated by a comma, for instance, |
| 1714 | \c{38400,38400}. The first number represents the output speed |
| 1715 | (\e{from} the server) in bits per second, and the second is the input |
| 1716 | speed (\e{to} the server). (Only the first is used in the Rlogin |
| 1717 | protocol.) |
| 1718 | |
| 1719 | This option has no effect on Raw connections. |
| 1720 | |
| 1721 | \S{config-environ} Setting \i{environment variables} on the server |
| 1722 | |
| 1723 | \cfg{winhelp-topic}{telnet.environ} |
| 1724 | |
| 1725 | The Telnet protocol provides a means for the client to pass |
| 1726 | environment variables to the server. Many Telnet servers have |
| 1727 | stopped supporting this feature due to security flaws, but PuTTY |
| 1728 | still supports it for the benefit of any servers which have found |
| 1729 | other ways around the security problems than just disabling the |
| 1730 | whole mechanism. |
| 1731 | |
| 1732 | Version 2 of the SSH protocol also provides a similar mechanism, |
| 1733 | which is easier to implement without security flaws. Newer \i{SSH-2} |
| 1734 | servers are more likely to support it than older ones. |
| 1735 | |
| 1736 | This configuration data is not used in the SSH-1, rlogin or raw |
| 1737 | protocols. |
| 1738 | |
| 1739 | To add an environment variable to the list transmitted down the |
| 1740 | connection, you enter the variable name in the \q{Variable} box, |
| 1741 | enter its value in the \q{Value} box, and press the \q{Add} button. |
| 1742 | To remove one from the list, select it in the list box and press |
| 1743 | \q{Remove}. |
| 1744 | |
| 1745 | \H{config-proxy} The Proxy panel |
| 1746 | |
| 1747 | \cfg{winhelp-topic}{proxy.main} |
| 1748 | |
| 1749 | The \ii{Proxy} panel allows you to configure PuTTY to use various types |
| 1750 | of proxy in order to make its network connections. The settings in |
| 1751 | this panel affect the primary network connection forming your PuTTY |
| 1752 | session, but also any extra connections made as a result of SSH \i{port |
| 1753 | forwarding} (see \k{using-port-forwarding}). |
| 1754 | |
| 1755 | \S{config-proxy-type} Setting the proxy type |
| 1756 | |
| 1757 | \cfg{winhelp-topic}{proxy.type} |
| 1758 | |
| 1759 | The \q{Proxy type} radio buttons allow you to configure what type of |
| 1760 | proxy you want PuTTY to use for its network connections. The default |
| 1761 | setting is \q{None}; in this mode no proxy is used for any |
| 1762 | connection. |
| 1763 | |
| 1764 | \b Selecting \I{HTTP proxy}\q{HTTP} allows you to proxy your connections |
| 1765 | through a web server supporting the HTTP \cw{CONNECT} command, as documented |
| 1766 | in \W{http://www.ietf.org/rfc/rfc2817.txt}{RFC 2817}. |
| 1767 | |
| 1768 | \b Selecting \q{SOCKS 4} or \q{SOCKS 5} allows you to proxy your |
| 1769 | connections through a \i{SOCKS server}. |
| 1770 | |
| 1771 | \b Many firewalls implement a less formal type of proxy in which a |
| 1772 | user can make a Telnet connection directly to the firewall machine |
| 1773 | and enter a command such as \c{connect myhost.com 22} to connect |
| 1774 | through to an external host. Selecting \I{Telnet proxy}\q{Telnet} |
| 1775 | allows you to tell PuTTY to use this type of proxy. |
| 1776 | |
| 1777 | \S{config-proxy-exclude} Excluding parts of the network from proxying |
| 1778 | |
| 1779 | \cfg{winhelp-topic}{proxy.exclude} |
| 1780 | |
| 1781 | Typically you will only need to use a proxy to connect to non-local |
| 1782 | parts of your network; for example, your proxy might be required for |
| 1783 | connections outside your company's internal network. In the |
| 1784 | \q{Exclude Hosts/IPs} box you can enter ranges of IP addresses, or |
| 1785 | ranges of DNS names, for which PuTTY will avoid using the proxy and |
| 1786 | make a direct connection instead. |
| 1787 | |
| 1788 | The \q{Exclude Hosts/IPs} box may contain more than one exclusion |
| 1789 | range, separated by commas. Each range can be an IP address or a DNS |
| 1790 | name, with a \c{*} character allowing wildcards. For example: |
| 1791 | |
| 1792 | \c *.example.com |
| 1793 | |
| 1794 | This excludes any host with a name ending in \c{.example.com} from |
| 1795 | proxying. |
| 1796 | |
| 1797 | \c 192.168.88.* |
| 1798 | |
| 1799 | This excludes any host with an IP address starting with 192.168.88 |
| 1800 | from proxying. |
| 1801 | |
| 1802 | \c 192.168.88.*,*.example.com |
| 1803 | |
| 1804 | This excludes both of the above ranges at once. |
| 1805 | |
| 1806 | Connections to the local host (the host name \i\c{localhost}, and any |
| 1807 | \i{loopback IP address}) are never proxied, even if the proxy exclude |
| 1808 | list does not explicitly contain them. It is very unlikely that this |
| 1809 | behaviour would ever cause problems, but if it does you can change |
| 1810 | it by enabling \q{Consider proxying local host connections}. |
| 1811 | |
| 1812 | Note that if you are doing \I{proxy DNS}DNS at the proxy (see |
| 1813 | \k{config-proxy-dns}), you should make sure that your proxy |
| 1814 | exclusion settings do not depend on knowing the IP address of a |
| 1815 | host. If the name is passed on to the proxy without PuTTY looking it |
| 1816 | up, it will never know the IP address and cannot check it against |
| 1817 | your list. |
| 1818 | |
| 1819 | \S{config-proxy-dns} \I{proxy DNS}\ii{Name resolution} when using a proxy |
| 1820 | |
| 1821 | \cfg{winhelp-topic}{proxy.dns} |
| 1822 | |
| 1823 | If you are using a proxy to access a private network, it can make a |
| 1824 | difference whether \i{DNS} name resolution is performed by PuTTY itself |
| 1825 | (on the client machine) or performed by the proxy. |
| 1826 | |
| 1827 | The \q{Do DNS name lookup at proxy end} configuration option allows |
| 1828 | you to control this. If you set it to \q{No}, PuTTY will always do |
| 1829 | its own DNS, and will always pass an IP address to the proxy. If you |
| 1830 | set it to \q{Yes}, PuTTY will always pass host names straight to the |
| 1831 | proxy without trying to look them up first. |
| 1832 | |
| 1833 | If you set this option to \q{Auto} (the default), PuTTY will do |
| 1834 | something it considers appropriate for each type of proxy. Telnet, |
| 1835 | HTTP, and SOCKS5 proxies will have host names passed straight to |
| 1836 | them; SOCKS4 proxies will not. |
| 1837 | |
| 1838 | Note that if you are doing DNS at the proxy, you should make sure |
| 1839 | that your proxy exclusion settings (see \k{config-proxy-exclude}) do |
| 1840 | not depend on knowing the IP address of a host. If the name is |
| 1841 | passed on to the proxy without PuTTY looking it up, it will never |
| 1842 | know the IP address and cannot check it against your list. |
| 1843 | |
| 1844 | The original SOCKS 4 protocol does not support proxy-side DNS. There |
| 1845 | is a protocol extension (SOCKS 4A) which does support it, but not |
| 1846 | all SOCKS 4 servers provide this extension. If you enable proxy DNS |
| 1847 | and your SOCKS 4 server cannot deal with it, this might be why. |
| 1848 | |
| 1849 | \S{config-proxy-auth} \I{proxy username}Username and \I{proxy password}password |
| 1850 | |
| 1851 | \cfg{winhelp-topic}{proxy.auth} |
| 1852 | |
| 1853 | If your proxy requires \I{proxy authentication}authentication, you can |
| 1854 | enter a username and a password in the \q{Username} and \q{Password} boxes. |
| 1855 | |
| 1856 | \I{security hazard}Note that if you save your session, the proxy |
| 1857 | password will be saved in plain text, so anyone who can access your PuTTY |
| 1858 | configuration data will be able to discover it. |
| 1859 | |
| 1860 | Authentication is not fully supported for all forms of proxy: |
| 1861 | |
| 1862 | \b Username and password authentication is supported for HTTP |
| 1863 | proxies and SOCKS 5 proxies. |
| 1864 | |
| 1865 | \lcont{ |
| 1866 | |
| 1867 | \b With SOCKS 5, authentication is via \i{CHAP} if the proxy |
| 1868 | supports it (this is not supported in \i{PuTTYtel}); otherwise the |
| 1869 | password is sent to the proxy in \I{plaintext password}plain text. |
| 1870 | |
| 1871 | \b With HTTP proxying, the only currently supported authentication |
| 1872 | method is \I{HTTP basic}\q{basic}, where the password is sent to the proxy |
| 1873 | in \I{plaintext password}plain text. |
| 1874 | |
| 1875 | } |
| 1876 | |
| 1877 | \b SOCKS 4 can use the \q{Username} field, but does not support |
| 1878 | passwords. |
| 1879 | |
| 1880 | \b You can specify a way to include a username and password in the |
| 1881 | Telnet proxy command (see \k{config-proxy-command}). |
| 1882 | |
| 1883 | \S{config-proxy-command} Specifying the Telnet proxy command |
| 1884 | |
| 1885 | \cfg{winhelp-topic}{proxy.command} |
| 1886 | |
| 1887 | If you are using the \i{Telnet proxy} type, the usual command required |
| 1888 | by the firewall's Telnet server is \c{connect}, followed by a host |
| 1889 | name and a port number. If your proxy needs a different command, |
| 1890 | you can enter an alternative here. |
| 1891 | |
| 1892 | In this string, you can use \c{\\n} to represent a new-line, \c{\\r} |
| 1893 | to represent a carriage return, \c{\\t} to represent a tab |
| 1894 | character, and \c{\\x} followed by two hex digits to represent any |
| 1895 | other character. \c{\\\\} is used to encode the \c{\\} character |
| 1896 | itself. |
| 1897 | |
| 1898 | Also, the special strings \c{%host} and \c{%port} will be replaced |
| 1899 | by the host name and port number you want to connect to. The strings |
| 1900 | \c{%user} and \c{%pass} will be replaced by the proxy username and |
| 1901 | password you specify. To get a literal \c{%} sign, enter \c{%%}. |
| 1902 | |
| 1903 | If the Telnet proxy server prompts for a username and password |
| 1904 | before commands can be sent, you can use a command such as: |
| 1905 | |
| 1906 | \c %user\n%pass\nconnect %host %port\n |
| 1907 | |
| 1908 | This will send your username and password as the first two lines to |
| 1909 | the proxy, followed by a command to connect to the desired host and |
| 1910 | port. Note that if you do not include the \c{%user} or \c{%pass} |
| 1911 | tokens in the Telnet command, then the \q{Username} and \q{Password} |
| 1912 | configuration fields will be ignored. |
| 1913 | |
| 1914 | \H{config-telnet} The \i{Telnet} panel |
| 1915 | |
| 1916 | The Telnet panel allows you to configure options that only apply to |
| 1917 | Telnet sessions. |
| 1918 | |
| 1919 | \S{config-oldenviron} \q{Handling of OLD_ENVIRON ambiguity} |
| 1920 | |
| 1921 | \cfg{winhelp-topic}{telnet.oldenviron} |
| 1922 | |
| 1923 | The original Telnet mechanism for passing \i{environment variables} was |
| 1924 | badly specified. At the time the standard (RFC 1408) was written, |
| 1925 | BSD telnet implementations were already supporting the feature, and |
| 1926 | the intention of the standard was to describe the behaviour the BSD |
| 1927 | implementations were already using. |
| 1928 | |
| 1929 | Sadly there was a typing error in the standard when it was issued, |
| 1930 | and two vital function codes were specified the wrong way round. BSD |
| 1931 | implementations did not change, and the standard was not corrected. |
| 1932 | Therefore, it's possible you might find either \i{BSD} or \i{RFC}-compliant |
| 1933 | implementations out there. This switch allows you to choose which |
| 1934 | one PuTTY claims to be. |
| 1935 | |
| 1936 | The problem was solved by issuing a second standard, defining a new |
| 1937 | Telnet mechanism called \i\cw{NEW_ENVIRON}, which behaved exactly like |
| 1938 | the original \i\cw{OLD_ENVIRON} but was not encumbered by existing |
| 1939 | implementations. Most Telnet servers now support this, and it's |
| 1940 | unambiguous. This feature should only be needed if you have trouble |
| 1941 | passing environment variables to quite an old server. |
| 1942 | |
| 1943 | \S{config-ptelnet} Passive and active \i{Telnet negotiation} modes |
| 1944 | |
| 1945 | \cfg{winhelp-topic}{telnet.passive} |
| 1946 | |
| 1947 | In a Telnet connection, there are two types of data passed between |
| 1948 | the client and the server: actual text, and \e{negotiations} about |
| 1949 | which Telnet extra features to use. |
| 1950 | |
| 1951 | PuTTY can use two different strategies for negotiation: |
| 1952 | |
| 1953 | \b In \I{active Telnet negotiation}\e{active} mode, PuTTY starts to send |
| 1954 | negotiations as soon as the connection is opened. |
| 1955 | |
| 1956 | \b In \I{passive Telnet negotiation}\e{passive} mode, PuTTY will wait to |
| 1957 | negotiate until it sees a negotiation from the server. |
| 1958 | |
| 1959 | The obvious disadvantage of passive mode is that if the server is |
| 1960 | also operating in a passive mode, then negotiation will never begin |
| 1961 | at all. For this reason PuTTY defaults to active mode. |
| 1962 | |
| 1963 | However, sometimes passive mode is required in order to successfully |
| 1964 | get through certain types of firewall and \i{Telnet proxy} server. If |
| 1965 | you have confusing trouble with a \i{firewall}, you could try enabling |
| 1966 | passive mode to see if it helps. |
| 1967 | |
| 1968 | \S{config-telnetkey} \q{Keyboard sends \i{Telnet special commands}} |
| 1969 | |
| 1970 | \cfg{winhelp-topic}{telnet.specialkeys} |
| 1971 | |
| 1972 | If this box is checked, several key sequences will have their normal |
| 1973 | actions modified: |
| 1974 | |
| 1975 | \b the Backspace key on the keyboard will send the \I{Erase Character, |
| 1976 | Telnet special command}Telnet special backspace code; |
| 1977 | |
| 1978 | \b Control-C will send the Telnet special \I{Interrupt Process, Telnet |
| 1979 | special command}Interrupt Process code; |
| 1980 | |
| 1981 | \b Control-Z will send the Telnet special \I{Suspend Process, Telnet |
| 1982 | special command}Suspend Process code. |
| 1983 | |
| 1984 | You probably shouldn't enable this |
| 1985 | unless you know what you're doing. |
| 1986 | |
| 1987 | \S{config-telnetnl} \q{Return key sends \i{Telnet New Line} instead of ^M} |
| 1988 | |
| 1989 | \cfg{winhelp-topic}{telnet.newline} |
| 1990 | |
| 1991 | Unlike most other remote login protocols, the Telnet protocol has a |
| 1992 | special \q{\i{new line}} code that is not the same as the usual line |
| 1993 | endings of Control-M or Control-J. By default, PuTTY sends the |
| 1994 | Telnet New Line code when you press Return, instead of sending |
| 1995 | Control-M as it does in most other protocols. |
| 1996 | |
| 1997 | Most Unix-style Telnet servers don't mind whether they receive |
| 1998 | Telnet New Line or Control-M; some servers do expect New Line, and |
| 1999 | some servers prefer to see ^M. If you are seeing surprising |
| 2000 | behaviour when you press Return in a Telnet session, you might try |
| 2001 | turning this option off to see if it helps. |
| 2002 | |
| 2003 | \H{config-rlogin} The Rlogin panel |
| 2004 | |
| 2005 | The \i{Rlogin} panel allows you to configure options that only apply to |
| 2006 | Rlogin sessions. |
| 2007 | |
| 2008 | \S{config-rlogin-localuser} \I{local username in Rlogin}\q{Local username} |
| 2009 | |
| 2010 | \cfg{winhelp-topic}{rlogin.localuser} |
| 2011 | |
| 2012 | Rlogin allows an automated (password-free) form of login by means of |
| 2013 | a file called \i\c{.rhosts} on the server. You put a line in your |
| 2014 | \c{.rhosts} file saying something like \c{jbloggs@pc1.example.com}, |
| 2015 | and then when you make an Rlogin connection the client transmits the |
| 2016 | username of the user running the Rlogin client. The server checks |
| 2017 | the username and hostname against \c{.rhosts}, and if they match it |
| 2018 | \I{passwordless login}does not ask for a password. |
| 2019 | |
| 2020 | This only works because Unix systems contain a safeguard to stop a |
| 2021 | user from pretending to be another user in an Rlogin connection. |
| 2022 | Rlogin connections have to come from \I{privileged port}port numbers below |
| 2023 | 1024, and Unix systems prohibit this to unprivileged processes; so when the |
| 2024 | server sees a connection from a low-numbered port, it assumes the |
| 2025 | client end of the connection is held by a privileged (and therefore |
| 2026 | trusted) process, so it believes the claim of who the user is. |
| 2027 | |
| 2028 | Windows does not have this restriction: \e{any} user can initiate an |
| 2029 | outgoing connection from a low-numbered port. Hence, the Rlogin |
| 2030 | \c{.rhosts} mechanism is completely useless for securely |
| 2031 | distinguishing several different users on a Windows machine. If you |
| 2032 | have a \c{.rhosts} entry pointing at a Windows PC, you should assume |
| 2033 | that \e{anyone} using that PC can \i{spoof} your username in |
| 2034 | an Rlogin connection and access your account on the server. |
| 2035 | |
| 2036 | The \q{Local username} control allows you to specify what user name |
| 2037 | PuTTY should claim you have, in case it doesn't match your \i{Windows |
| 2038 | user name} (or in case you didn't bother to set up a Windows user |
| 2039 | name). |
| 2040 | |
| 2041 | \H{config-ssh} The SSH panel |
| 2042 | |
| 2043 | The \i{SSH} panel allows you to configure options that only apply to |
| 2044 | SSH sessions. |
| 2045 | |
| 2046 | \S{config-command} Executing a specific command on the server |
| 2047 | |
| 2048 | \cfg{winhelp-topic}{ssh.command} |
| 2049 | |
| 2050 | In SSH, you don't have to run a general shell session on the server. |
| 2051 | Instead, you can choose to run a single specific command (such as a |
| 2052 | mail user agent, for example). If you want to do this, enter the |
| 2053 | command in the \q{\ii{Remote command}} box. |
| 2054 | |
| 2055 | \S{config-ssh-noshell} \q{Don't start a \I{remote shell}shell or |
| 2056 | \I{remote command}command at all} |
| 2057 | |
| 2058 | \cfg{winhelp-topic}{ssh.noshell} |
| 2059 | |
| 2060 | If you tick this box, PuTTY will not attempt to run a shell or |
| 2061 | command after connecting to the remote server. You might want to use |
| 2062 | this option if you are only using the SSH connection for \i{port |
| 2063 | forwarding}, and your user account on the server does not have the |
| 2064 | ability to run a shell. |
| 2065 | |
| 2066 | This feature is only available in \i{SSH protocol version 2} (since the |
| 2067 | version 1 protocol assumes you will always want to run a shell). |
| 2068 | |
| 2069 | This feature can also be enabled using the \c{-N} command-line |
| 2070 | option; see \k{using-cmdline-noshell}. |
| 2071 | |
| 2072 | If you use this feature in Plink, you will not be able to terminate |
| 2073 | the Plink process by any graceful means; the only way to kill it |
| 2074 | will be by pressing Control-C or sending a kill signal from another |
| 2075 | program. |
| 2076 | |
| 2077 | \S{config-ssh-comp} \q{Enable \i{compression}} |
| 2078 | |
| 2079 | \cfg{winhelp-topic}{ssh.compress} |
| 2080 | |
| 2081 | This enables data compression in the SSH connection: data sent by |
| 2082 | the server is compressed before sending, and decompressed at the |
| 2083 | client end. Likewise, data sent by PuTTY to the server is compressed |
| 2084 | first and the server decompresses it at the other end. This can help |
| 2085 | make the most of a low-\i{bandwidth} connection. |
| 2086 | |
| 2087 | \S{config-ssh-prot} \q{Preferred \i{SSH protocol version}} |
| 2088 | |
| 2089 | \cfg{winhelp-topic}{ssh.protocol} |
| 2090 | |
| 2091 | This allows you to select whether you would like to use \i{SSH protocol |
| 2092 | version 1} or \I{SSH-2}version 2. \#{FIXME: say something about this elsewhere?} |
| 2093 | |
| 2094 | PuTTY will attempt to use protocol 1 if the server you connect to |
| 2095 | does not offer protocol 2, and vice versa. |
| 2096 | |
| 2097 | If you select \q{1 only} or \q{2 only} here, PuTTY will only connect |
| 2098 | if the server you connect to offers the SSH protocol version you |
| 2099 | have specified. |
| 2100 | |
| 2101 | \S{config-ssh-encryption} \ii{Encryption} algorithm selection |
| 2102 | |
| 2103 | \cfg{winhelp-topic}{ssh.ciphers} |
| 2104 | |
| 2105 | PuTTY supports a variety of different \i{encryption algorithm}s, and |
| 2106 | allows you to choose which one you prefer to use. You can do this by |
| 2107 | dragging the algorithms up and down in the list box (or moving them |
| 2108 | using the Up and Down buttons) to specify a preference order. When |
| 2109 | you make an SSH connection, PuTTY will search down the list from the |
| 2110 | top until it finds an algorithm supported by the server, and then |
| 2111 | use that. |
| 2112 | |
| 2113 | PuTTY currently supports the following algorithms: |
| 2114 | |
| 2115 | \b \i{AES} (Rijndael) - 256, 192, or 128-bit SDCTR or CBC (SSH-2 only) |
| 2116 | |
| 2117 | \b \i{Arcfour} (RC4) - 256 or 128-bit stream cipher (SSH-2 only) |
| 2118 | |
| 2119 | \b \i{Blowfish} - 256-bit SDCTR (SSH-2 only) or 128-bit CBC |
| 2120 | |
| 2121 | \b \ii{Triple-DES} - 168-bit SDCTR (SSH-2 only) or CBC |
| 2122 | |
| 2123 | \b \ii{Single-DES} - 56-bit CBC (see below for SSH-2) |
| 2124 | |
| 2125 | If the algorithm PuTTY finds is below the \q{warn below here} line, |
| 2126 | you will see a warning box when you make the connection: |
| 2127 | |
| 2128 | \c The first cipher supported by the server |
| 2129 | \c is single-DES, which is below the configured |
| 2130 | \c warning threshold. |
| 2131 | \c Do you want to continue with this connection? |
| 2132 | |
| 2133 | This warns you that the first available encryption is not a very |
| 2134 | secure one. Typically you would put the \q{warn below here} line |
| 2135 | between the encryptions you consider secure and the ones you |
| 2136 | consider substandard. By default, PuTTY supplies a preference order |
| 2137 | intended to reflect a reasonable preference in terms of security and |
| 2138 | speed. |
| 2139 | |
| 2140 | In SSH-2, the encryption algorithm is negotiated independently for |
| 2141 | each direction of the connection, although PuTTY does not support |
| 2142 | separate configuration of the preference orders. As a result you may |
| 2143 | get two warnings similar to the one above, possibly with different |
| 2144 | encryptions. |
| 2145 | |
| 2146 | Single-DES is not recommended in the SSH-2 draft protocol |
| 2147 | standards, but one or two server implementations do support it. |
| 2148 | PuTTY can use single-DES to interoperate with |
| 2149 | these servers if you enable the \q{Enable legacy use of single-DES in |
| 2150 | SSH-2} option; by default this is disabled and PuTTY will stick to |
| 2151 | recommended ciphers. |
| 2152 | |
| 2153 | \H{config-ssh-kex} The Kex panel |
| 2154 | |
| 2155 | \# FIXME: This whole section is draft. Feel free to revise. |
| 2156 | |
| 2157 | The Kex panel (short for \q{\i{key exchange}}) allows you to configure |
| 2158 | options related to SSH-2 key exchange. |
| 2159 | |
| 2160 | Key exchange occurs at the start of an SSH connection (and |
| 2161 | occasionally thereafter); it establishes a \i{shared secret} that is used |
| 2162 | as the basis for all of SSH's security features. It is therefore very |
| 2163 | important for the security of the connection that the key exchange is |
| 2164 | secure. |
| 2165 | |
| 2166 | Key exchange is a cryptographically intensive process; if either the |
| 2167 | client or the server is a relatively slow machine, the slower methods |
| 2168 | may take several tens of seconds to complete. |
| 2169 | |
| 2170 | If connection startup is too slow, or the connection hangs |
| 2171 | periodically, you may want to try changing these settings. |
| 2172 | |
| 2173 | If you don't understand what any of this means, it's safe to leave |
| 2174 | these settings alone. |
| 2175 | |
| 2176 | This entire panel is only relevant to SSH protocol version 2; none of |
| 2177 | these settings affect SSH-1 at all. |
| 2178 | |
| 2179 | \S{config-ssh-kex-order} \ii{Key exchange algorithm} selection |
| 2180 | |
| 2181 | \cfg{winhelp-topic}{ssh.kex.order} |
| 2182 | |
| 2183 | PuTTY supports a variety of SSH-2 key exchange methods, and allows you |
| 2184 | to choose which one you prefer to use; configuration is similar to |
| 2185 | cipher selection (see \k{config-ssh-encryption}). |
| 2186 | |
| 2187 | PuTTY currently supports the following varieties of \i{Diffie-Hellman key |
| 2188 | exchange}: |
| 2189 | |
| 2190 | \b \q{Group 14}: a well-known 2048-bit group. |
| 2191 | |
| 2192 | \b \q{Group 1}: a well-known 1024-bit group. This is less secure |
| 2193 | \#{FIXME better words} than group 14, but may be faster with slow |
| 2194 | client or server machines, and may be the only method supported by |
| 2195 | older server software. |
| 2196 | |
| 2197 | \b \q{\ii{Group exchange}}: with this method, instead of using a fixed |
| 2198 | group, PuTTY requests that the server suggest a group to use for key |
| 2199 | exchange; the server can avoid groups known to be weak, and possibly |
| 2200 | invent new ones over time, without any changes required to PuTTY's |
| 2201 | configuration. We recommend use of this method, if possible. |
| 2202 | |
| 2203 | If the first algorithm PuTTY finds is below the \q{warn below here} |
| 2204 | line, you will see a warning box when you make the connection, similar |
| 2205 | to that for cipher selection (see \k{config-ssh-encryption}). |
| 2206 | |
| 2207 | \S{config-ssh-kex-rekey} \ii{Repeat key exchange} |
| 2208 | |
| 2209 | \cfg{winhelp-topic}{ssh.kex.repeat} |
| 2210 | |
| 2211 | If the session key negotiated at connection startup is used too much |
| 2212 | or for too long, it may become feasible to mount attacks against the |
| 2213 | SSH connection. Therefore, the SSH-2 protocol specifies that a new key |
| 2214 | exchange should take place every so often; this can be initiated by |
| 2215 | either the client or the server. |
| 2216 | |
| 2217 | While this renegotiation is taking place, no data can pass through |
| 2218 | the SSH connection, so it may appear to \q{freeze}. (The occurrence of |
| 2219 | repeat key exchange is noted in the Event Log; see |
| 2220 | \k{using-eventlog}.) Usually the same algorithm is used as at the |
| 2221 | start of the connection, with a similar overhead. |
| 2222 | |
| 2223 | These options control how often PuTTY will initiate a repeat key |
| 2224 | exchange (\q{rekey}). You can also force a key exchange at any time |
| 2225 | from the Special Commands menu (see \k{using-specials}). |
| 2226 | |
| 2227 | \# FIXME: do we have any additions to the SSH-2 drafts' advice on |
| 2228 | these values? Do we want to enforce any limits? |
| 2229 | |
| 2230 | \b \q{Max minutes before rekey} specifies the amount of time that is |
| 2231 | allowed to elapse before a rekey is initiated. If this is set to zero, |
| 2232 | PuTTY will not rekey due to elapsed time. The SSH-2 protocol |
| 2233 | specification recommends a timeout of at most 60 minutes. |
| 2234 | |
| 2235 | You might have a need to disable time-based rekeys completely for the same |
| 2236 | reasons that \i{keepalives} aren't always helpful. If you anticipate |
| 2237 | suffering a network dropout of several hours in the middle of an SSH |
| 2238 | connection, but were not actually planning to send \e{data} down |
| 2239 | that connection during those hours, then an attempted rekey in the |
| 2240 | middle of the dropout will probably cause the connection to be |
| 2241 | abandoned, whereas if rekeys are disabled then the connection should |
| 2242 | in principle survive (in the absence of interfering \i{firewalls}). See |
| 2243 | \k{config-keepalive} for more discussion of these issues; for these |
| 2244 | purposes, rekeys have much the same properties as keepalives. |
| 2245 | (Except that rekeys have cryptographic value in themselves, so you |
| 2246 | should bear that in mind when deciding whether to turn them off.) |
| 2247 | Note, however, the the SSH \e{server} can still initiate rekeys. |
| 2248 | |
| 2249 | \b \q{Max data before rekey} specifies the amount of data (in bytes) |
| 2250 | that is permitted to flow in either direction before a rekey is |
| 2251 | initiated. If this is set to zero, PuTTY will not rekey due to |
| 2252 | transferred data. The SSH-2 protocol specification recommends a limit |
| 2253 | of at most 1 gigabyte. |
| 2254 | |
| 2255 | \lcont{ |
| 2256 | |
| 2257 | As well as specifying a value in bytes, the following shorthand can be |
| 2258 | used: |
| 2259 | |
| 2260 | \b \cq{1k} specifies 1 kilobyte (1024 bytes). |
| 2261 | |
| 2262 | \b \cq{1M} specifies 1 megabyte (1024 kilobytes). |
| 2263 | |
| 2264 | \b \cq{1G} specifies 1 gigabyte (1024 megabytes). |
| 2265 | |
| 2266 | } |
| 2267 | |
| 2268 | Disabling data-based rekeys entirely is a bad idea. The \i{integrity}, |
| 2269 | and to a lesser extent, \i{confidentiality} of the SSH-2 protocol depend |
| 2270 | in part on rekeys occuring before a 32-bit packet sequence number |
| 2271 | wraps around. Unlike time-based rekeys, data-based rekeys won't occur |
| 2272 | when the SSH connection is idle, so they shouldn't cause the same |
| 2273 | problems. The SSH-1 protocol, incidentally, has even weaker integrity |
| 2274 | protection than SSH-2 without rekeys. |
| 2275 | |
| 2276 | \H{config-ssh-auth} The Auth panel |
| 2277 | |
| 2278 | The Auth panel allows you to configure \i{authentication} options for |
| 2279 | SSH sessions. |
| 2280 | |
| 2281 | \S{config-ssh-noauth} \q{Bypass authentication entirely} |
| 2282 | |
| 2283 | \cfg{winhelp-topic}{ssh.auth.bypass} |
| 2284 | |
| 2285 | In SSH-2, it is possible to establish a connection without using SSH's |
| 2286 | mechanisms to identify or authenticate oneself to the server. Some |
| 2287 | servers may prefer to handle authentication in the data channel, for |
| 2288 | instance, or may simply require no authentication whatsoever. |
| 2289 | |
| 2290 | By default, PuTTY assumes the server requires authentication (most |
| 2291 | do), and thus must provide a username. If you find you are getting |
| 2292 | unwanted username prompts, you could try checking this option. |
| 2293 | |
| 2294 | This option only affects SSH-2 connections. SSH-1 connections always |
| 2295 | require an authentication step. |
| 2296 | |
| 2297 | \S{config-ssh-tis} \q{Attempt \I{TIS authentication}TIS or |
| 2298 | \i{CryptoCard authentication}} |
| 2299 | |
| 2300 | \cfg{winhelp-topic}{ssh.auth.tis} |
| 2301 | |
| 2302 | TIS and CryptoCard authentication are simple \I{challenge/response |
| 2303 | authentication}challenge/response forms of authentication available in |
| 2304 | SSH protocol version 1 only. You might use them if you were using \i{S/Key} |
| 2305 | \i{one-time passwords}, for example, or if you had a physical \i{security |
| 2306 | token} that generated responses to authentication challenges. |
| 2307 | |
| 2308 | With this switch enabled, PuTTY will attempt these forms of |
| 2309 | authentication if the server is willing to try them. You will be |
| 2310 | presented with a challenge string (which will be different every |
| 2311 | time) and must supply the correct response in order to log in. If |
| 2312 | your server supports this, you should talk to your system |
| 2313 | administrator about precisely what form these challenges and |
| 2314 | responses take. |
| 2315 | |
| 2316 | \S{config-ssh-ki} \q{Attempt \i{keyboard-interactive authentication}} |
| 2317 | |
| 2318 | \cfg{winhelp-topic}{ssh.auth.ki} |
| 2319 | |
| 2320 | The SSH-2 equivalent of TIS authentication is called |
| 2321 | \q{keyboard-interactive}. It is a flexible authentication method |
| 2322 | using an arbitrary sequence of requests and responses; so it is not |
| 2323 | only useful for \I{challenge/response authentication}challenge/response |
| 2324 | mechanisms such as \i{S/Key}, but it can also be used for (for example) |
| 2325 | asking the user for a \I{password expiry}new password when the old one |
| 2326 | has expired. |
| 2327 | |
| 2328 | PuTTY leaves this option enabled by default, but supplies a switch |
| 2329 | to turn it off in case you should have trouble with it. |
| 2330 | |
| 2331 | \S{config-ssh-agentfwd} \q{Allow \i{agent forwarding}} |
| 2332 | |
| 2333 | \cfg{winhelp-topic}{ssh.auth.agentfwd} |
| 2334 | |
| 2335 | This option allows the SSH server to open forwarded connections back |
| 2336 | to your local copy of \i{Pageant}. If you are not running Pageant, this |
| 2337 | option will do nothing. |
| 2338 | |
| 2339 | See \k{pageant} for general information on Pageant, and |
| 2340 | \k{pageant-forward} for information on agent forwarding. Note that |
| 2341 | there is a security risk involved with enabling this option; see |
| 2342 | \k{pageant-security} for details. |
| 2343 | |
| 2344 | \S{config-ssh-changeuser} \q{Allow attempted \i{changes of username} in SSH-2} |
| 2345 | |
| 2346 | \cfg{winhelp-topic}{ssh.auth.changeuser} |
| 2347 | |
| 2348 | In the SSH-1 protocol, it is impossible to change username after |
| 2349 | failing to authenticate. So if you mis-type your username at the |
| 2350 | PuTTY \q{login as:} prompt, you will not be able to change it except |
| 2351 | by restarting PuTTY. |
| 2352 | |
| 2353 | The SSH-2 protocol \e{does} allow changes of username, in principle, |
| 2354 | but does not make it mandatory for SSH-2 servers to accept them. In |
| 2355 | particular, \i{OpenSSH} does not accept a change of username; once you |
| 2356 | have sent one username, it will reject attempts to try to |
| 2357 | authenticate as another user. (Depending on the version of OpenSSH, |
| 2358 | it may quietly return failure for all login attempts, or it may send |
| 2359 | an error message.) |
| 2360 | |
| 2361 | For this reason, PuTTY will by default not prompt you for your |
| 2362 | username more than once, in case the server complains. If you know |
| 2363 | your server can cope with it, you can enable the \q{Allow attempted |
| 2364 | changes of username} option to modify PuTTY's behaviour. |
| 2365 | |
| 2366 | \S{config-ssh-privkey} \q{\ii{Private key} file for authentication} |
| 2367 | |
| 2368 | \cfg{winhelp-topic}{ssh.auth.privkey} |
| 2369 | |
| 2370 | This box is where you enter the name of your private key file if you |
| 2371 | are using \i{public key authentication}. See \k{pubkey} for information |
| 2372 | about public key authentication in SSH. |
| 2373 | |
| 2374 | This key must be in PuTTY's native format (\c{*.\i{PPK}}). If you have a |
| 2375 | private key in another format that you want to use with PuTTY, see |
| 2376 | \k{puttygen-conversions}. |
| 2377 | |
| 2378 | \H{config-ssh-tty} The TTY panel |
| 2379 | |
| 2380 | The TTY panel lets you configure the remote pseudo-terminal. |
| 2381 | |
| 2382 | \S{config-ssh-pty} \I{pseudo-terminal allocation}\q{Don't allocate |
| 2383 | a pseudo-terminal} |
| 2384 | |
| 2385 | \cfg{winhelp-topic}{ssh.nopty} |
| 2386 | |
| 2387 | When connecting to a \i{Unix} system, most \I{interactive |
| 2388 | connections}interactive shell sessions are run in a \e{pseudo-terminal}, |
| 2389 | which allows the Unix system to pretend it's talking to a real physical |
| 2390 | terminal device but allows the SSH server to catch all the data coming |
| 2391 | from that fake device and send it back to the client. |
| 2392 | |
| 2393 | Occasionally you might find you have a need to run a session \e{not} |
| 2394 | in a pseudo-terminal. In PuTTY, this is generally only useful for |
| 2395 | very specialist purposes; although in Plink (see \k{plink}) it is |
| 2396 | the usual way of working. |
| 2397 | |
| 2398 | \S{config-ttymodes} Sending \i{terminal modes} |
| 2399 | |
| 2400 | \cfg{winhelp-topic}{ssh.ttymodes} |
| 2401 | |
| 2402 | The SSH protocol allows the client to send \q{terminal modes} for |
| 2403 | the remote pseudo-terminal. These usually control the server's |
| 2404 | expectation of the local terminal's behaviour. |
| 2405 | |
| 2406 | If your server does not have sensible defaults for these modes, you |
| 2407 | may find that changing them here helps. If you don't understand any of |
| 2408 | this, it's safe to leave these settings alone. |
| 2409 | |
| 2410 | (None of these settings will have any effect if no pseudo-terminal |
| 2411 | is requested or allocated.) |
| 2412 | |
| 2413 | You can add or modify a mode by selecting it from the drop-down list, |
| 2414 | choosing whether it's set automatically or to a specific value with |
| 2415 | the radio buttons and edit box, and hitting \q{Add}. A mode (or |
| 2416 | several) can be removed from the list by selecting them and hitting |
| 2417 | \q{Remove}. The effect of the mode list is as follows: |
| 2418 | |
| 2419 | \b If a mode is not on the list, it will not be specified to the |
| 2420 | server under any circumstances. |
| 2421 | |
| 2422 | \b If a mode is on the list: |
| 2423 | |
| 2424 | \lcont{ |
| 2425 | |
| 2426 | \b If the \q{Auto} option is selected, the PuTTY tools will decide |
| 2427 | whether to specify that mode to the server, and if so, will send |
| 2428 | a sensible value. |
| 2429 | |
| 2430 | \lcont{ |
| 2431 | |
| 2432 | PuTTY proper will send modes that it has an opinion on (currently only |
| 2433 | the code for the Backspace key, \cw{ERASE}). Plink on Unix |
| 2434 | will propagate appropriate modes from the local terminal, if any. |
| 2435 | |
| 2436 | } |
| 2437 | |
| 2438 | \b If a value is specified, it will be sent to the server under all |
| 2439 | circumstances. The precise syntax of the value box depends on the |
| 2440 | mode. |
| 2441 | |
| 2442 | } |
| 2443 | |
| 2444 | By default, all of the available modes are listed as \q{Auto}, |
| 2445 | which should do the right thing in most circumstances. |
| 2446 | |
| 2447 | The precise effect of each setting, if any, is up to the server. Their |
| 2448 | names come from \i{POSIX} and other Unix systems, and they are most |
| 2449 | likely to have a useful effect on such systems. (These are the same |
| 2450 | settings that can usually be changed using the \i\c{stty} command once |
| 2451 | logged in to such servers.) |
| 2452 | |
| 2453 | Some notable modes are described below; for fuller explanations, see |
| 2454 | your server documentation. |
| 2455 | |
| 2456 | \b \I{ERASE special character}\cw{ERASE} is the character that when typed |
| 2457 | by the user will delete one space to the left. When set to \q{Auto} |
| 2458 | (the default setting), this follows the setting of the local Backspace |
| 2459 | key in PuTTY (see \k{config-backspace}). |
| 2460 | |
| 2461 | \lcont{ |
| 2462 | This and other \i{special character}s are specified using \c{^C} notation |
| 2463 | for Ctrl-C, and so on. Use \c{^<27>} or \c{^<0x1B>} to specify a |
| 2464 | character numerically, and \c{^~} to get a literal \c{^}. Other |
| 2465 | non-control characters are denoted by themselves. Leaving the box |
| 2466 | entirely blank indicates that \e{no} character should be assigned to |
| 2467 | the specified function, although this may not be supported by all |
| 2468 | servers. |
| 2469 | } |
| 2470 | |
| 2471 | \b \I{QUIT special character}\cw{QUIT} is a special character that |
| 2472 | usually forcefully ends the current process on the server |
| 2473 | (\cw{SIGQUIT}). On many servers its default setting is Ctrl-backslash |
| 2474 | (\c{^\\}), which is easy to accidentally invoke on many keyboards. If |
| 2475 | this is getting in your way, you may want to change it to another |
| 2476 | character or turn it off entirely. |
| 2477 | |
| 2478 | \b Boolean modes such as \cw{ECHO} and \cw{ICANON} can be specified in |
| 2479 | PuTTY in a variety of ways, such as \cw{true}/\cw{false}, |
| 2480 | \cw{yes}/\cw{no}, and \cw{0}/\cw{1}. |
| 2481 | |
| 2482 | \b Terminal speeds are configured elsewhere; see \k{config-termspeed}. |
| 2483 | |
| 2484 | \H{config-ssh-x11} The X11 panel |
| 2485 | |
| 2486 | \cfg{winhelp-topic}{ssh.tunnels.x11} |
| 2487 | |
| 2488 | The X11 panel allows you to configure \i{forwarding of X11} over an |
| 2489 | SSH connection. |
| 2490 | |
| 2491 | If your server lets you run X Window System applications, X11 |
| 2492 | forwarding allows you to securely give those applications access to |
| 2493 | a local X display on your PC. |
| 2494 | |
| 2495 | To enable X11 forwarding, check the \q{Enable X11 forwarding} box. |
| 2496 | If your X display is somewhere unusual, you will need to enter its |
| 2497 | location in the \q{X display location} box; if this is left blank, |
| 2498 | PuTTY will try to find a sensible default in the environment, or use the |
| 2499 | primary local display (\c{:0}) if that fails. |
| 2500 | |
| 2501 | See \k{using-x-forwarding} for more information about X11 |
| 2502 | forwarding. |
| 2503 | |
| 2504 | \S{config-ssh-x11auth} Remote \i{X11 authentication} |
| 2505 | |
| 2506 | \cfg{winhelp-topic}{ssh.tunnels.x11auth} |
| 2507 | |
| 2508 | If you are using X11 forwarding, the virtual X server created on the |
| 2509 | SSH server machine will be protected by authorisation data. This |
| 2510 | data is invented, and checked, by PuTTY. |
| 2511 | |
| 2512 | The usual authorisation method used for this is called |
| 2513 | \i\cw{MIT-MAGIC-COOKIE-1}. This is a simple password-style protocol: |
| 2514 | the X client sends some cookie data to the server, and the server |
| 2515 | checks that it matches the real cookie. The cookie data is sent over |
| 2516 | an unencrypted X11 connection; so if you allow a client on a third |
| 2517 | machine to access the virtual X server, then the cookie will be sent |
| 2518 | in the clear. |
| 2519 | |
| 2520 | PuTTY offers the alternative protocol \i\cw{XDM-AUTHORIZATION-1}. This |
| 2521 | is a cryptographically authenticated protocol: the data sent by the |
| 2522 | X client is different every time, and it depends on the IP address |
| 2523 | and port of the client's end of the connection and is also stamped |
| 2524 | with the current time. So an eavesdropper who captures an |
| 2525 | \cw{XDM-AUTHORIZATION-1} string cannot immediately re-use it for |
| 2526 | their own X connection. |
| 2527 | |
| 2528 | PuTTY's support for \cw{XDM-AUTHORIZATION-1} is a somewhat |
| 2529 | experimental feature, and may encounter several problems: |
| 2530 | |
| 2531 | \b Some X clients probably do not even support |
| 2532 | \cw{XDM-AUTHORIZATION-1}, so they will not know what to do with the |
| 2533 | data PuTTY has provided. |
| 2534 | |
| 2535 | \b This authentication mechanism will only work in SSH-2. In SSH-1, |
| 2536 | the SSH server does not tell the client the source address of |
| 2537 | a forwarded connection in a machine-readable format, so it's |
| 2538 | impossible to verify the \cw{XDM-AUTHORIZATION-1} data. |
| 2539 | |
| 2540 | \b You may find this feature causes problems with some SSH servers, |
| 2541 | which will not clean up \cw{XDM-AUTHORIZATION-1} data after a |
| 2542 | session, so that if you then connect to the same server using |
| 2543 | a client which only does \cw{MIT-MAGIC-COOKIE-1} and are allocated |
| 2544 | the same remote display number, you might find that out-of-date |
| 2545 | authentication data is still present on your server and your X |
| 2546 | connections fail. |
| 2547 | |
| 2548 | PuTTY's default is \cw{MIT-MAGIC-COOKIE-1}. If you change it, you |
| 2549 | should be sure you know what you're doing. |
| 2550 | |
| 2551 | \H{config-ssh-portfwd} \I{port forwarding}The Tunnels panel |
| 2552 | |
| 2553 | \cfg{winhelp-topic}{ssh.tunnels.portfwd} |
| 2554 | |
| 2555 | The Tunnels panel allows you to configure tunnelling of arbitrary |
| 2556 | connection types through an SSH connection. |
| 2557 | |
| 2558 | Port forwarding allows you to tunnel other types of \i{network |
| 2559 | connection} down an SSH session. See \k{using-port-forwarding} for a |
| 2560 | general discussion of port forwarding and how it works. |
| 2561 | |
| 2562 | The port forwarding section in the Tunnels panel shows a list of all |
| 2563 | the port forwardings that PuTTY will try to set up when it connects |
| 2564 | to the server. By default no port forwardings are set up, so this |
| 2565 | list is empty. |
| 2566 | |
| 2567 | To add a port forwarding: |
| 2568 | |
| 2569 | \b Set one of the \q{Local} or \q{Remote} radio buttons, depending |
| 2570 | on whether you want to \I{local port forwarding}forward a local port |
| 2571 | to a remote destination (\q{Local}) or \I{remote port forwarding}forward |
| 2572 | a remote port to a local destination (\q{Remote}). Alternatively, |
| 2573 | select \q{Dynamic} if you want PuTTY to \I{dynamic port forwarding}provide |
| 2574 | a local SOCKS 4/4A/5 proxy on a local port. |
| 2575 | |
| 2576 | \b Enter a source \i{port number} into the \q{Source port} box. For |
| 2577 | local forwardings, PuTTY will listen on this port of your PC. For |
| 2578 | remote forwardings, your SSH server will listen on this port of the |
| 2579 | remote machine. Note that most servers will not allow you to listen |
| 2580 | on \I{privileged port}port numbers less than 1024. |
| 2581 | |
| 2582 | \b If you have selected \q{Local} or \q{Remote} (this step is not |
| 2583 | needed with \q{Dynamic}), enter a hostname and port number separated |
| 2584 | by a colon, in the \q{Destination} box. Connections received on the |
| 2585 | source port will be directed to this destination. For example, to |
| 2586 | connect to a POP-3 server, you might enter |
| 2587 | \c{popserver.example.com:110}. |
| 2588 | |
| 2589 | \b Click the \q{Add} button. Your forwarding details should appear |
| 2590 | in the list box. |
| 2591 | |
| 2592 | To remove a port forwarding, simply select its details in the list |
| 2593 | box, and click the \q{Remove} button. |
| 2594 | |
| 2595 | In the \q{Source port} box, you can also optionally enter an \I{listen |
| 2596 | address}IP address to listen on, by specifying (for instance) |
| 2597 | \c{127.0.0.5:79}. |
| 2598 | See \k{using-port-forwarding} for more information on how this |
| 2599 | works and its restrictions. |
| 2600 | |
| 2601 | In place of port numbers, you can enter \i{service names}, if they are |
| 2602 | known to the local system. For instance, in the \q{Destination} box, |
| 2603 | you could enter \c{popserver.example.com:pop3}. |
| 2604 | |
| 2605 | You can modify the currently active set of port forwardings in |
| 2606 | mid-session using \q{Change Settings} (see \k{using-changesettings}). |
| 2607 | If you delete a local or dynamic port forwarding in mid-session, PuTTY |
| 2608 | will stop listening for connections on that port, so it can be re-used |
| 2609 | by another program. If you delete a remote port forwarding, note that: |
| 2610 | |
| 2611 | \b The SSH-1 protocol contains no mechanism for asking the server to |
| 2612 | stop listening on a remote port. |
| 2613 | |
| 2614 | \b The SSH-2 protocol does contain such a mechanism, but not all SSH |
| 2615 | servers support it. (In particular, \i{OpenSSH} does not support it in |
| 2616 | any version earlier than 3.9.) |
| 2617 | |
| 2618 | If you ask to delete a remote port forwarding and PuTTY cannot make |
| 2619 | the server actually stop listening on the port, it will instead just |
| 2620 | start refusing incoming connections on that port. Therefore, |
| 2621 | although the port cannot be reused by another program, you can at |
| 2622 | least be reasonably sure that server-side programs can no longer |
| 2623 | access the service at your end of the port forwarding. |
| 2624 | |
| 2625 | If you delete a forwarding, any existing connections established using |
| 2626 | that forwarding remain open. Similarly, changes to global settings |
| 2627 | such as \q{Local ports accept connections from other hosts} only take |
| 2628 | effect on new forwardings. |
| 2629 | |
| 2630 | \S{config-ssh-portfwd-localhost} Controlling the visibility of |
| 2631 | forwarded ports |
| 2632 | |
| 2633 | \cfg{winhelp-topic}{ssh.tunnels.portfwd.localhost} |
| 2634 | |
| 2635 | The source port for a forwarded connection usually does not accept |
| 2636 | connections from any machine except the \I{localhost}SSH client or |
| 2637 | server machine itself (for local and remote forwardings respectively). |
| 2638 | There are controls in the Tunnels panel to change this: |
| 2639 | |
| 2640 | \b The \q{Local ports accept connections from other hosts} option |
| 2641 | allows you to set up local-to-remote port forwardings in such a way |
| 2642 | that machines other than your client PC can connect to the forwarded |
| 2643 | port. (This also applies to dynamic SOCKS forwarding.) |
| 2644 | |
| 2645 | \b The \q{Remote ports do the same} option does the same thing for |
| 2646 | remote-to-local port forwardings (so that machines other than the |
| 2647 | SSH server machine can connect to the forwarded port.) Note that |
| 2648 | this feature is only available in the SSH-2 protocol, and not all |
| 2649 | SSH-2 servers support it (\i{OpenSSH} 3.0 does not, for example). |
| 2650 | |
| 2651 | \S{config-ssh-portfwd-address-family} Selecting \i{Internet protocol |
| 2652 | version} for forwarded ports |
| 2653 | |
| 2654 | \cfg{winhelp-topic}{ssh.tunnels.portfwd.ipversion} |
| 2655 | |
| 2656 | This switch allows you to select a specific Internet protocol (\i{IPv4} |
| 2657 | or \i{IPv6}) for the local end of a forwarded port. By default, it is |
| 2658 | set on \q{Auto}, which means that: |
| 2659 | |
| 2660 | \b for a local-to-remote port forwarding, PuTTY will listen for |
| 2661 | incoming connections in both IPv4 and (if available) IPv6 |
| 2662 | |
| 2663 | \b for a remote-to-local port forwarding, PuTTY will choose a |
| 2664 | sensible protocol for the outgoing connection. |
| 2665 | |
| 2666 | Note that some operating systems may listen for incoming connections |
| 2667 | in IPv4 even if you specifically asked for IPv6, because their IPv4 |
| 2668 | and IPv6 protocol stacks are linked together. Apparently \i{Linux} does |
| 2669 | this, and Windows does not. So if you're running PuTTY on Windows |
| 2670 | and you tick \q{IPv6} for a local or dynamic port forwarding, it |
| 2671 | will \e{only} be usable by connecting to it using IPv6; whereas if |
| 2672 | you do the same on Linux, you can also use it with IPv4. However, |
| 2673 | ticking \q{Auto} should always give you a port which you can connect |
| 2674 | to using either protocol. |
| 2675 | |
| 2676 | \H{config-ssh-bugs} \I{SSH server bugs}The Bugs panel |
| 2677 | |
| 2678 | Not all SSH servers work properly. Various existing servers have |
| 2679 | bugs in them, which can make it impossible for a client to talk to |
| 2680 | them unless it knows about the bug and works around it. |
| 2681 | |
| 2682 | Since most servers announce their software version number at the |
| 2683 | beginning of the SSH connection, PuTTY will attempt to detect which |
| 2684 | bugs it can expect to see in the server and automatically enable |
| 2685 | workarounds. However, sometimes it will make mistakes; if the server |
| 2686 | has been deliberately configured to conceal its version number, or |
| 2687 | if the server is a version which PuTTY's bug database does not know |
| 2688 | about, then PuTTY will not know what bugs to expect. |
| 2689 | |
| 2690 | The Bugs panel allows you to manually configure the bugs PuTTY |
| 2691 | expects to see in the server. Each bug can be configured in three |
| 2692 | states: |
| 2693 | |
| 2694 | \b \q{Off}: PuTTY will assume the server does not have the bug. |
| 2695 | |
| 2696 | \b \q{On}: PuTTY will assume the server \e{does} have the bug. |
| 2697 | |
| 2698 | \b \q{Auto}: PuTTY will use the server's version number announcement |
| 2699 | to try to guess whether or not the server has the bug. |
| 2700 | |
| 2701 | \S{config-ssh-bug-ignore1} \q{Chokes on SSH-1 \i{ignore message}s} |
| 2702 | |
| 2703 | \cfg{winhelp-topic}{ssh.bugs.ignore1} |
| 2704 | |
| 2705 | An ignore message (SSH_MSG_IGNORE) is a message in the SSH protocol |
| 2706 | which can be sent from the client to the server, or from the server |
| 2707 | to the client, at any time. Either side is required to ignore the |
| 2708 | message whenever it receives it. PuTTY uses ignore messages to hide |
| 2709 | the password packet in SSH-1, so that a listener cannot tell the |
| 2710 | length of the user's password; it also uses ignore messages for |
| 2711 | connection keepalives (see \k{config-keepalive}). |
| 2712 | |
| 2713 | If this bug is detected, PuTTY will stop using ignore messages. This |
| 2714 | means that keepalives will stop working, and PuTTY will have to fall |
| 2715 | back to a secondary defence against SSH-1 password-length |
| 2716 | eavesdropping. See \k{config-ssh-bug-plainpw1}. If this bug is |
| 2717 | enabled when talking to a correct server, the session will succeed, |
| 2718 | but keepalives will not work and the session might be more |
| 2719 | vulnerable to eavesdroppers than it could be. |
| 2720 | |
| 2721 | This is an SSH-1-specific bug. No known SSH-2 server fails to deal |
| 2722 | with SSH-2 ignore messages. |
| 2723 | |
| 2724 | \S{config-ssh-bug-plainpw1} \q{Refuses all SSH-1 \i{password camouflage}} |
| 2725 | |
| 2726 | \cfg{winhelp-topic}{ssh.bugs.plainpw1} |
| 2727 | |
| 2728 | When talking to an SSH-1 server which cannot deal with ignore |
| 2729 | messages (see \k{config-ssh-bug-ignore1}), PuTTY will attempt to |
| 2730 | disguise the length of the user's password by sending additional |
| 2731 | padding \e{within} the password packet. This is technically a |
| 2732 | violation of the SSH-1 specification, and so PuTTY will only do it |
| 2733 | when it cannot use standards-compliant ignore messages as |
| 2734 | camouflage. In this sense, for a server to refuse to accept a padded |
| 2735 | password packet is not really a bug, but it does make life |
| 2736 | inconvenient if the server can also not handle ignore messages. |
| 2737 | |
| 2738 | If this \q{bug} is detected, PuTTY will have no choice but to send |
| 2739 | the user's password with no form of camouflage, so that an |
| 2740 | eavesdropping user will be easily able to find out the exact length |
| 2741 | of the password. If this bug is enabled when talking to a correct |
| 2742 | server, the session will succeed, but will be more vulnerable to |
| 2743 | eavesdroppers than it could be. |
| 2744 | |
| 2745 | This is an SSH-1-specific bug. SSH-2 is secure against this type of |
| 2746 | attack. |
| 2747 | |
| 2748 | \S{config-ssh-bug-rsa1} \q{Chokes on SSH-1 \i{RSA} authentication} |
| 2749 | |
| 2750 | \cfg{winhelp-topic}{ssh.bugs.rsa1} |
| 2751 | |
| 2752 | Some SSH-1 servers cannot deal with RSA authentication messages at |
| 2753 | all. If \i{Pageant} is running and contains any SSH-1 keys, PuTTY will |
| 2754 | normally automatically try RSA authentication before falling back to |
| 2755 | passwords, so these servers will crash when they see the RSA attempt. |
| 2756 | |
| 2757 | If this bug is detected, PuTTY will go straight to password |
| 2758 | authentication. If this bug is enabled when talking to a correct |
| 2759 | server, the session will succeed, but of course RSA authentication |
| 2760 | will be impossible. |
| 2761 | |
| 2762 | This is an SSH-1-specific bug. |
| 2763 | |
| 2764 | \S{config-ssh-bug-hmac2} \q{Miscomputes SSH-2 HMAC keys} |
| 2765 | |
| 2766 | \cfg{winhelp-topic}{ssh.bugs.hmac2} |
| 2767 | |
| 2768 | Versions 2.3.0 and below of the SSH server software from |
| 2769 | \cw{ssh.com} compute the keys for their \i{HMAC} \i{message authentication |
| 2770 | code}s incorrectly. A typical symptom of this problem is that PuTTY |
| 2771 | dies unexpectedly at the beginning of the session, saying |
| 2772 | \q{Incorrect MAC received on packet}. |
| 2773 | |
| 2774 | If this bug is detected, PuTTY will compute its HMAC keys in the |
| 2775 | same way as the buggy server, so that communication will still be |
| 2776 | possible. If this bug is enabled when talking to a correct server, |
| 2777 | communication will fail. |
| 2778 | |
| 2779 | This is an SSH-2-specific bug. |
| 2780 | |
| 2781 | \S{config-ssh-bug-derivekey2} \q{Miscomputes SSH-2 \i{encryption} keys} |
| 2782 | |
| 2783 | \cfg{winhelp-topic}{ssh.bugs.derivekey2} |
| 2784 | |
| 2785 | Versions below 2.0.11 of the SSH server software from \i\cw{ssh.com} |
| 2786 | compute the keys for the session encryption incorrectly. This |
| 2787 | problem can cause various error messages, such as \q{Incoming packet |
| 2788 | was garbled on decryption}, or possibly even \q{Out of memory}. |
| 2789 | |
| 2790 | If this bug is detected, PuTTY will compute its encryption keys in |
| 2791 | the same way as the buggy server, so that communication will still |
| 2792 | be possible. If this bug is enabled when talking to a correct |
| 2793 | server, communication will fail. |
| 2794 | |
| 2795 | This is an SSH-2-specific bug. |
| 2796 | |
| 2797 | \S{config-ssh-bug-sig} \q{Requires padding on SSH-2 \i{RSA} \i{signatures}} |
| 2798 | |
| 2799 | \cfg{winhelp-topic}{ssh.bugs.rsapad2} |
| 2800 | |
| 2801 | Versions below 3.3 of \i{OpenSSH} require SSH-2 RSA signatures to be |
| 2802 | padded with zero bytes to the same length as the RSA key modulus. |
| 2803 | The SSH-2 draft specification says that an unpadded signature MUST be |
| 2804 | accepted, so this is a bug. A typical symptom of this problem is |
| 2805 | that PuTTY mysteriously fails RSA authentication once in every few |
| 2806 | hundred attempts, and falls back to passwords. |
| 2807 | |
| 2808 | If this bug is detected, PuTTY will pad its signatures in the way |
| 2809 | OpenSSH expects. If this bug is enabled when talking to a correct |
| 2810 | server, it is likely that no damage will be done, since correct |
| 2811 | servers usually still accept padded signatures because they're used |
| 2812 | to talking to OpenSSH. |
| 2813 | |
| 2814 | This is an SSH-2-specific bug. |
| 2815 | |
| 2816 | \S{config-ssh-bug-pksessid2} \q{Misuses the \i{session ID} in SSH-2 PK auth} |
| 2817 | |
| 2818 | \cfg{winhelp-topic}{ssh.bugs.pksessid2} |
| 2819 | |
| 2820 | Versions below 2.3 of \i{OpenSSH} require SSH-2 \i{public-key authentication} |
| 2821 | to be done slightly differently: the data to be signed by the client |
| 2822 | contains the session ID formatted in a different way. If public-key |
| 2823 | authentication mysteriously does not work but the Event Log (see |
| 2824 | \k{using-eventlog}) thinks it has successfully sent a signature, it |
| 2825 | might be worth enabling the workaround for this bug to see if it |
| 2826 | helps. |
| 2827 | |
| 2828 | If this bug is detected, PuTTY will sign data in the way OpenSSH |
| 2829 | expects. If this bug is enabled when talking to a correct server, |
| 2830 | SSH-2 public-key authentication will fail. |
| 2831 | |
| 2832 | This is an SSH-2-specific bug. |
| 2833 | |
| 2834 | \S{config-ssh-bug-rekey} \q{Handles SSH-2 key re-exchange badly} |
| 2835 | |
| 2836 | \cfg{winhelp-topic}{ssh.bugs.rekey2} |
| 2837 | |
| 2838 | Some SSH servers cannot cope with \i{repeat key exchange} at |
| 2839 | all, and will ignore attempts by the client to start one. Since |
| 2840 | PuTTY pauses the session while performing a repeat key exchange, the |
| 2841 | effect of this would be to cause the session to hang after an hour |
| 2842 | (unless you have your rekey timeout set differently; see |
| 2843 | \k{config-ssh-kex-rekey} for more about rekeys). |
| 2844 | Other, very old, SSH servers handle repeat key exchange even more |
| 2845 | badly, and disconnect upon receiving a repeat key exchange request. |
| 2846 | |
| 2847 | If this bug is detected, PuTTY will never initiate a repeat key |
| 2848 | exchange. If this bug is enabled when talking to a correct server, |
| 2849 | the session should still function, but may be less secure than you |
| 2850 | would expect. |
| 2851 | |
| 2852 | This is an SSH-2-specific bug. |
| 2853 | |
| 2854 | \H{config-file} \ii{Storing configuration in a file} |
| 2855 | |
| 2856 | PuTTY does not currently support storing its configuration in a file |
| 2857 | instead of the \i{Registry}. However, you can work around this with a |
| 2858 | couple of \i{batch file}s. |
| 2859 | |
| 2860 | You will need a file called (say) \c{PUTTY.BAT} which imports the |
| 2861 | contents of a file into the Registry, then runs PuTTY, exports the |
| 2862 | contents of the Registry back into the file, and deletes the |
| 2863 | Registry entries. This can all be done using the Regedit command |
| 2864 | line options, so it's all automatic. Here is what you need in |
| 2865 | \c{PUTTY.BAT}: |
| 2866 | |
| 2867 | \c @ECHO OFF |
| 2868 | \c regedit /s putty.reg |
| 2869 | \c regedit /s puttyrnd.reg |
| 2870 | \c start /w putty.exe |
| 2871 | \c regedit /ea new.reg HKEY_CURRENT_USER\Software\SimonTatham\PuTTY |
| 2872 | \c copy new.reg putty.reg |
| 2873 | \c del new.reg |
| 2874 | \c regedit /s puttydel.reg |
| 2875 | |
| 2876 | This batch file needs two auxiliary files: \c{PUTTYRND.REG} which |
| 2877 | sets up an initial safe location for the \c{PUTTY.RND} random seed |
| 2878 | file, and \c{PUTTYDEL.REG} which destroys everything in the Registry |
| 2879 | once it's been successfully saved back to the file. |
| 2880 | |
| 2881 | Here is \c{PUTTYDEL.REG}: |
| 2882 | |
| 2883 | \c REGEDIT4 |
| 2884 | \c |
| 2885 | \c [-HKEY_CURRENT_USER\Software\SimonTatham\PuTTY] |
| 2886 | |
| 2887 | Here is an example \c{PUTTYRND.REG} file: |
| 2888 | |
| 2889 | \c REGEDIT4 |
| 2890 | \c |
| 2891 | \c [HKEY_CURRENT_USER\Software\SimonTatham\PuTTY] |
| 2892 | \c "RandSeedFile"="a:\\putty.rnd" |
| 2893 | |
| 2894 | You should replace \c{a:\\putty.rnd} with the location where you |
| 2895 | want to store your random number data. If the aim is to carry around |
| 2896 | PuTTY and its settings on one floppy, you probably want to store it |
| 2897 | on the floppy. |