PuTTY is an SSH client for Windows. It is used for remote access to server computers over a network using the SSH protocol.
The software was developed by Simon Tatham. It was first released in 1998. It is still in beta version, but is very popular. Development continues, albeit slowly.
Download PuTTY Installation Package for Windows
The latest PuTTY download is version 0.69.
|putty-0.70-installer.msi||Windows (any)||GPG signature||2017-07-08|
|putty-64bit-0.70-installer||Windows (64-bit)||GPG signature||2017-07-08|
Click here for installation instructions for Windows.
For Linux, see the page on installing and using the Linux version.
Verifying Release Signatures
To verify the signatures, you need the
gpg tool. On Debian-based Linux, it can be installed with
aptitude install gnupg. On Red Hat 7, it can be installed with
yum install gnupg2.
To import the signature key into GPG, use:
gpg --import putty-release-2015.asc
To check the signature of a file, use:
gpg --verify <signaturefile> <datafile>
gpg --verify putty-64bit-0.69-installer.msi.gpg putty-64bit-0.69-installer.msi
For other SSH clients and comparison, see the SSH clients page. Several more modern alternatives are available.
Do You Need a Server?
You don't need to worry about a server if you are going to connect to a school or work server. However, if you are planning to use PuTTY to log into your own systems, then you may need to install and enable a server.
Most Linux and Unix systems come with OpenSSH preinstalled. On some distributions, you may need to install the server. On Debian-derived systems, the following will install the server:
sudo aptitude install openssh-server
On Red Hat systems, the following will install the server:
sudo yum install openssh-server
Depending on the system, you may also need to start the server if you don't want to reboot. The following should work on most systems:
sudo service sshd restart
For Windows, the Tectia SSH is a popular choice and comes with commercial support services. It also runs on IBM z/OS mainframes. Unix/Linux are available with support for business-critical applications.
SSH Key Management Risks to Consider in Larger Environments
SSH is often used with public key authentication to implement automation and single sign-on.
Public key authentication uses a new kind of access credential, the SSH key, for authentication. It is much more secure than traditional password authentication, especially compared to hard-coded passwords in scripts, but the keys need proper management.
Most organizations with more than a hundred servers have large numbers of SSH keys. Usually, these keys have not been properly managed and audited. An SSH risk assessment is recommended. Organizations should consider deploying key management software to establish proper provisioning, termination, and monitoring for key-based access.
Risks of unmanaged SSH keys include uncontrolled attack spread across the server infrstructure, including to disaster recovery data centers and backup systems. It could potentially destroy a Fortune 500 enterprise.
Organizations should also be aware of security risks related to SSH port forwarding. It is a technology that has many good uses, but it can also enable unfettered access across firewalls. Employees and attackers can leave tunnels back into the internal network from the public Internet. This particularly affects organizations using cloud computing services.
Using Telnet is Not Recommended
In addition to SSH, the PuTTY can be used as a telnet client. Telnet is insecure. Its use is not recommended.
The main problem with
telnet is that it transmits all passwords and any transmitted data in the clear. Anyone with access to any computer on the same network can steal user names and passwords that are transmitted. Such password sniffing attacks were very common on the Internet already in the 1990s.
Telnet sessions can also be hijacked in the network. Attackers can inject their own commands into
telnet sessions. Protection from such attacks was the main reason why Tatu Ylonen developed SSH as a replacement for
telnet in the first place. Use of
telnet has not been recommended for 20 years.
SFTP File Transfer Support
File transfer support is implemented as a separate program,
PSFTP. It is available only as a command-line tool. There is no graphical user interface for file transfers.
SCP file transfers are supported via the
PSCP program. This is also command-line only.
Modern implementations, such as Tectia SSH, have integrated file transers in the terminal client.
Master Download Site
Simon Tatham publishes new PuTTY versions on his personal home page. The files are mirrored here at ssh.com. If you notice any issues or the version hasn't been updated properly, please drop an email to ylo at ssh.com. Please note that I do not provide support services for PuTTY. I merely maintain this mirror to have a single place for downloading popular SSH versions.