PUTTY DOWNLOAD - FREE SSH & TELNET CLIENT
For more information on PuTTY, see the PuTTY page. For information on SSH (Secure Shell), see the here. For information on Telnet, see here. For information on SFTP secure file transfers, see here.
Download PuTTY installation package for Windows
|putty-0.70-installer.msi||Windows (any)||GPG signature||2017-07-08|
|putty-64bit-0.70-installer||Windows (64-bit)||GPG signature||2017-07-08|
Installation and setup instructions
VERIFYING RELEASE SIGNATURES
gpg --import putty-release-2015.asc
gpg --verify <signaturefile> <datafile>
gpg --verify putty-64bit-0.69-installer.msi.gpg putty-64bit-0.69-installer.msi
Package contents: putty.exe, puttygen.exe, psftp.exe, pscp.exe, pagent.exeThe installation package includes
putty.exeis the main executable for the terminal client. It can also be used standalone, without the installation package, by simply copying the executable to a USB stick and running it on a new machine. This way, the user can carry the executable with them. However, this should not be assumed to provide great security - malware on the machine where it is used can still compromise the software (cf. CIA hacking tool bothanspy) and viruses may get installed on the USB stick whenever it is inserted in a new machine.
puttygen.exeis can be used for generating SSH keys on Windows. See the separate puttygen page on how to create and set up SSH keys with it.
psftp.exeis an SFTP file transfer client. It only works on the command line, and does not support graphically dragging and dropping files between systems. See Tectia SSH if you'd like that functionality.
pscp.exeis a command line SCP client.
pagent.exeis an SSH agent for PuTTY. Keys are first created with
puttygen.exeand can then be loaded into
pagentfor automating logins and for implementing single sign-on.
AlternativesFor other SSH clients and comparison, see the SSH clients page. Several more modern alternatives are available.
Server for Windows or other platformsYou don't need to worry about a server if you are going to connect to a school or work server. However, if you are planning to use PuTTY to log into your own systems, then you may need to install and enable a server.
sudo aptitude install openssh-server
sudo yum install openssh-server
sudo service sshd restart
SSH key management needs attentionSSH is often used with public key authentication to implement automation and single sign-on.
Public key authentication uses a new kind of access credential, the SSH key, for authentication. It is much more secure than traditional password authentication, especially compared to hard-coded passwords in scripts, but the keys need proper management.
Most organizations with more than a hundred servers have large numbers of SSH keys. Usually, these keys have not been properly managed and audited. An SSH risk assessment is recommended. Organizations should consider deploying key management software to establish proper provisioning, termination, and monitoring for key-based access.
Risks of unmanaged SSH keys include uncontrolled attack spread across the server infrstructure, including to disaster recovery data centers and backup systems. It could potentially destroy a Fortune 500 enterprise.
Organizations should also be aware of security risks related to SSH port forwarding. It is a technology that has many good uses, but it can also enable unfettered access across firewalls. Employees and attackers can leave tunnels back into the internal network from the public Internet. This particularly affects organizations using cloud computing services.
Using telnet is not recommendedIn addition to SSH, the PuTTY can be used as a telnet client. Telnet is insecure. Its use is not recommended.
The main problem with
telnetis that it transmits all passwords and any transmitted data in the clear. Anyone with access to any computer on the same network can steal user names and passwords that are transmitted. Such password sniffing attacks were very common on the Internet already in the 1990s.
Telnetsessions can also be hijacked in the network. Attackers can inject their own commands into
telnetsessions. Protection from such attacks was the main reason why Tatu Ylonen developed SSH as a replacement for
telnetin the first place. Use of
telnethas not been recommended for 20 years.
SFTP file transfer supportFile transfer support is implemented as a separate program,
PSFTP.It is available only as a command-line tool. There is no graphical user interface for file transfers.
SCP file transfers are supported via the
PSCPprogram. This is also command-line only.
Modern implementations, such as Tectia SSH, have integrated file transers in the terminal client.