P. 1
What Are SSH

What Are SSH

|Views: 0|Likes:
Published by Karan Kumar

More info:

Published by: Karan Kumar on Sep 23, 2010
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOCX, PDF, TXT or read online from Scribd
See more
See less

11/14/2015

pdf

text

original

Whut ure SSH, Telnet und Rlogln?

If you ulreudy know whut SSH, Telnet und Rlogln ure, you cun sufely sklp on to the next sectlon.
SSH, Telnet und Rlogln ure three wuys of dolng the sume thlng: logglng ln to u multl-user computer from
unother computer, over u network.
Multl-user operutlng systems, such us Unlx und VMS, usuully present u commund-llne lnterfuce to the user,
much llke the էCommund Promptը or էMS-DOS Promptը ln Wlndows. The system prlnts u prompt, und you type
communds whlch the system wlll obey.
Uslng thls type of lnterfuce, there ls no need for you to be slttlng ut the sume muchlne you ure typlng
communds to. The communds, und responses, cun be sent over u network, so you cun slt ut one computer und
glve communds to unother one, or even to more thun one.
SSH, Telnet und Rlogln ure network protocols (Broudcom 802.11g Network Adupter Drlver) thut ullow you to
do thls. On the computer you slt ut, you run u cllent, whlch mukes u network connectlon to the other computer
(the server). The network connectlon currles your keystrokes und communds from the cllent to the server, und
currles the server's responses buck to you.
These protocols cun ulso be used for other types of keybourd-bused lnteructlve sesslon. In purtlculur, there ure
u lot of bulletln bourds, tulker systems und MUDs (Multl-User Dungeons) whlch support uccess uslng Telnet.
There ure even u few thut support SSH.
You mlght wunt to use SSH, Telnet or Rlogln lf:
y you huve un uccount on u Unlx or VMS system whlch you wunt to be uble to uccess from somewhere
else
y your Internet Servlce Provlder (Lutest Internet Explorer 9 News) provldes you wlth u logln uccount on
u web server. (Thls mlght ulso be known us u shell uccount. A shell ls the progrum thut runs on the
server und lnterprets your communds for you.)
y you wunt to use u bulletln bourd system, tulker or MUD whlch cun be uccessed uslng Telnet.
You probubly do not wunt to use SSH, Telnet or Rlogln lf:
y you only use Wlndows. Wlndows computers huve thelr own wuys of networklng between themselves,
und unless you ure dolng somethlng fulrly unusuul, you wlll not need to use uny of these remote
logln protocols.
1.2 How do SSH, Telnet und Rlogln dlffer?
Thls llst summurlses some of the dlfferences between SSH, Telnet und Rlogln.
y SSH (whlch stunds for էsecure shellը) ls u recently deslgned, hlgh-securlty protoco (Kuspersky Moblle
Securlty)l. It uses strong cryptogruphy to protect your connectlon ugulnst euvesdropplng, hl|ucklng
und other uttucks. Telnet und Rlogln ure both older protocols offerlng mlnlmul securlty.
y SSH und Rlogln both ullow you to log ln to the server wlthout huvlng to type u pussword. (Rlogln's
method of dolng thls ls lnsecure, und cun ullow un uttucker to uccess your uccount on the server.
SSH's method ls much more secure, und typlcully breuklng the securlty requlres the uttucker to huve
gulned uccess to your uctuul cllent muchlne.)
y SSH ullows you to connect to the server und uutomutlcully send u commund, so thut the server wlll
run thut commund und then dlsconnect. So you cun use lt ln uutomuted processlng.
The Internet ls u hostlle envlronment und securlty ls everybody's responslblllty. If you ure connectlng ucross
the open Internet, then we recommend you use SSH. If the server you wunt to connect to doesn't support SSH,
lt mlght be worth trylng to persuude the udmlnlstrutor to lnstull lt.
If your cllent und server ure both behlnd the sume (good) flrewull, lt ls more llkely to be sufe to use Telnet or
Rlogln, but we stlll recommend you use SSH.
2.1 Sturtlng u sesslon
When you sturt PuTTY, you wlll see u dlulog box. Thls dlulog box ullows you to control everythlng PuTTY cun
do. See chupter 4 for detulls of ull the thlngs you cun control.
You don't usuully need to chunge most of the conflgurutlon optlons. To sturt the slmplest klnd of sesslon, ull
you need to do ls to enter u few buslc purumeters.
In the էHost Numeը box, enter the Internet host nume (IP uddress wlth DNS host nume) of the server you wunt
to connect to. You should huve been told thls by the provlder of your logln uccount.
Now select u logln protocol to use, from the էConnectlon typeը buttons. For u logln sesslon, you should select
Telnet, Rlogln or SSH. See sectlon 1.2 for u descrlptlon of the dlfferences between the three protocols, und
udvlce on whlch one to use. The fourth protocol, Ruw, ls not used for lnteructlve logln sesslons; you would
usuully use thls for debugglng other Internet servlces (see sectlon 3.6). The flfth optlon, Serlul, ls used for
connectlng to u locul serlul llne, und works somewhut dlfferently: see sectlon 3.7 for more lnformutlon on thls.
When you chunge the selected protocol, the number ln the էPortը box wlll chunge. Thls ls normul: lt huppens
becuuse the vurlous logln servlces ure usuully provlded on dlfferent network ports by the server muchlne
(SMTP Server softwure). Most servers wlll use the stundurd port numbers, so you wlll not need to chunge the
port settlng. If your server provldes logln servlces on u non-stundurd port, your system udmlnlstrutor should
huve told you whlch one. (For exumple, muny MUDs run Telnet servlce on u port other thun 23.)
Once you huve fllled ln the էHost Numeը, էProtocolը, und posslbly էPortը settlngs, you ure reudy to connect.
Press the էOpenը button ut the bottom of the dlulog box, und PuTTY wlll begln trylng to connect you to the
server.
If you ure not uslng the SSH protocol, you cun sklp thls sectlon.
If you ure uslng SSH to connect to u server for the flrst tlme, you wlll probubly see u messuge looklng
somethlng llke thls:
The server's host key is not cached in the registry. You
have no guarantee that the server is the computer you
think it is.
The server's rsa2 key fingerprint is:
ssh-rsa 1024 7b:e5:6f:a7:f4:f9:81:62:5c:e3:1f:bf:8b:57:6c:5a
If you trust this host, hit Yes to add the key to
PuTTY's cache and carry on connecting.
If you want to carry on connecting just once, without
adding the key to the cache, hit No.
If you do not trust this host, hit Cancel to abandon the
connection.
Thls ls u feuture of the SSH protocol. It ls deslgned to protect you ugulnst u network uttuck known us spooflng:
secretly redlrectlng your connectlon to u dlfferent computer (lPod to Computer Trunsfer), so thut you send your
pussword to the wrong muchlne. Uslng thls technlque, un uttucker would be uble to leurn the pussword thut
guurds your logln uccount, und could then log ln us lf they were you und use the uccount for thelr own
purposes.
To prevent thls uttuck, euch server hus u unlque ldentlfylng code, culled u host key. These keys ure creuted ln
u wuy thut prevents one server from forglng unother server's key. So lf you connect to u server und lt sends
you u dlfferent host key from the one you were expectlng, PuTTY cun wurn you thut the server muy huve been
swltched und thut u spooflng uttuck mlght be ln progress.
PuTTY records the host key for euch server you connect to, ln the Wlndows Reglstry. Every tlme you connect
to u server, lt checks thut the host key presented by the server ls the sume host key us lt wus the lust tlme
(NBA Gume Tlme Courtslde for lPud) you connected. If lt ls not, you wlll see u wurnlng, und you wlll huve the
chunce to ubundon your connectlon before you type uny prlvute lnformutlon (such us u pussword) lnto lt.
However, when you connect to u server you huve not connected to before, PuTTY hus no wuy of telllng
whether the host key ls the rlght one or not. So lt glves the wurnlng shown ubove, und usks you whether you
wunt to trust thls host key or not.
Whether or not to trust the host key ls your cholce. If you ure connectlng wlthln u compuny network, you mlght
feel thut ull the network users ure on the sume slde und spooflng uttucks ure unllkely, so you mlght choose to
trust the key wlthout checklng lt. If you ure connectlng ucross u hostlle network (such us the Internet), you
should check wlth your system udmlnlstrutor, perhups by telephone or ln person. (Some modern servers huve
more thun one host key. If the system udmlnlstrutor sends you more thun one flngerprlnt, you should muke
sure the one PuTTY shows you ls on the llst, but lt doesn't mutter whlch one lt ls.)
After you huve connected, und perhups verlfled the server's host key, you wlll be usked to log ln, probubly
uslng u usernume und u pussword. Your system udmlnlstrutor (System Buckup Softwure) should huve
provlded you wlth these. Enter the usernume und the pussword, und the server should grunt you uccess und
begln your sesslon. If you huve mlstyped your pussword, most servers wlll glve you severul chunces to get lt
rlght.
If you ure uslng SSH, be cureful not to type your usernume wrongly, becuuse you wlll not huve u chunce to
correct lt ufter you press Return; muny SSH servers do not permlt you to muke two logln uttempts uslng
dlfferent usernumes. If you type your usernume wrongly, you must close PuTTY und sturt uguln.
If your pussword ls refused but you ure sure you huve typed lt correctly, check thut Cups Lock ls not enubled.
Muny logln servers, purtlculurly Unlx computers, treut upper cuse und lower cuse us dlfferent when checklng
your pussword; so lf Cups Lock ls on, your pussword wlll probubly be refused
2.4 After logglng ln
After you log ln to the server, whut huppens next ls up to the server! Most servers wlll prlnt some sort of logln
messuge und then present u prompt, ut whlch you cun type communds whlch the server wlll curry out. Some
servers wlll offer you on-llne help; others mlght not. If you ure ln doubt ubout whut to do next, consult your
system udmlnlstrutor.
When you huve flnlshed your sesslon, you should log out by typlng the server's own logout commund. Thls
mlght vury between servers; lf ln doubt, try logout or exit, or consult u munuul or your system udmlnlstrut
(System Buckup Softwure)or. When the server processes your logout commund, the PuTTY wlndow should
close ltself uutomutlcully.
You cun close u PuTTY sesslon uslng the Close button ln the wlndow border, but thls mlght confuse the server
- u blt llke hunglng up u telephone unexpectedly ln the mlddle of u conversutlon. We recommend you do not do
thls unless the server hus stopped respondlng to you und you cunnot close the wlndow uny other wuy
3.1.1 Copylng und pustlng text
Often ln u PuTTY sesslon you wlll flnd text on your termlnul screen (SnugIt Screen Cupture) whlch you wunt
to type ln uguln. Llke most other termlnul emulutors, PuTTY ullows you to copy und puste the text ruther thun
huvlng to type lt uguln. Also, copy und puste uses the Wlndows cllpbourd, so thut you cun puste (for exumple)
URLs lnto u web browser, or puste from u word processor or spreudsheet lnto your termlnul sesslon.
PuTTY's copy und puste works entlrely wlth the mouse. In order to copy text to the cllpbourd, you |ust cllck the
left mouse button ln the termlnul wlndow, und drug to select text. When you let go of the button, the text ls
uutomutlcully copled to the cllpbourd. You do not need to press Ctrl-C or Ctrl-Ins; ln fuct, lf you do press Ctrl-
C, PuTTY wlll send u Ctrl-C churucter down your sesslon to the server where lt wlll probubly cuuse u process
to be lnterrupted.
Pustlng ls done uslng the rlght button (or the mlddle mouse button, lf you huve u three-button mouse und huve
set lt up; see sectlon 4.11.2). (Presslng Shlft-Ins, or selectlng էPusteը from the Ctrl+rlght-cllck context menu,
huve the sume effect.) When you cllck the rlght mouse button, PuTTY wlll reud whutever ls ln the Wlndows
cllpbourd und puste lt lnto your sesslon, exuctly us lf lt hud been typed ut the keybourd. (Therefore, be cureful
of pustlng formutted text lnto un edltor thut does uutomutlc lndentlng; you muy flnd thut the spuces pusted from
the cllpbourd plus the spuces udded by the edltor udd up to too muny spuces und ruln the formuttlng. There ls
nothlng PuTTY cun do ubout thls.)
If you double-cllck the left mouse button, PuTTY wlll select u whole word. If you double-cllck, hold down the
second cllck, und drug the mouse, PuTTY wlll select u sequence of whole words. (You cun ud|ust preclsely
whut PuTTY conslders to be purt of u word; see sectlon 4.11.5.) If you trlple-cllck, or trlple-cllck und drug, then
PuTTY wlll select u whole llne or sequence of llnes.
If you wunt to select u rectungulur reglon lnsteud of selectlng to the end of euch llne, you cun do thls by
holdlng down Alt when you muke your selectlon. (You cun ulso conflgure rectungulur selectlon to be the
defuult, und then holdlng down Alt glves the normul behuvlour lnsteud. See sectlon 4.11.4 for detulls.)
If you huve u mlddle mouse button, then you cun use lt to ud|ust un exlstlng selectlon lf you selected
somethlng sllghtly wrong. (If you huve conflgured the mlddle mouse button to puste, then the rlght mouse
button does thls lnsteud.) Cllck the button on the screen, und you cun plck up the neurest end of the selectlon
und drug lt to somewhere else.
It's posslble for the server to usk to hundle mouse cllcks ln the PuTTY wlndow ltself. If thls huppens, the
mouse polnter wlll turn lnto un urrow, und uslng the mouse to copy und puste wlll only work lf you hold down
Shlft. See sectlon 4.6.2 und sectlon 4.11.3 for detulls of thls feuture und how to conflgure lt.
Chapter 3: Using PuTTY
This chapter provides a general introduction to some more advanced features of PuTTY. For
extreme detail and reference purposes, chapter 4 is likely to contain more information.
3.1 During your session
A lot of PuTTY's complexity and features are in the configuration panel. Once you have worked
your way through that and started a session, things should be reasonably simple after that.
Nevertheless, there are a few more useful features available.
3.1.1 Copying and pasting text
Often in a PuTTY session you will find text on your terminal screen which you want to type in
again. Like most other terminal emulators, PuTTY allows you to copy and paste the text rather
than having to type it again. Also, copy and paste uses the Windows clipboard, so that you can
paste (for example) URLs into a web browser, or paste from a word processor or spreadsheet
into your terminal session.
PuTTY's copy and paste works entirely with the mouse. In order to copy text to the clipboard,
you just click the left mouse button in the terminal window, and drag to select text. When you let
go of the button, the text is automatically copied to the clipboard. You do not need to press Ctrl-
C or Ctrl-Ins; in fact, if you do press Ctrl-C, PuTTY will send a Ctrl-C character down your
session to the server where it will probably cause a process to be interrupted.
Pasting is done using the right button (or the middle mouse button, if you have a three-button
mouse and have set it up; see section 4.11.2). (Pressing Shift-Ins, or selecting µPaste¶ from the
Ctrl+right-click context menu, have the same effect.) When you click the right mouse button,
PuTTY will read whatever is in the Windows clipboard and paste it into your session, exactly as
if it had been typed at the keyboard. (Therefore, be careful of pasting formatted text into an
editor that does automatic indenting; you may find that the spaces pasted from the clipboard plus
the spaces added by the editor add up to too many spaces and ruin the formatting. There is
nothing PuTTY can do about this.)
If you double-click the left mouse button, PuTTY will select a whole word. If you double-click,
hold down the second click, and drag the mouse, PuTTY will select a sequence of whole words.
(You can adjust precisely what PuTTY considers to be part of a word; see section 4.11.5.) If you
triple-click, or triple-click and drag, then PuTTY will select a whole line or sequence of lines.
If you want to select a rectangular region instead of selecting to the end of each line, you can do
this by holding down Alt when you make your selection. (You can also configure rectangular
selection to be the default, and then holding down Alt gives the normal behaviour instead. See
section 4.11.4 for details.)
If you have a middle mouse button, then you can use it to adjust an existing selection if you
selected something slightly wrong. (If you have configured the middle mouse button to paste,
then the right mouse button does this instead.) Click the button on the screen, and you can pick
up the nearest end of the selection and drag it to somewhere else.
It's possible for the server to ask to handle mouse clicks in the PuTTY window itself. If this
happens, the mouse pointer will turn into an arrow, and using the mouse to copy and paste will
only work if you hold down Shift. See section 4.6.2 and section 4.11.3 for details of this feature
and how to configure it.
3.1.2 Scrolling the screen back
PuTTY keeps track of text that has scrolled up off the top of the terminal. So if something
appears on the screen that you want to read, but it scrolls too fast and it's gone by the time you
try to look for it, you can use the scrollbar on the right side of the window to look back up the
session history and find it again.
As well as using the scrollbar, you can also page the scrollback up and down by pressing Shift-
PgUp and Shift-PgDn. You can scroll a line at a time using Ctrl-PgUp and Ctrl-PgDn. These are
still available if you configure the scrollbar to be invisible.
By default the last 200 lines scrolled off the top are preserved for you to look at. You can
increase (or decrease) this value using the configuration box; see section 4.7.3.
3.1.3 The System menu
If you click the left mouse button on the icon in the top left corner of PuTTY's terminal window,
or click the right mouse button on the title bar, you will see the standard Windows system menu
containing items like Minimise, Move, Size and Close.
PuTTY's system menu contains extra program features in addition to the Windows standard
options. These extra menu commands are described below.
(These options are also available in a context menu brought up by holding Ctrl and clicking with
the right mouse button anywhere in the PuTTY window.)
3.1.3.1 The PuTTY Event Log
If you choose µEvent Log¶ from the system menu, a small window will pop up in which PuTTY
logs significant events during the connection. Most of the events in the log will probably take
place during session startup, but a few can occur at any point in the session, and one or two occur
right at the end.
You can use the mouse to select one or more lines of the Event Log, and hit the Copy button to
copy them to the clipboard. If you are reporting a bug, it's often useful to paste the contents of
the Event Log into your bug report.
3.1.3.2 Special commands
Depending on the protocol used for the current session, there may be a submenu of µspecial
commands¶. These are protocol-specific tokens, such as a µbreak¶ signal, that can be sent down a
connection in addition to normal data. Their precise effect is usually up to the server. Currently
only Telnet and SSH have special commands.
The following special commands are available in Telnet:
y Are You There
y Break
y Synch
y Erase Character
PuTTY can also be configured to send this when the Backspace key is pressed; see
section 4.16.3.
y Erase Line
y Go Ahead
y No Operation
Should have no effect.
y Abort Process
y Abort Output
y Interrupt Process
PuTTY can also be configured to send this when Ctrl-C is typed; see section 4.16.3.
y Suspend Process
PuTTY can also be configured to send this when Ctrl-Z is typed; see section 4.16.3.
y End Of Record
y End Of File
In an SSH connection, the following special commands are available:
y IGNORE message
Should have no effect.
y Repeat key exchange
Only available in SSH-2. Forces a repeat key exchange immediately (and resets
associated timers and counters). For more information about repeat key exchanges, see
section 4.19.2.
y Break
Only available in SSH-2, and only during a session. Optional extension; may not be
supported by server. PuTTY requests the server's default break length.
y Signals (SIGINT, SIGTERM etc)
Only available in SSH-2, and only during a session. Sends various POSIX signals. Not
honoured by all servers.
3.1.3.3 Starting new sessions
PuTTY's system menu provides some shortcut ways to start new sessions:
y Selecting ͚New Session͛ will start a completely new instance of PuTTY, and bring up the
configuration box as normal.
y Selecting ͚Duplicate Session͛ will start a session in a new window with precisely the same
options as your current one - connecting to the same host using the same protocol, with all the
same terminal settings and everything.
y In an inactive window, selecting ͚Restart Session͛ will do the same as ͚Duplicate Session͛, but in
the current window.
y The ͚Saved Sessions͛ submenu gives you quick access to any sets of stored session details you
have previously saved. See section 4.1.2 for details of how to create saved sessions.
3.1.3.4 Changing your session settings
If you select µChange Settings¶ from the system menu, PuTTY will display a cut-down version of
its initial configuration box. This allows you to adjust most properties of your current session.
You can change the terminal size, the font, the actions of various keypresses, the colours, and so
on.
Some of the options that are available in the main configuration box are not shown in the cut-
down Change Settings box. These are usually options which don't make sense to change in the
middle of a session (for example, you can't switch from SSH to Telnet in mid-session).
3.1.3.5 Copy All to Clipboard
This system menu option provides a convenient way to copy the whole contents of the terminal
screen (up to the last nonempty line) and scrollback to the clipboard in one go.
3.1.3.6 Clearing and resetting the terminal
The µClear Scrollback¶ option on the system menu tells PuTTY to discard all the lines of text that
have been kept after they scrolled off the top of the screen. This might be useful, for example, if
you displayed sensitive information and wanted to make sure nobody could look over your
shoulder and see it. (Note that this only prevents a casual user from using the scrollbar to view
the information; the text is not guaranteed not to still be in PuTTY's memory.)
The µReset Terminal¶ option causes a full reset of the terminal emulation. A VT-series terminal
is a complex piece of software and can easily get into a state where all the text printed becomes
unreadable. (This can happen, for example, if you accidentally output a binary file to your
terminal.) If this happens, selecting Reset Terminal should sort it out.
3.1.3.7 Full screen mode
If you find the title bar on a maximised window to be ugly or distracting, you can select Full
Screen mode to maximise PuTTY µeven more¶. When you select this, PuTTY will expand to fill
the whole screen and its borders, title bar and scrollbar will disappear. (You can configure the
scrollbar not to disappear in full-screen mode if you want to keep it; see section 4.7.3.)
When you are in full-screen mode, you can still access the system menu if you click the left
mouse button in the extreme top left corner of the screen.
3.2 Creating a log file of your session
For some purposes you may find you want to log everything that appears on your screen. You
can do this using the µLogging¶ panel in the configuration box.
To begin a session log, select µChange Settings¶ from the system menu and go to the Logging
panel. Enter a log file name, and select a logging mode. (You can log all session output including
the terminal control sequences, or you can just log the printable text. It depends what you want
the log for.) Click µApply¶ and your log will be started. Later on, you can go back to the Logging
panel and select µLogging turned off completely¶ to stop logging; then PuTTY will close the log
file and you can safely read it.
See section 4.2 for more details and options.
3.3 Altering your character set configuration
If you find that special characters (accented characters, for example, or line-drawing characters)
are not being displayed correctly in your PuTTY session, it may be that PuTTY is interpreting
the characters sent by the server according to the wrong character set. There are a lot of different
character sets available, so it's entirely possible for this to happen.
If you click µChange Settings¶ and look at the µTranslation¶ panel, you should see a large number
of character sets which you can select, and other related options. Now all you need is to find out
which of them you want! (See section 4.10 for more information.)
3.4 Using X11 forwarding in SSH
The SSH protocol has the ability to securely forward X Window System applications over your
encrypted SSH connection, so that you can run an application on the SSH server machine and
have it put its windows up on your local machine without sending any X network traffic in the
clear.
In order to use this feature, you will need an X display server for your Windows machine, such
as Cygwin/X, X-Win32, or Exceed. This will probably install itself as display number 0 on your
local machine; if it doesn't, the manual for the X server should tell you what it does do.
You should then tick the µEnable X11 forwarding¶ box in the Tunnels panel (see section 4.21)
before starting your SSH session. The µX display location¶ box is blank by default, which means
that PuTTY will try to use a sensible default such as :0, which is the usual display location
where your X server will be installed. If that needs changing, then change it.
Now you should be able to log in to the SSH server as normal. To check that X forwarding has
been successfully negotiated during connection startup, you can check the PuTTY Event Log
(see section 3.1.3.1). It should say something like this:
2001-12-05 17:22:01 Requesting X11 forwarding
2001-12-05 17:22:02 X11 forwarding enabled
If the remote system is Unix or Unix-like, you should also be able to see that the DISPLAY
environment variable has been set to point at display 10 or above on the SSH server machine
itself:
fred@unixbox:~$ echo $DISPLAY
unixbox:10.0
If this works, you should then be able to run X applications in the remote session and have them
display their windows on your PC.
Note that if your PC X server requires authentication to connect, then PuTTY cannot currently
support it. If this is a problem for you, you should mail the PuTTY authors and give details (see
appendix B).
For more options relating to X11 forwarding, see section 4.21.
3.5 Using port forwarding in SSH
The SSH protocol has the ability to forward arbitrary network connections over your encrypted
SSH connection, to avoid the network traffic being sent in clear. For example, you could use this
to connect from your home computer to a POP-3 server on a remote machine without your POP-
3 password being visible to network sniffers.
In order to use port forwarding to connect from your local machine to a port on a remote server,
you need to:
y Choose a port number on your local machine where PuTTY should listen for incoming
connections. There are likely to be plenty of unused port numbers above 3000. (You can also use
a local loopback address here; see below for more details.)
y Now, before you start your SSH connection, go to the Tunnels panel (see section 4.22). Make
sure the ͚Local͛ radio button is set. Enter the local port number into the ͚Source port͛ box. Enter
the destination host name and port number into the ͚Destination͛ box, separated by a colon (for
example, popserver.example.com:110 to connect to a POP-3 server).
y Now click the ͚Add͛ button. The details of your port forwarding should appear in the list box.
Now start your session and log in. (Port forwarding will not be enabled until after you have
logged in; otherwise it would be easy to perform completely anonymous network attacks, and
gain access to anyone's virtual private network.) To check that PuTTY has set up the port
forwarding correctly, you can look at the PuTTY Event Log (see section 3.1.3.1). It should say
something like this:
2001-12-05 17:22:10 Local port 3110 forwarding to
popserver.example.com:110
Now if you connect to the source port number on your local PC, you should find that it answers
you exactly as if it were the service running on the destination machine. So in this example, you
could then configure an e-mail client to use localhost:3110 as a POP-3 server instead of
popserver.example.com:110. (Of course, the forwarding will stop happening when your
PuTTY session closes down.)
You can also forward ports in the other direction: arrange for a particular port number on the
server machine to be forwarded back to your PC as a connection to a service on your PC or near
it. To do this, just select the µRemote¶ radio button instead of the µLocal¶ one. The µSource port¶
box will now specify a port number on the server (note that most servers will not allow you to
use port numbers under 1024 for this purpose).
An alternative way to forward local connections to remote hosts is to use dynamic SOCKS
proxying. For this, you will need to select the µDynamic¶ radio button instead of µLocal¶, and
then you should not enter anything into the µDestination¶ box (it will be ignored). This will cause
PuTTY to listen on the port you have specified, and provide a SOCKS proxy service to any
programs which connect to that port. So, in particular, you can forward other PuTTY
connections through it by setting up the Proxy control panel (see section 4.15 for details).
The source port for a forwarded connection usually does not accept connections from any
machine except the SSH client or server machine itself (for local and remote forwardings
respectively). There are controls in the Tunnels panel to change this:
y The ͚Local ports accept connections from other hosts͛ option allows you to set up local-to-
remote port forwardings (including dynamic port forwardings) in such a way that machines
other than your client PC can connect to the forwarded port.
y The ͚Remote ports do the same͛ option does the same thing for remote-to-local port
forwardings (so that machines other than the SSH server machine can connect to the forwarded
port.) Note that this feature is only available in the SSH-2 protocol, and not all SSH-2 servers
honour it (in OpenSSH, for example, it's usually disabled by default).
You can also specify an IP address to listen on. Typically a Windows machine can be asked to
listen on any single IP address in the 127.*.*.* range, and all of these are loopback addresses
available only to the local machine. So if you forward (for example) 127.0.0.5:79 to a remote
machine's finger port, then you should be able to run commands such as finger
fred@127.0.0.5. This can be useful if the program connecting to the forwarded port doesn't
allow you to change the port number it uses. This feature is available for local-to-remote
forwarded ports; SSH-1 is unable to support it for remote-to-local ports, while SSH-2 can
support it in theory but servers will not necessarily cooperate.
(Note that if you're using Windows XP Service Pack 2, you may need to obtain a fix from
Microsoft in order to use addresses like 127.0.0.5 - see question A.7.20.)
3.6 Making raw TCP connections
A lot of Internet protocols are composed of commands and responses in plain text. For example,
SMTP (the protocol used to transfer e-mail), NNTP (the protocol used to transfer Usenet news),
and HTTP (the protocol used to serve Web pages) all consist of commands in readable plain text.
Sometimes it can be useful to connect directly to one of these services and speak the protocol µby
hand¶, by typing protocol commands and watching the responses. On Unix machines, you can do
this using the system's telnet command to connect to the right port number. For example,
telnet mailserver.example.com 25 might enable you to talk directly to the SMTP service
running on a mail server.
Although the Unix telnet program provides this functionality, the protocol being used is not
really Telnet. Really there is no actual protocol at all; the bytes sent down the connection are
exactly the ones you type, and the bytes shown on the screen are exactly the ones sent by the
server. Unix telnet will attempt to detect or guess whether the service it is talking to is a real
Telnet service or not; PuTTY prefers to be told for certain.
In order to make a debugging connection to a service of this type, you simply select the fourth
protocol name, µRaw¶, from the µProtocol¶ buttons in the µSession¶ configuration panel. (See
section 4.1.1.) You can then enter a host name and a port number, and make the connection.
3.7 The PuTTY command line
PuTTY can be made to do various things without user intervention by supplying command-line
arguments (e.g., from a command prompt window, or a Windows shortcut).
3.7.1 Starting a session from the command line
These options allow you to bypass the configuration window and launch straight into a session.
To start a connection to a server called host:
putty.exe [-ssh | -telnet | -rlogin | -raw] [user@]host
If this syntax is used, settings are taken from the Default Settings (see section 4.1.2); user
overrides these settings if supplied. Also, you can specify a protocol, which will override the
default protocol (see section 3.7.3.2).
For telnet sessions, the following alternative syntax is supported (this makes PuTTY suitable for
use as a URL handler for telnet URLs in web browsers):
putty.exe telnet://host[:port]/
In order to start an existing saved session called sessionname, use the -load option (described
in section 3.7.3.1).
putty.exe -load "session name"
3.7.2 -cleanup
If invoked with the -cleanup option, rather than running as normal, PuTTY will remove its
registry entries and random seed file from the local machine (after confirming with the user).
Note that on multi-user systems, -cleanup only removes registry entries and files associated
with the currently logged-in user.
3.7.3 Standard command-line options
PuTTY and its associated tools support a range of command-line options, most of which are
consistent across all the tools. This section lists the available options in all tools. Options which
are specific to a particular tool are covered in the chapter about that tool.
3.7.3.1 -load: load a saved session
The -load option causes PuTTY to load configuration details out of a saved session. If these
details include a host name, then this option is all you need to make PuTTY start a session.
You need double quotes around the session name if it contains spaces.
If you want to create a Windows shortcut to start a PuTTY saved session, this is the option you
should use: your shortcut should call something like
d:\path\to\putty.exe -load "my session"
(Note that PuTTY itself supports an alternative form of this option, for backwards compatibility.
If you execute putty @sessionname it will have the same effect as putty -load
"sessionname". With the @ form, no double quotes are required, and the @ sign must be the very
first thing on the command line. This form of the option is deprecated.)
3.7.3.2 Selecting a protocol: -ssh, -telnet, -rlogin, -raw
To choose which protocol you want to connect with, you can use one of these options:
y -ssh selects the SSH protocol.
y -telnet selects the Telnet protocol.
y -rlogin selects the Rlogin protocol.
y -raw selects the raw protocol.
These options are not available in the file transfer tools PSCP and PSFTP (which only work with
the SSH protocol).
These options are equivalent to the protocol selection buttons in the Session panel of the PuTTY
configuration box (see section 4.1.1).
3.7.3.3 -v: increase verbosity
Most of the PuTTY tools can be made to tell you more about what they are doing by supplying
the -v option. If you are having trouble when making a connection, or you're simply curious, you
can turn this switch on and hope to find out more about what is happening.
3.7.3.4 -l: specify a login name
You can specify the user name to log in as on the remote server using the -l option. For
example, plink login.example.com -l fred.
These options are equivalent to the username selection box in the Connection panel of the
PuTTY configuration box (see section 4.14.1).
3.7.3.5 -L, -R and -D: set up port forwardings
As well as setting up port forwardings in the PuTTY configuration (see section 4.22), you can
also set up forwardings on the command line. The command-line options work just like the ones
in Unix ssh programs.
To forward a local port (say 5110) to a remote destination (say popserver.example.com port
110), you can write something like one of these:
putty -L 5110:popserver.example.com:110 -load mysession
plink mysession -L 5110:popserver.example.com:110
To forward a remote port to a local destination, just use the -R option instead of -L:
putty -R 5023:mytelnetserver.myhouse.org:23 -load mysession
plink mysession -R 5023:mytelnetserver.myhouse.org:23
To specify an IP address for the listening end of the tunnel, prepend it to the argument:
plink -L 127.0.0.5:23:localhost:23 myhost
To set up SOCKS-based dynamic port forwarding on a local port, use the -D option. For this one
you only have to pass the port number:
putty -D 4096 -load mysession
For general information on port forwarding, see section 3.5.
These options are not available in the file transfer tools PSCP and PSFTP.
3.7.3.6 -m: read a remote command or script from a file
The -m option performs a similar function to the µRemote command¶ box in the SSH panel of the
PuTTY configuration box (see section 4.18.1). However, the -m option expects to be given a
local file name, and it will read a command from that file. On most Unix systems, you can even
put multiple lines in this file and execute more than one command in sequence, or a whole shell
script; but this will not work on all servers (and is known not to work with certain µembedded¶
servers such as routers).
This option is not available in the file transfer tools PSCP and PSFTP.
3.7.3.7 -P: specify a port number
The -P option is used to specify the port number to connect to. If you have a Telnet server
running on port 9696 of a machine instead of port 23, for example:
putty -telnet -P 9696 host.name
plink -telnet -P 9696 host.name
(Note that this option is more useful in Plink than in PuTTY, because in PuTTY you can write
putty -telnet host.name 9696 in any case.)
This option is equivalent to the port number control in the Session panel of the PuTTY
configuration box (see section 4.1.1).
3.7.3.8 -pw: specify a password
A simple way to automate a remote login is to supply your password on the command line. This
is not recommended for reasons of security. If you possibly can, we recommend you set up
public-key authentication instead. See chapter 8 for details.
Note that the -pw option only works when you are using the SSH protocol. Due to fundamental
limitations of Telnet and Rlogin, these protocols do not support automated password
authentication.
3.7.3.9 -A and -a: control agent forwarding
The -A option turns on SSH agent forwarding, and -a turns it off. These options are only
meaningful if you are using SSH.
See chapter 9 for general information on Pageant, and section 9.4 for information on agent
forwarding. Note that there is a security risk involved with enabling this option; see section 9.5
for details.
These options are equivalent to the agent forwarding checkbox in the Auth panel of the PuTTY
configuration box (see section 4.20.3).
These options are not available in the file transfer tools PSCP and PSFTP.
3.7.3.10 -X and -x: control X11 forwarding
The -X option turns on X11 forwarding in SSH, and -x turns it off. These options are only
meaningful if you are using SSH.
For information on X11 forwarding, see section 3.4.
These options are equivalent to the X11 forwarding checkbox in the Tunnels panel of the PuTTY
configuration box (see section 4.21).
These options are not available in the file transfer tools PSCP and PSFTP.
3.7.3.11 -t and -T: control pseudo-terminal allocation
The -t option ensures PuTTY attempts to allocate a pseudo-terminal at the server, and -T stops
it from allocating one. These options are only meaningful if you are using SSH.
These options are equivalent to the µDon't allocate a pseudo-terminal¶ checkbox in the SSH panel
of the PuTTY configuration box (see section 4.18.2).
These options are not available in the file transfer tools PSCP and PSFTP.
3.7.3.12 -N: suppress starting a shell or command
The -N option prevents PuTTY from attempting to start a shell or command on the remote
server. You might want to use this option if you are only using the SSH connection for port
forwarding, and your user account on the server does not have the ability to run a shell.
This feature is only available in SSH protocol version 2 (since the version 1 protocol assumes
you will always want to run a shell).
This option is equivalent to the µDon't start a shell or command at all¶ checkbox in the SSH panel
of the PuTTY configuration box (see section 4.18.3).
This option is not available in the file transfer tools PSCP and PSFTP.
3.7.3.13 -C: enable compression
The -C option enables compression of the data sent across the network. This option is only
meaningful if you are using SSH.
This option is equivalent to the µEnable compression¶ checkbox in the SSH panel of the PuTTY
configuration box (see section 4.18.4).
3.7.3.14 -1 and -2: specify an SSH protocol version
The -1 and -2 options force PuTTY to use version 1 or version 2 of the SSH protocol. These
options are only meaningful if you are using SSH.
These options are equivalent to selecting your preferred SSH protocol version as µ1 only¶ or µ2
only¶ in the SSH panel of the PuTTY configuration box (see section 4.18.5).
3.7.3.15 -4 and -6: specify an Internet protocol version
The -4 and -6 options force PuTTY to use the older Internet protocol IPv4 or the newer IPv6.
These options are equivalent to selecting your preferred Internet protocol version as µIPv4¶ or
µIPv6¶ in the Connection panel of the PuTTY configuration box (see section 4.13.4).
3.7.3.16 -i: specify an SSH private key
The -i option allows you to specify the name of a private key file in *.PPK format which PuTTY
will use to authenticate with the server. This option is only meaningful if you are using SSH.
For general information on public-key authentication, see chapter 8.
This option is equivalent to the µPrivate key file for authentication¶ box in the Auth panel of the
PuTTY configuration box (see section 4.20.5).
3.7.3.17 -pgpfp: display PGP key fingerprints
This option causes the PuTTY tools not to run as normal, but instead to display the fingerprints
of the PuTTY PGP Master Keys, in order to aid with verifying new versions. See appendix E for
more information.

If you want to provide feedback on this manual or on the PuTTY tools themselves, see the
Feedback page.
[PuTTY release 0.58]

WKDWDOORZ\RXWR GRWKLV2QWKHFRPSXWHU\RXVLWDW\RXUXQDFOLHQWZKLFKPDNHVDQHWZRUNFRQQHFWLRQWRWKHRWKHUFRPSXWHU WKHVHUYHU.

7KHQHWZRUNFRQQHFWLRQFDUULHV\RXUNH\VWURNHVDQGFRPPDQGVIURPWKHFOLHQWWRWKHVHUYHUDQG FDUULHVWKHVHUYHU VUHVSRQVHVEDFNWR\RX 7KHVHSURWRFROVFDQDOVREHXVHGIRURWKHUW\SHVRINH\ERDUGEDVHGLQWHUDFWLYHVHVVLRQ.QSDUWLFXODUWKHUHDUH DORWRIEXOOHWLQERDUGVWDONHUV\VWHPVDQG08'V 0XOWL8VHU'XQJHRQV.

QWHUQHW([SORUHU1HZV.QWHUQHW6HUYLFH3URYLGHU /DWHVW.ZKLFKVXSSRUWDFFHVVXVLQJ7HOQHW 7KHUHDUHHYHQDIHZWKDWVXSSRUW66+ <RXPLJKWZDQWWRXVH66+7HOQHWRU5ORJLQLI y \RXKDYHDQDFFRXQWRQD8QL[RU906V\VWHPZKLFK\RXZDQWWREHDEOHWRDFFHVVIURPVRPHZKHUH HOVH y \RXU.

SURYLGHV\RXZLWKDORJLQDFFRXQWRQ DZHEVHUYHU 7KLVPLJKWDOVREHNQRZQDVDVKHOODFFRXQW$VKHOOLVWKHSURJUDPWKDWUXQVRQWKH VHUYHUDQGLQWHUSUHWV\RXUFRPPDQGVIRU\RX.

 y \RXZDQWWRXVHDEXOOHWLQERDUGV\VWHPWDONHURU08'ZKLFKFDQEHDFFHVVHGXVLQJ7HOQHW <RXSUREDEO\GRQRWZDQWWRXVH66+7HOQHWRU5ORJLQLI y \RXRQO\XVH:LQGRZV:LQGRZVFRPSXWHUVKDYHWKHLURZQZD\VRIQHWZRUNLQJEHWZHHQWKHPVHOYHV DQGXQOHVV\RXDUHGRLQJVRPHWKLQJIDLUO\XQXVXDO\RXZLOOQRWQHHGWRXVHDQ\RIWKHVHUHPRWH ORJLQSURWRFROV +RZGR66+7HOQHWDQG5ORJLQGLIIHU" 7KLVOLVWVXPPDULVHVVRPHRIWKHGLIIHUHQFHVEHWZHHQ66+7HOQHWDQG5ORJLQ y 66+ ZKLFKVWDQGVIRU VHFXUHVKHOO .

LVDUHFHQWO\GHVLJQHGKLJKVHFXULW\SURWRFR .DVSHUVN\0RELOH 6HFXULW\.

WXVHVVWURQJFU\SWRJUDSK\WRSURWHFW\RXUFRQQHFWLRQDJDLQVWHDYHVGURSSLQJKLMDFNLQJ DQGRWKHUDWWDFNV7HOQHWDQG5ORJLQDUHERWKROGHUSURWRFROVRIIHULQJPLQLPDOVHFXULW\ y 66+DQG5ORJLQERWKDOORZ\RXWRORJLQWRWKHVHUYHUZLWKRXWKDYLQJWRW\SHDSDVVZRUG 5ORJLQ V PHWKRGRIGRLQJWKLVLVLQVHFXUHDQGFDQDOORZDQDWWDFNHUWRDFFHVV\RXUDFFRXQWRQWKHVHUYHU 66+ VPHWKRGLVPXFKPRUHVHFXUHDQGW\SLFDOO\EUHDNLQJWKHVHFXULW\UHTXLUHVWKHDWWDFNHUWRKDYH JDLQHGDFFHVVWR\RXUDFWXDOFOLHQWPDFKLQH.O.

 .

QWHUQHWWKHQZHUHFRPPHQG\RXXVH66+.QWHUQHWLVDKRVWLOHHQYLURQPHQWDQGVHFXULW\LVHYHU\ERG\ VUHVSRQVLELOLW\.IWKHVHUYHU\RXZDQWWRFRQQHFWWRGRHVQ WVXSSRUW66+ LWPLJKWEHZRUWKWU\LQJWRSHUVXDGHWKHDGPLQLVWUDWRUWRLQVWDOOLW .I\RXUFOLHQWDQGVHUYHUDUHERWKEHKLQGWKHVDPH JRRG.y 66+DOORZV\RXWRFRQQHFWWRWKHVHUYHUDQGDXWRPDWLFDOO\VHQGDFRPPDQGVRWKDWWKHVHUYHUZLOO UXQWKDWFRPPDQGDQGWKHQGLVFRQQHFW6R\RXFDQXVHLWLQDXWRPDWHGSURFHVVLQJ 7KH.I\RXDUHFRQQHFWLQJDFURVV WKHRSHQ.

QWHUQHWKRVWQDPH .3DGGUHVVZLWK'16KRVWQDPH.QWKH +RVW1DPH ER[HQWHUWKH.ILUHZDOOLWLVPRUHOLNHO\WREHVDIHWRXVH7HOQHWRU 5ORJLQEXWZHVWLOOUHFRPPHQG\RXXVH66+ 6WDUWLQJDVHVVLRQ :KHQ\RXVWDUW3X77<\RXZLOOVHHDGLDORJER[7KLVGLDORJER[DOORZV\RXWRFRQWUROHYHU\WKLQJ3X77<FDQ GR6HHFKDSWHUIRUGHWDLOVRIDOOWKHWKLQJV\RXFDQFRQWURO <RXGRQ WXVXDOO\QHHGWRFKDQJHPRVWRIWKHFRQILJXUDWLRQRSWLRQV7RVWDUWWKHVLPSOHVWNLQGRIVHVVLRQDOO \RXQHHGWRGRLVWRHQWHUDIHZEDVLFSDUDPHWHUV .

QWHUQHWVHUYLFHV VHHVHFWLRQ.RIWKHVHUYHU\RXZDQW WRFRQQHFWWR<RXVKRXOGKDYHEHHQWROGWKLVE\WKHSURYLGHURI\RXUORJLQDFFRXQW 1RZVHOHFWDORJLQSURWRFROWRXVHIURPWKH &RQQHFWLRQW\SH EXWWRQV)RUDORJLQVHVVLRQ\RXVKRXOGVHOHFW 7HOQHW5ORJLQRU66+6HHVHFWLRQIRUDGHVFULSWLRQRIWKHGLIIHUHQFHVEHWZHHQWKHWKUHHSURWRFROVDQG DGYLFHRQZKLFKRQHWRXVH7KHIRXUWKSURWRFRO5DZLVQRWXVHGIRULQWHUDFWLYHORJLQVHVVLRQV\RXZRXOG XVXDOO\XVHWKLVIRUGHEXJJLQJRWKHU.

7KHILIWKRSWLRQ6HULDOLVXVHGIRU FRQQHFWLQJWRDORFDOVHULDOOLQHDQGZRUNVVRPHZKDWGLIIHUHQWO\VHHVHFWLRQIRUPRUHLQIRUPDWLRQRQWKLV :KHQ\RXFKDQJHWKHVHOHFWHGSURWRFROWKHQXPEHULQWKH 3RUW ER[ZLOOFKDQJH7KLVLVQRUPDOLWKDSSHQV EHFDXVHWKHYDULRXVORJLQVHUYLFHVDUHXVXDOO\SURYLGHGRQGLIIHUHQWQHWZRUNSRUWVE\WKHVHUYHUPDFKLQH 60736HUYHUVRIWZDUH.

0RVWVHUYHUVZLOOXVHWKHVWDQGDUGSRUWQXPEHUVVR\RXZLOOQRWQHHGWRFKDQJHWKH SRUWVHWWLQJ.I\RXUVHUYHUSURYLGHVORJLQVHUYLFHVRQDQRQVWDQGDUGSRUW\RXUV\VWHPDGPLQLVWUDWRUVKRXOG KDYHWROG\RXZKLFKRQH )RUH[DPSOHPDQ\08'VUXQ7HOQHWVHUYLFHRQDSRUWRWKHUWKDQ.

hit Yes to add the key to PuTTY's cache and carry on connecting. hit Cancel to abandon the connection.I\RXDUHXVLQJ66+WRFRQQHFWWRDVHUYHUIRUWKHILUVWWLPH\RXZLOOSUREDEO\VHHDPHVVDJHORRNLQJ VRPHWKLQJOLNHWKLV The server's host key is not cached in the registry. If you want to carry on connecting just once. The server's rsa2 key fingerprint is: ssh-rsa 1024 7b:e5:6f:a7:f4:f9:81:62:5c:e3:1f:bf:8b:57:6c:5a If you trust this host. You have no guarantee that the server is the computer you think it is.I\RXDUHQRWXVLQJWKH66+SURWRFRO\RXFDQVNLSWKLVVHFWLRQ . without adding the key to the cache. 2QFH\RXKDYHILOOHGLQWKH +RVW1DPH  3URWRFRO DQGSRVVLEO\ 3RUW VHWWLQJV\RXDUHUHDG\WRFRQQHFW 3UHVVWKH 2SHQ EXWWRQDWWKHERWWRPRIWKHGLDORJER[DQG3X77<ZLOOEHJLQWU\LQJWRFRQQHFW\RXWRWKH VHUYHU . . If you do not trust this host. hit No.

WLVGHVLJQHGWRSURWHFW\RXDJDLQVWDQHWZRUNDWWDFNNQRZQDVVSRRILQJ VHFUHWO\UHGLUHFWLQJ\RXUFRQQHFWLRQWRDGLIIHUHQWFRPSXWHU L3RGWR&RPSXWHU7UDQVIHU.7KLVLVDIHDWXUHRIWKH66+SURWRFRO.

VRWKDW\RXVHQG\RXU SDVVZRUGWRWKHZURQJPDFKLQH8VLQJWKLVWHFKQLTXHDQDWWDFNHUZRXOGEHDEOHWROHDUQWKHSDVVZRUGWKDW JXDUGV\RXUORJLQDFFRXQWDQGFRXOGWKHQORJLQDVLIWKH\ZHUH\RXDQGXVHWKHDFFRXQWIRUWKHLURZQ SXUSRVHV 7RSUHYHQWWKLVDWWDFNHDFKVHUYHUKDVDXQLTXHLGHQWLI\LQJFRGHFDOOHGDKRVWNH\7KHVHNH\VDUHFUHDWHGLQ DZD\WKDWSUHYHQWVRQHVHUYHUIURPIRUJLQJDQRWKHUVHUYHU VNH\6RLI\RXFRQQHFWWRDVHUYHUDQGLWVHQGV \RXDGLIIHUHQWKRVWNH\IURPWKHRQH\RXZHUHH[SHFWLQJ3X77<FDQZDUQ\RXWKDWWKHVHUYHUPD\KDYHEHHQ VZLWFKHGDQGWKDWDVSRRILQJDWWDFNPLJKWEHLQSURJUHVV 3X77<UHFRUGVWKHKRVWNH\IRUHDFKVHUYHU\RXFRQQHFWWRLQWKH:LQGRZV5HJLVWU\(YHU\WLPH\RXFRQQHFW WRDVHUYHULWFKHFNVWKDWWKHKRVWNH\SUHVHQWHGE\WKHVHUYHULVWKHVDPHKRVWNH\DVLWZDVWKHODVWWLPH 1%$*DPH7LPH&RXUWVLGHIRUL3DG.

\RXFRQQHFWHG.ILWLVQRW\RXZLOOVHHDZDUQLQJDQG\RXZLOOKDYHWKH FKDQFHWRDEDQGRQ\RXUFRQQHFWLRQEHIRUH\RXW\SHDQ\SULYDWHLQIRUPDWLRQ VXFKDVDSDVVZRUG.

QWHUQHW.I\RXDUHFRQQHFWLQJZLWKLQDFRPSDQ\QHWZRUN\RXPLJKW IHHOWKDWDOOWKHQHWZRUNXVHUVDUHRQWKHVDPHVLGHDQGVSRRILQJDWWDFNVDUHXQOLNHO\VR\RXPLJKWFKRRVHWR WUXVWWKHNH\ZLWKRXWFKHFNLQJLW.I\RXDUHFRQQHFWLQJDFURVVDKRVWLOHQHWZRUN VXFKDVWKH.LQWRLW +RZHYHUZKHQ\RXFRQQHFWWRDVHUYHU\RXKDYHQRWFRQQHFWHGWREHIRUH3X77<KDVQRZD\RIWHOOLQJ ZKHWKHUWKHKRVWNH\LVWKHULJKWRQHRUQRW6RLWJLYHVWKHZDUQLQJVKRZQDERYHDQGDVNV\RXZKHWKHU\RX ZDQWWRWUXVWWKLVKRVWNH\RUQRW :KHWKHURUQRWWRWUXVWWKHKRVWNH\LV\RXUFKRLFH.

\RX VKRXOGFKHFNZLWK\RXUV\VWHPDGPLQLVWUDWRUSHUKDSVE\WHOHSKRQHRULQSHUVRQ 6RPHPRGHUQVHUYHUVKDYH PRUHWKDQRQHKRVWNH\.IWKHV\VWHPDGPLQLVWUDWRUVHQGV\RXPRUHWKDQRQHILQJHUSULQW\RXVKRXOGPDNH VXUHWKHRQH3X77<VKRZV\RXLVRQWKHOLVWEXWLWGRHVQ WPDWWHUZKLFKRQHLWLV.

 $IWHU\RXKDYHFRQQHFWHGDQGSHUKDSVYHULILHGWKHVHUYHU VKRVWNH\\RXZLOOEHDVNHGWRORJLQSUREDEO\ XVLQJDXVHUQDPHDQGDSDVVZRUG<RXUV\VWHPDGPLQLVWUDWRU 6\VWHP%DFNXS6RIWZDUH.

I\RXDUHXVLQJ66+EHFDUHIXOQRWWRW\SH\RXUXVHUQDPHZURQJO\EHFDXVH\RXZLOOQRWKDYHDFKDQFHWR FRUUHFWLWDIWHU\RXSUHVV5HWXUQPDQ\66+VHUYHUVGRQRWSHUPLW\RXWRPDNHWZRORJLQDWWHPSWVXVLQJ GLIIHUHQWXVHUQDPHV.I\RXW\SH\RXUXVHUQDPHZURQJO\\RXPXVWFORVH3X77<DQGVWDUWDJDLQ .I\RXUSDVVZRUGLVUHIXVHGEXW\RXDUHVXUH\RXKDYHW\SHGLWFRUUHFWO\FKHFNWKDW&DSV/RFNLVQRWHQDEOHG 0DQ\ORJLQVHUYHUVSDUWLFXODUO\8QL[FRPSXWHUVWUHDWXSSHUFDVHDQGORZHUFDVHDVGLIIHUHQWZKHQFKHFNLQJ \RXUSDVVZRUGVRLI&DSV/RFNLVRQ\RXUSDVVZRUGZLOOSUREDEO\EHUHIXVHG $IWHUORJJLQJLQ $IWHU\RXORJLQWRWKHVHUYHUZKDWKDSSHQVQH[WLVXSWRWKHVHUYHU0RVWVHUYHUVZLOOSULQWVRPHVRUWRIORJLQ PHVVDJHDQGWKHQSUHVHQWDSURPSWDWZKLFK\RXFDQW\SHFRPPDQGVZKLFKWKHVHUYHUZLOOFDUU\RXW6RPH VHUYHUVZLOORIIHU\RXRQOLQHKHOSRWKHUVPLJKWQRW.I\RXDUHLQGRXEWDERXWZKDWWRGRQH[WFRQVXOW\RXU V\VWHPDGPLQLVWUDWRU :KHQ\RXKDYHILQLVKHG\RXUVHVVLRQ\RXVKRXOGORJRXWE\W\SLQJWKHVHUYHU VRZQORJRXWFRPPDQG7KLV PLJKWYDU\EHWZHHQVHUYHUVLILQGRXEWWU\logoutRUexitRUFRQVXOWDPDQXDORU\RXUV\VWHPDGPLQLVWUDW 6\VWHP%DFNXS6RIWZDUH.VKRXOGKDYH SURYLGHG\RXZLWKWKHVH(QWHUWKHXVHUQDPHDQGWKHSDVVZRUGDQGWKHVHUYHUVKRXOGJUDQW\RXDFFHVVDQG EHJLQ\RXUVHVVLRQ.I\RXKDYHPLVW\SHG\RXUSDVVZRUGPRVWVHUYHUVZLOOJLYH\RXVHYHUDOFKDQFHVWRJHWLW ULJKW .

RU:KHQWKHVHUYHUSURFHVVHV\RXUORJRXWFRPPDQGWKH3X77<ZLQGRZVKRXOG FORVHLWVHOIDXWRPDWLFDOO\ .

<RXFDQFORVHD3X77<VHVVLRQXVLQJWKH&ORVHEXWWRQLQWKHZLQGRZERUGHUEXWWKLVPLJKWFRQIXVHWKHVHUYHU DELWOLNHKDQJLQJXSDWHOHSKRQHXQH[SHFWHGO\LQWKHPLGGOHRIDFRQYHUVDWLRQ:HUHFRPPHQG\RXGRQRWGR WKLVXQOHVVWKHVHUYHUKDVVWRSSHGUHVSRQGLQJWR\RXDQG\RXFDQQRWFORVHWKHZLQGRZDQ\RWKHUZD\ &RS\LQJDQGSDVWLQJWH[W 2IWHQLQD3X77<VHVVLRQ\RXZLOOILQGWH[WRQ\RXUWHUPLQDOVFUHHQ 6QDJ.W6FUHHQ&DSWXUH.

ZKLFK\RXZDQW WRW\SHLQDJDLQ/LNHPRVWRWKHUWHUPLQDOHPXODWRUV3X77<DOORZV\RXWRFRS\DQGSDVWHWKHWH[WUDWKHUWKDQ KDYLQJWRW\SHLWDJDLQ$OVRFRS\DQGSDVWHXVHVWKH:LQGRZVFOLSERDUGVRWKDW\RXFDQSDVWH IRUH[DPSOH.

QVLQIDFWLI\RXGRSUHVV&WUO &3X77<ZLOOVHQGD&WUO&FKDUDFWHUGRZQ\RXUVHVVLRQWRWKHVHUYHUZKHUHLWZLOOSUREDEO\FDXVHDSURFHVV WREHLQWHUUXSWHG 3DVWLQJLVGRQHXVLQJWKHULJKWEXWWRQ RUWKHPLGGOHPRXVHEXWWRQLI\RXKDYHDWKUHHEXWWRQPRXVHDQGKDYH VHWLWXSVHHVHFWLRQ.QRUGHUWRFRS\WH[WWRWKHFOLSERDUG\RXMXVWFOLFNWKH OHIWPRXVHEXWWRQLQWKHWHUPLQDOZLQGRZDQGGUDJWRVHOHFWWH[W:KHQ\RXOHWJRRIWKHEXWWRQWKHWH[WLV DXWRPDWLFDOO\FRSLHGWRWKHFOLSERDUG<RXGRQRWQHHGWRSUHVV&WUO&RU&WUO. 85/VLQWRDZHEEURZVHURUSDVWHIURPDZRUGSURFHVVRURUVSUHDGVKHHWLQWR\RXUWHUPLQDOVHVVLRQ 3X77< VFRS\DQGSDVWHZRUNVHQWLUHO\ZLWKWKHPRXVH.

 3UHVVLQJ6KLIW.QVRUVHOHFWLQJ 3DVWH IURPWKH&WUOULJKWFOLFNFRQWH[WPHQX KDYHWKHVDPHHIIHFW.

:KHQ\RXFOLFNWKHULJKWPRXVHEXWWRQ3X77<ZLOOUHDGZKDWHYHULVLQWKH:LQGRZV FOLSERDUGDQGSDVWHLWLQWR\RXUVHVVLRQH[DFWO\DVLILWKDGEHHQW\SHGDWWKHNH\ERDUG 7KHUHIRUHEHFDUHIXO RISDVWLQJIRUPDWWHGWH[WLQWRDQHGLWRUWKDWGRHVDXWRPDWLFLQGHQWLQJ\RXPD\ILQGWKDWWKHVSDFHVSDVWHGIURP WKHFOLSERDUGSOXVWKHVSDFHVDGGHGE\WKHHGLWRUDGGXSWRWRRPDQ\VSDFHVDQGUXLQWKHIRUPDWWLQJ7KHUHLV QRWKLQJ3X77<FDQGRDERXWWKLV.

I\RXGRXEOHFOLFNKROGGRZQWKH VHFRQGFOLFNDQGGUDJWKHPRXVH3X77<ZLOOVHOHFWDVHTXHQFHRIZKROHZRUGV <RXFDQDGMXVWSUHFLVHO\ ZKDW3X77<FRQVLGHUVWREHSDUWRIDZRUGVHHVHFWLRQ.I\RXGRXEOHFOLFNWKHOHIWPRXVHEXWWRQ3X77<ZLOOVHOHFWDZKROHZRUG. .

.I\RXZDQWWRVHOHFWDUHFWDQJXODUUHJLRQLQVWHDGRIVHOHFWLQJWRWKHHQGRIHDFKOLQH\RXFDQGRWKLVE\ KROGLQJGRZQ$OWZKHQ\RXPDNH\RXUVHOHFWLRQ <RXFDQDOVRFRQILJXUHUHFWDQJXODUVHOHFWLRQWREHWKH GHIDXOWDQGWKHQKROGLQJGRZQ$OWJLYHVWKHQRUPDOEHKDYLRXULQVWHDG6HHVHFWLRQIRUGHWDLOV.I\RXWULSOHFOLFNRUWULSOHFOLFNDQGGUDJWKHQ 3X77<ZLOOVHOHFWDZKROHOLQHRUVHTXHQFHRIOLQHV .

I\RXKDYHDPLGGOHPRXVHEXWWRQWKHQ\RXFDQXVHLWWRDGMXVWDQH[LVWLQJVHOHFWLRQLI\RXVHOHFWHG VRPHWKLQJVOLJKWO\ZURQJ . .I\RXKDYHFRQILJXUHGWKHPLGGOHPRXVHEXWWRQWRSDVWHWKHQWKHULJKWPRXVH EXWWRQGRHVWKLVLQVWHDG.

IWKLVKDSSHQVWKH PRXVHSRLQWHUZLOOWXUQLQWRDQDUURZDQGXVLQJWKHPRXVHWRFRS\DQGSDVWHZLOORQO\ZRUNLI\RXKROGGRZQ 6KLIW6HHVHFWLRQDQGVHFWLRQIRUGHWDLOVRIWKLVIHDWXUHDQGKRZWRFRQILJXUHLW Chapter 3: Using PuTTY This chapter provides a general introduction to some more advanced features of PuTTY.&OLFNWKHEXWWRQRQWKHVFUHHQDQG\RXFDQSLFNXSWKHQHDUHVWHQGRIWKHVHOHFWLRQ DQGGUDJLWWRVRPHZKHUHHOVH . .W VSRVVLEOHIRUWKHVHUYHUWRDVNWRKDQGOHPRXVHFOLFNVLQWKH3X77<ZLQGRZLWVHOI. chapter 4 is likely to contain more information. For extreme detail and reference purposes.

and drag the mouse.) Click the button on the screen. It's possible for the server to ask to handle mouse clicks in the PuTTY window itself.) If you have a middle mouse button. There is nothing PuTTY can do about this. and drag to select text. You do not need to press CtrlC or Ctrl-Ins.1 During your session A lot of PuTTY's complexity and features are in the configuration panel. Once you have worked your way through that and started a session. then PuTTY will select a whole line or sequence of lines. (You can also configure rectangular selection to be the default.) If you double-click the left mouse button. (You can adjust precisely what PuTTY considers to be part of a word. the text is automatically copied to the clipboard. be careful of pasting formatted text into an editor that does automatic indenting. If you want to select a rectangular region instead of selecting to the end of each line. Nevertheless. PuTTY will select a sequence of whole words.2). Pasting is done using the right button (or the middle mouse button. and then holding down Alt gives the normal behaviour instead. so that you can paste (for example) URLs into a web browser. you may find that the spaces pasted from the clipboard plus the spaces added by the editor add up to too many spaces and ruin the formatting. If you double-click. see section 4.) If you triple-click.3. Like most other terminal emulators. if you have a three-button mouse and have set it up. PuTTY will read whatever is in the Windows clipboard and paste it into your session.1. PuTTY's copy and paste works entirely with the mouse. then you can use it to adjust an existing selection if you selected something slightly wrong. there are a few more useful features available. If this happens. you just click the left mouse button in the terminal window.4 for details. then the right mouse button does this instead. See section 4.11. (Therefore. see section 4.1 Copying and pasting text Often in a PuTTY session you will find text on your terminal screen which you want to type in again. things should be reasonably simple after that. Also. if you do press Ctrl-C. When you let go of the button. (Pressing Shift-Ins. or selecting µPaste¶ from the Ctrl+right-click context menu. the mouse pointer will turn into an arrow. or paste from a word processor or spreadsheet into your terminal session. in fact.11. In order to copy text to the clipboard. PuTTY will select a whole word. hold down the second click. exactly as if it had been typed at the keyboard. have the same effect.) When you click the right mouse button. (If you have configured the middle mouse button to paste. or triple-click and drag. and using the mouse to copy and paste will . copy and paste uses the Windows clipboard. PuTTY allows you to copy and paste the text rather than having to type it again. PuTTY will send a Ctrl-C character down your session to the server where it will probably cause a process to be interrupted. and you can pick up the nearest end of the selection and drag it to somewhere else.5.11. 3. you can do this by holding down Alt when you make your selection.

and one or two occur right at the end. As well as using the scrollbar. Their precise effect is usually up to the server. You can increase (or decrease) this value using the configuration box. 3. such as a µbreak¶ signal.3 The System menu If you click the left mouse button on the icon in the top left corner of PuTTY's terminal window. These are still available if you configure the scrollbar to be invisible. PuTTY's system menu contains extra program features in addition to the Windows standard options. See section 4. there may be a submenu of µspecial commands¶. a small window will pop up in which PuTTY logs significant events during the connection. see section 4. 3. So if something appears on the screen that you want to read. Size and Close. Currently only Telnet and SSH have special commands. you can use the scrollbar on the right side of the window to look back up the session history and find it again.3. These extra menu commands are described below. but a few can occur at any point in the session. If you are reporting a bug.3.only work if you hold down Shift.11.2 Scrolling the screen back PuTTY keeps track of text that has scrolled up off the top of the terminal. . You can use the mouse to select one or more lines of the Event Log. (These options are also available in a context menu brought up by holding Ctrl and clicking with the right mouse button anywhere in the PuTTY window. that can be sent down a connection in addition to normal data. or click the right mouse button on the title bar.3. it's often useful to paste the contents of the Event Log into your bug report.1.2 and section 4. By default the last 200 lines scrolled off the top are preserved for you to look at. you can also page the scrollback up and down by pressing ShiftPgUp and Shift-PgDn. Most of the events in the log will probably take place during session startup.3 for details of this feature and how to configure it.2 Special commands Depending on the protocol used for the current session.6. but it scrolls too fast and it's gone by the time you try to look for it. you will see the standard Windows system menu containing items like Minimise.1.1.) 3.1. You can scroll a line at a time using Ctrl-PgUp and Ctrl-PgDn. These are protocol-specific tokens.7. 3. Move. and hit the Copy button to copy them to the clipboard.1 The PuTTY Event Log If you choose µEvent Log¶ from the system menu.

y Signals (SIGINT.3. see section 4.3. Optional extension. y y End Of Record End Of File In an SSH connection. see section 4. y y y Abort Process Abort Output Interrupt Process PuTTY can also be configured to send this when Ctrl-C is typed. PuTTY requests the server's default break length.2. may not be supported by server.The following special commands are available in Telnet: y y y y Are You There Break Synch Erase Character PuTTY can also be configured to send this when the Backspace key is pressed. the following special commands are available: y IGNORE message Should have no effect. y Suspend Process PuTTY can also be configured to send this when Ctrl-Z is typed. and only during a session. y Repeat key exchange Only available in SSH-2. y Break Only available in SSH-2. see section 4.16. y y y Erase Line Go Ahead No Operation Should have no effect. Forces a repeat key exchange immediately (and resets associated timers and counters). see section 4.16.16.3. SIGTERM etc) . For more information about repeat key exchanges.19.

3. See section 4. 3. Some of the options that are available in the main configuration box are not shown in the cutdown Change Settings box. and bring up the configuration box as normal. This allows you to adjust most properties of your current session.1.3 Starting new sessions PuTTY's system menu provides some shortcut ways to start new sessions: y y y y Selecting New Session will start a completely new instance of PuTTY. selecting Reset Terminal should sort it out. the font. and only during a session. for example.2 for details of how to create saved sessions. the text is not guaranteed not to still be in PuTTY's memory. 3. if you accidentally output a binary file to your terminal. (Note that this only prevents a casual user from using the scrollbar to view the information.3. Selecting Duplicate Session will start a session in a new window with precisely the same options as your current one . 3.5 Copy All to Clipboard This system menu option provides a convenient way to copy the whole contents of the terminal screen (up to the last nonempty line) and scrollback to the clipboard in one go. Sends various POSIX signals. In an inactive window. with all the same terminal settings and everything.3.) The µReset Terminal¶ option causes a full reset of the terminal emulation. This might be useful. . if you displayed sensitive information and wanted to make sure nobody could look over your shoulder and see it. The Saved Sessions submenu gives you quick access to any sets of stored session details you have previously saved.6 Clearing and resetting the terminal The µClear Scrollback¶ option on the system menu tells PuTTY to discard all the lines of text that have been kept after they scrolled off the top of the screen. for example. You can change the terminal size.1. (This can happen.1. the colours. A VT-series terminal is a complex piece of software and can easily get into a state where all the text printed becomes unreadable.1.Only available in SSH-2. PuTTY will display a cut-down version of its initial configuration box.4 Changing your session settings If you select µChange Settings¶ from the system menu. the actions of various keypresses. selecting Restart Session will do the same as Duplicate Session . Not honoured by all servers. but in the current window.connecting to the same host using the same protocol.1.) If this happens.3. These are usually options which don't make sense to change in the middle of a session (for example.3. you can't switch from SSH to Telnet in mid-session). and so on.

such as Cygwin/X. See section 4. X-Win32. or line-drawing characters) are not being displayed correctly in your PuTTY session. then PuTTY will close the log file and you can safely read it.3. you can go back to the Logging panel and select µLogging turned off completely¶ to stop logging.) Click µApply¶ and your log will be started.10 for more information.7. so it's entirely possible for this to happen. 3. In order to use this feature. (You can log all session output including the terminal control sequences. PuTTY will expand to fill the whole screen and its borders. for example. Enter a log file name. To begin a session log.1. When you select this. There are a lot of different character sets available.7 Full screen mode If you find the title bar on a maximised window to be ugly or distracting. select µChange Settings¶ from the system menu and go to the Logging panel. if it doesn't. you can select Full Screen mode to maximise PuTTY µeven more¶. you will need an X display server for your Windows machine.) 3. 3. or Exceed.3.) When you are in full-screen mode.4 Using X11 forwarding in SSH The SSH protocol has the ability to securely forward X Window System applications over your encrypted SSH connection. Later on. This will probably install itself as display number 0 on your local machine.3 Altering your character set configuration If you find that special characters (accented characters. so that you can run an application on the SSH server machine and have it put its windows up on your local machine without sending any X network traffic in the clear.3. the manual for the X server should tell you what it does do. you should see a large number of character sets which you can select. or you can just log the printable text. and select a logging mode. see section 4.2 for more details and options. You can do this using the µLogging¶ panel in the configuration box. Now all you need is to find out which of them you want! (See section 4.2 Creating a log file of your session For some purposes you may find you want to log everything that appears on your screen. it may be that PuTTY is interpreting the characters sent by the server according to the wrong character set. and other related options. title bar and scrollbar will disappear. . It depends what you want the log for. (You can configure the scrollbar not to disappear in full-screen mode if you want to keep it. you can still access the system menu if you click the left mouse button in the extreme top left corner of the screen. If you click µChange Settings¶ and look at the µTranslation¶ panel.

you can check the PuTTY Event Log (see section 3. Now you should be able to log in to the SSH server as normal. to avoid the network traffic being sent in clear.) Now.5 Using port forwarding in SSH The SSH protocol has the ability to forward arbitrary network connections over your encrypted SSH connection. 3.1). For example. (You can also use a local loopback address here. In order to use port forwarding to connect from your local machine to a port on a remote server. go to the Tunnels panel (see section 4.0 If this works.21) before starting your SSH session. For more options relating to X11 forwarding. before you start your SSH connection. Enter the destination host name and port number into the Destination box.You should then tick the µEnable X11 forwarding¶ box in the Tunnels panel (see section 4.1. There are likely to be plenty of unused port numbers above 3000. Now click the Add button.com:110 to connect to a POP-3 server). . The µX display location¶ box is blank by default. The details of your port forwarding should appear in the list box. To check that X forwarding has been successfully negotiated during connection startup. you should also be able to see that the DISPLAY environment variable has been set to point at display 10 or above on the SSH server machine itself: fred@unixbox:~$ echo $DISPLAY unixbox:10. then change it. Make sure the Local radio button is set. It should say something like this: 2001-12-05 17:22:01 Requesting X11 forwarding 2001-12-05 17:22:02 X11 forwarding enabled If the remote system is Unix or Unix-like. you could use this to connect from your home computer to a POP-3 server on a remote machine without your POP3 password being visible to network sniffers. see below for more details.22).example. which is the usual display location where your X server will be installed. you should then be able to run X applications in the remote session and have them display their windows on your PC. you need to: y y y Choose a port number on your local machine where PuTTY should listen for incoming connections. Note that if your PC X server requires authentication to connect. you should mail the PuTTY authors and give details (see appendix B). If this is a problem for you. then PuTTY cannot currently support it. If that needs changing. separated by a colon (for example. popserver.3. Enter the local port number into the Source port box.21. which means that PuTTY will try to use a sensible default such as :0. see section 4.

you should find that it answers you exactly as if it were the service running on the destination machine. The Remote ports do the same option does the same thing for remote-to-local port forwardings (so that machines other than the SSH server machine can connect to the forwarded port. So in this example. it's usually disabled by default).com:110. To do this. and all of these are loopback addresses available only to the local machine.example.5. and provide a SOCKS proxy service to any programs which connect to that port. just select the µRemote¶ radio button instead of the µLocal¶ one. This feature is available for local-to-remote .) You can also forward ports in the other direction: arrange for a particular port number on the server machine to be forwarded back to your PC as a connection to a service on your PC or near it. Typically a Windows machine can be asked to listen on any single IP address in the 127.3. There are controls in the Tunnels panel to change this: y y The Local ports accept connections from other hosts option allows you to set up local-toremote port forwardings (including dynamic port forwardings) in such a way that machines other than your client PC can connect to the forwarded port.) Note that this feature is only available in the SSH-2 protocol. for example. So.com:110 Now if you connect to the source port number on your local PC.example. you could then configure an e-mail client to use localhost:3110 as a POP-3 server instead of popserver. you can forward other PuTTY connections through it by setting up the Proxy control panel (see section 4.0.1). The source port for a forwarded connection usually does not accept connections from any machine except the SSH client or server machine itself (for local and remote forwardings respectively). and gain access to anyone's virtual private network.Now start your session and log in. you will need to select the µDynamic¶ radio button instead of µLocal¶. It should say something like this: 2001-12-05 17:22:10 Local port 3110 forwarding to popserver. This can be useful if the program connecting to the forwarded port doesn't allow you to change the port number it uses. For this.0. The µSource port¶ box will now specify a port number on the server (note that most servers will not allow you to use port numbers under 1024 for this purpose).15 for details). otherwise it would be easy to perform completely anonymous network attacks.) To check that PuTTY has set up the port forwarding correctly. you can look at the PuTTY Event Log (see section 3. An alternative way to forward local connections to remote hosts is to use dynamic SOCKS proxying.* range. So if you forward (for example) 127.5:79 to a remote machine's finger port. and not all SSH-2 servers honour it (in OpenSSH. (Of course.*. the forwarding will stop happening when your PuTTY session closes down. in particular.0. and then you should not enter anything into the µDestination¶ box (it will be ignored). then you should be able to run commands such as finger fred@127.*. You can also specify an IP address to listen on.1.0. This will cause PuTTY to listen on the port you have specified. (Port forwarding will not be enabled until after you have logged in.

you simply select the fourth protocol name. SMTP (the protocol used to transfer e-mail). settings are taken from the Default Settings (see section 4. or a Windows shortcut).g.1. the bytes sent down the connection are exactly the ones you type. from a command prompt window.0. On Unix machines. and make the connection.1.) 3.) You can then enter a host name and a port number. (See section 4.2).example.com 25 might enable you to talk directly to the SMTP service running on a mail server. Unix telnet will attempt to detect or guess whether the service it is talking to is a real Telnet service or not. Really there is no actual protocol at all. NNTP (the protocol used to transfer Usenet news). SSH-1 is unable to support it for remote-to-local ports. you may need to obtain a fix from Microsoft in order to use addresses like 127. you can specify a protocol. 3.5 .6 Making raw TCP connections A lot of Internet protocols are composed of commands and responses in plain text. user overrides these settings if supplied. PuTTY prefers to be told for certain. µRaw¶. For example.7.20. For example.2). 3. which will override the default protocol (see section 3.7. (Note that if you're using Windows XP Service Pack 2. To start a connection to a server called host: putty.see question A. Sometimes it can be useful to connect directly to one of these services and speak the protocol µby hand¶. .1 Starting a session from the command line These options allow you to bypass the configuration window and launch straight into a session. and HTTP (the protocol used to serve Web pages) all consist of commands in readable plain text. Although the Unix telnet program provides this functionality.7 The PuTTY command line PuTTY can be made to do various things without user intervention by supplying command-line arguments (e.forwarded ports. the protocol being used is not really Telnet. telnet mailserver. you can do this using the system's telnet command to connect to the right port number. by typing protocol commands and watching the responses.exe [-ssh | -telnet | -rlogin | -raw] [user@]host If this syntax is used. In order to make a debugging connection to a service of this type. and the bytes shown on the screen are exactly the ones sent by the server.0..7. Also.1. from the µProtocol¶ buttons in the µSession¶ configuration panel. while SSH-2 can support it in theory but servers will not necessarily cooperate.3.

3. most of which are consistent across all the tools.3.7.7. -cleanup only removes registry entries and files associated with the currently logged-in user.3.1 -load: load a saved session The -load option causes PuTTY to load configuration details out of a saved session. Note that on multi-user systems. .7. This form of the option is deprecated.2 Selecting a protocol: -ssh. for backwards compatibility. then this option is all you need to make PuTTY start a session.) 3. putty. With the @ form.exe -load "my session" (Note that PuTTY itself supports an alternative form of this option.7. the following alternative syntax is supported (this makes PuTTY suitable for use as a URL handler for telnet URLs in web browsers): putty. no double quotes are required. This section lists the available options in all tools.3 Standard command-line options PuTTY and its associated tools support a range of command-line options. -telnet. You need double quotes around the session name if it contains spaces.For telnet sessions. 3. use the -load option (described in section 3. rather than running as normal.exe -load "session name" 3. -rlogin. this is the option you should use: your shortcut should call something like d:\path\to\putty.3. If you want to create a Windows shortcut to start a PuTTY saved session.7.exe telnet://host[:port]/ In order to start an existing saved session called sessionname. PuTTY will remove its registry entries and random seed file from the local machine (after confirming with the user). and the @ sign must be the very first thing on the command line. If these details include a host name.1). Options which are specific to a particular tool are covered in the chapter about that tool.2 -cleanup If invoked with the -cleanup option. you can use one of these options: y -ssh selects the SSH protocol. -raw To choose which protocol you want to connect with. If you execute putty @sessionname it will have the same effect as putty -load "sessionname".

These options are equivalent to the protocol selection buttons in the Session panel of the PuTTY configuration box (see section 4.5:23:localhost:23 myhost To set up SOCKS-based dynamic port forwarding on a local port.5 -L.4 -l: specify a login name You can specify the user name to log in as on the remote server using the -l option.3. 3.7.7.3.7.com:110 -load mysession plink mysession -L 5110:popserver. you can write something like one of these: putty -L 5110:popserver.0. If you are having trouble when making a connection. To forward a local port (say 5110) to a remote destination (say popserver. just use the -R option instead of -L: putty -R 5023:mytelnetserver. 3.myhouse.org:23 -load mysession plink mysession -R 5023:mytelnetserver.3.example. or you're simply curious.1).example.3 -v: increase verbosity Most of the PuTTY tools can be made to tell you more about what they are doing by supplying the -v option. 3. For this one you only have to pass the port number: . you can turn this switch on and hope to find out more about what is happening. prepend it to the argument: plink -L 127. These options are equivalent to the username selection box in the Connection panel of the PuTTY configuration box (see section 4.myhouse. use the -D option.example.com port 110). These options are not available in the file transfer tools PSCP and PSFTP (which only work with the SSH protocol).14.1.y y y -telnet selects the Telnet protocol.com -l fred.1). The command-line options work just like the ones in Unix ssh programs.com:110 To forward a remote port to a local destination. you can also set up forwardings on the command line.org:23 To specify an IP address for the listening end of the tunnel. -R and -D: set up port forwardings As well as setting up port forwardings in the PuTTY configuration (see section 4.example. -raw selects the raw protocol. For example. -rlogin selects the Rlogin protocol.0.22). plink login.

or a whole shell script. the -m option expects to be given a local file name. and -a turns it off. you can even put multiple lines in this file and execute more than one command in sequence.7.name 9696 in any case.7.name (Note that this option is more useful in Plink than in PuTTY.7 -P: specify a port number The -P option is used to specify the port number to connect to. On most Unix systems. for example: putty -telnet -P 9696 host. However.1).3.6 -m: read a remote command or script from a file The -m option performs a similar function to the µRemote command¶ box in the SSH panel of the PuTTY configuration box (see section 4.putty -D 4096 -load mysession For general information on port forwarding.7.) This option is equivalent to the port number control in the Session panel of the PuTTY configuration box (see section 4. and it will read a command from that file. 3.9 -A and -a: control agent forwarding The -A option turns on SSH agent forwarding. If you possibly can.1.1). see section 3. these protocols do not support automated password authentication. because in PuTTY you can write putty -telnet host. but this will not work on all servers (and is known not to work with certain µembedded¶ servers such as routers). If you have a Telnet server running on port 9696 of a machine instead of port 23. Note that the -pw option only works when you are using the SSH protocol. 3. This is not recommended for reasons of security.3. we recommend you set up public-key authentication instead. These options are only meaningful if you are using SSH. 3. .8 -pw: specify a password A simple way to automate a remote login is to supply your password on the command line.3. See chapter 8 for details. These options are not available in the file transfer tools PSCP and PSFTP.18.3.name plink -telnet -P 9696 host. Due to fundamental limitations of Telnet and Rlogin. 3.7. This option is not available in the file transfer tools PSCP and PSFTP.5.

These options are equivalent to the agent forwarding checkbox in the Auth panel of the PuTTY configuration box (see section 4. For information on X11 forwarding.20.3.7. and -T stops it from allocating one. 3. These options are not available in the file transfer tools PSCP and PSFTP.2). and your user account on the server does not have the ability to run a shell. see section 3.10 -X and -x: control X11 forwarding The -X option turns on X11 forwarding in SSH. see section 9. Note that there is a security risk involved with enabling this option.4 for information on agent forwarding.7.3).4.12 -N: suppress starting a shell or command The -N option prevents PuTTY from attempting to start a shell or command on the remote server.5 for details. These options are only meaningful if you are using SSH. These options are not available in the file transfer tools PSCP and PSFTP. These options are only meaningful if you are using SSH. and section 9. .21).3).3.3.See chapter 9 for general information on Pageant. This option is not available in the file transfer tools PSCP and PSFTP. These options are not available in the file transfer tools PSCP and PSFTP. 3. You might want to use this option if you are only using the SSH connection for port forwarding. These options are equivalent to the X11 forwarding checkbox in the Tunnels panel of the PuTTY configuration box (see section 4.7. This option is equivalent to the µDon't start a shell or command at all¶ checkbox in the SSH panel of the PuTTY configuration box (see section 4.11 -t and -T: control pseudo-terminal allocation The -t option ensures PuTTY attempts to allocate a pseudo-terminal at the server. This feature is only available in SSH protocol version 2 (since the version 1 protocol assumes you will always want to run a shell).18. and -x turns it off. 3. These options are equivalent to the µDon't allocate a pseudo-terminal¶ checkbox in the SSH panel of the PuTTY configuration box (see section 4.18.

4). These options are only meaningful if you are using SSH. but instead to display the fingerprints of the PuTTY PGP Master Keys.3.20.18. This option is only meaningful if you are using SSH.3.7. see chapter 8.5). see the Feedback page. in order to aid with verifying new versions. 3.3. See appendix E for more information.14 -1 and -2: specify an SSH protocol version The -1 and -2 options force PuTTY to use version 1 or version 2 of the SSH protocol.16 -i: specify an SSH private key The -i option allows you to specify the name of a private key file in *.7.7. If you want to provide feedback on this manual or on the PuTTY tools themselves. These options are equivalent to selecting your preferred Internet protocol version as µIPv4¶ or µIPv6¶ in the Connection panel of the PuTTY configuration box (see section 4.13 -C: enable compression The -C option enables compression of the data sent across the network.13.3. [PuTTY release 0. This option is equivalent to the µEnable compression¶ checkbox in the SSH panel of the PuTTY configuration box (see section 4.3.15 -4 and -6: specify an Internet protocol version The -4 and -6 options force PuTTY to use the older Internet protocol IPv4 or the newer IPv6. This option is equivalent to the µPrivate key file for authentication¶ box in the Auth panel of the PuTTY configuration box (see section 4.17 -pgpfp: display PGP key fingerprints This option causes the PuTTY tools not to run as normal.7. For general information on public-key authentication.7.4). This option is only meaningful if you are using SSH.18. 3. 3.PPK format which PuTTY will use to authenticate with the server. 3.5).3. These options are equivalent to selecting your preferred SSH protocol version as µ1 only¶ or µ2 only¶ in the SSH panel of the PuTTY configuration box (see section 4.58] .

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->