| We need Your Support. Make a Donation now! or |  |
Home |
Licence |
FAQ |
Docs |
Download |
Keys |
Links
Mirrors |
Updates |
Feedback |
Changes |
Wishlist |
Team
PuTTY is a free implementation of Telnet and SSH for Win32 and Unix
platforms, along with an xterm terminal emulator. It is
written and maintained primarily by
Simon Tatham.
The latest version is beta 0.58.
LEGAL WARNING: Use of PuTTY, PSCP, PSFTP and Plink is illegal in countries where encryption is outlawed. I believe it is legal to use PuTTY, PSCP, PSFTP and Plink in England and many other countries, but I am not a lawyer and so if in doubt you should seek legal advice before downloading it. You may find this site useful (it's a survey of cryptography laws in many countries) but I can't vouch for its correctness.
Use of the Telnet-only binary (PuTTYtel) is unrestricted by any cryptography laws.
2005-02-20 SECURITY HOLE, fixed in PuTTY 0.57
PuTTY 0.57, released today, fixes two security holes which can allow a malicious SFTP server to execute code of its choice on a PSCP or PSFTP client connecting to it. We recommend everybody upgrade to 0.57 as soon as possible.
2004-12-23 Trojan PuTTY installer circulating
We've been alerted to a trojan PuTTY 0.56 installer that was posted on CNET's download.com for about a fortnight (now removed). We are informed it installed various spyware.
The file length was 509860 bytes (much shorter than any installer we've ever released) and the md5sum was 49550e478e9dd008998c2c5294a884c5.
We'd like to take this opportunity to encourage everyone to verify the signatures of PuTTY downloads before executing them. Details are on our Keys page.
2004-11-16 Migration to Subversion
As of today, the PuTTY source tree has migrated away from CVS, to use Subversion as its version control system. I'm afraid this means that anyone who was previously checking our source out of CVS will have to start checking it out using Subversion instead.
2004-10-26 ANOTHER SECURITY HOLE, fixed in PuTTY 0.56
PuTTY 0.56, released today, fixes a serious security hole which can allow a server to execute code of its choice on a PuTTY client connecting to it. In SSH-2, the attack can be performed before host key verification, meaning that even if you trust the server you think you are connecting to, a different machine could be impersonating it and could launch the attack before you could tell the difference. We recommend everybody upgrade to 0.56 as soon as possible.
That's two really bad holes in three months. I'd like to apologise to all our users for the inconvenience.
2004-08-03 SECURITY HOLE, fixed in PuTTY 0.55
PuTTY 0.55, released today, fixes a serious security hole which may allow a server to execute code of its choice on a PuTTY client connecting to it. In SSH2, the attack can be performed before host key verification, meaning that even if you trust the server you think you are connecting to, a different machine could be impersonating it and could launch the attack before you could tell the difference. We recommend everybody upgrade to 0.55 as soon as possible.