PuTTY is a free implementation of SSH and Telnet for Windows and Unix
platforms, along with an
xterm terminal emulator. It is
written and maintained primarily by
The latest version is beta 0.66.
LEGAL WARNING: Use of PuTTY, PSCP, PSFTP and Plink is illegal in countries where encryption is outlawed. We believe it is legal to use PuTTY, PSCP, PSFTP and Plink in England and Wales and in many other countries, but we are not lawyers, and so if in doubt you should seek legal advice before downloading it. You may find useful information at cryptolaw.org, which collects information on cryptography laws in many countries, but we can't vouch for its correctness.
Use of the Telnet-only binary (PuTTYtel) is unrestricted by any cryptography laws.
PuTTY 0.66, released today, fixes a security hole in 0.65 and before: vuln-ech-overflow. It also contains a few other small bug fixes and minor features.
This week we've generated a fresh set of GPG keys for signing PuTTY release and snapshot builds. We will begin signing snapshots with the new snapshot key, and future releases with the new release key. The new master key is signed with the old master keys, of course. See the keys page for more information.
PuTTY 0.65, released today, fixes the Vista bug where the configuration dialog became invisible, and a few other bugs, large and small.
We're working towards a 0.65 release. This will be a bug-fix release: it will not contain the various new cryptographic features in the development snapshots, but it will contain large and small bug fixes over 0.64, including in particular a fix for the recent Vista-specific bug in which the configuration dialog becomes invisible. We'd appreciate testing of the pre-release builds, which are available from the Download page as usual.
A Symantec blog post warns that a trojaned copy of PuTTY has been detected in the wild. Fortunately, it's easily recognisable by its version identification ("Unidentified build, Nov 29 2013 21:41:02"). If you've encountered this version, we suggest you treat any machine that's run the malicious version as potentially compromised, change any passwords that might have been stolen, and resecure the accounts they protect.
We've had several reports recently of anti-virus software reporting PuTTY as malware (under a wide variety of names, often generic). This affects the latest release (0.64) and also the development snapshots (particularly puttygen.exe).
We believe these are false positives. In those cases where we've been able to contact the vendor (McAfee, Symantec, ClamAV), they have removed the detection.
However, most vendors' false-positive response is to whitelist specific binaries. While this will resolve detections of the 0.64 release, expect detections to recur with the development snapshots, which are built daily.
We've had no success requesting AV software vendors to perform more in-depth analysis. If this is causing trouble for you, and you have a support contract with your AV vendor, please query the detection with them directly.
- Licence conditions under which you may use PuTTY.
- The FAQ.
- The documentation.
- Subscribe to the PuTTY-announce mailing list to be notified of new releases.
- Feedback and bug reporting: contact address and guidelines. Please read the guidelines before sending us mail; we get a very large amount of mail and it will help us answer you more quickly.
- Changes in recent releases.
- Wish list and list of known bugs.
- Links to related software and specifications elsewhere.
- A page about the PuTTY team members.