Zum Inhalt

PuTTY - SSH und Telnet Client für Windows

generieren

PuTTY ist ein freier und offener Terminal-Emulator, serielle Konsole und Netzwerkdatei-Transfer-Anwendung. Ursprünglich für Windows entwickelt, unterstützt PuTTY SSH, Telnet, rlogin und rohe Steckdosenverbindungen. Es ist einer der beliebtesten SSH-Clients für Windows und beinhaltet eine umfassende Reihe von Tools für sicheren Fernzugriff und Dateiübertragung.

Installation

Windows

```bash

Download from official website

https://www.putty.org/

Via Chocolatey

choco install putty

Via Scoop

scoop install putty

Via Windows Package Manager

winget install PuTTY.PuTTY

Portable version (no installation required)

Download putty.exe and run directly

```_

Linux

```bash

Debian/Ubuntu

sudo apt update sudo apt install putty

Red Hat/CentOS/Fedora

sudo dnf install putty

Arch Linux

sudo pacman -S putty ```_

macOS

```bash

Via Homebrew

brew install putty

Via MacPorts

sudo port install putty ```_

PuTTY Suite Komponenten

Kernanwendungen

```bash

Main applications

putty.exe # Main SSH/Telnet client puttygen.exe # Key generation tool pageant.exe # SSH authentication agent pscp.exe # SCP file transfer client psftp.exe # SFTP file transfer client plink.exe # Command-line SSH client ```_

Zusätzliche Werkzeuge

```bash

Utility tools

puttytel.exe # Telnet-only client pterm.exe # Terminal emulator (Unix-like systems) ```_

Basic Connection Setup

SSH Verbindung

```bash

Basic SSH connection setup in PuTTY GUI:

Host Name: server.example.com

Port: 22

Connection Type: SSH

Protocol Version: 2 (recommended)

Save session for reuse

Session Name: MyServer

Click "Save"

Load saved session

Select "MyServer" from saved sessions

Click "Load"

```_

Anschlussarten

```bash

SSH (Secure Shell) - Port 22

Host: server.example.com Port: 22 Connection Type: SSH

Telnet - Port 23

Host: server.example.com Port: 23 Connection Type: Telnet

Raw connection

Host: server.example.com Port: [custom port] Connection Type: Raw

Serial connection

Serial Line: COM1 Speed: 9600 Connection Type: Serial ```_

SSH Schlüsselauthentifizierung

SSH Keys generieren (PuTTYgen)

```bash

Launch PuTTYgen

puttygen.exe

Generate new key pair

1. Select key type (RSA, DSA, ECDSA, Ed25519)

2. Set key size (2048, 3072, 4096 bits for RSA)

3. Click "Generate"

4. Move mouse to generate randomness

5. Add key comment (optional)

6. Set passphrase (recommended)

7. Save private key (.ppk format)

8. Save public key (.pub format)

```_

Umrechnung von Schlüsseldaten

```bash

Convert OpenSSH private key to PuTTY format

1. Load existing private key in PuTTYgen

2. File > Load private key

3. Select OpenSSH key file

4. Save as PuTTY private key (.ppk)

Export PuTTY key to OpenSSH format

1. Load .ppk file in PuTTYgen

2. Conversions > Export OpenSSH key

3. Save as OpenSSH format

```_

Key Authentication in PuTTY konfigurieren

```bash

SSH > Auth > Credentials

Private key file for authentication: [Browse to .ppk file]

Allow agent forwarding: [Check if needed]

Allow attempted changes of username: [Check if needed]

SSH > Auth > GSSAPI

Attempt GSSAPI authentication: [Uncheck for key auth]

```_

Pageant (SSH Agent)

Mit Pageant

```bash

Start Pageant

pageant.exe

Add keys to Pageant

Right-click Pageant icon in system tray

"Add Key" > Select .ppk file

Enter passphrase if required

View loaded keys

Right-click Pageant icon

"View Keys"

Remove key

Select key in "View Keys" dialog

Click "Remove Key"

```_

Pager Kommandozeile

```bash

Start Pageant with keys

pageant.exe key1.ppk key2.ppk

Start Pageant and add key

pageant.exe -c "command to run"

Kill Pageant

pageant.exe -k ```_

Terminalkonfiguration

Erscheinungseinstellungen

```bash

Window > Appearance

Font: Consolas, 10pt Font quality: ClearType Cursor appearance: Block/Underline/Vertical line Cursor blinks: [Check/Uncheck]

Window > Colours

Default Foreground: RGB(187, 187, 187) Default Background: RGB(0, 0, 0) Cursor Text: RGB(0, 0, 0) Cursor Colour: RGB(0, 255, 0)

ANSI Colors (can be customized)

ANSI Black: RGB(0, 0, 0) ANSI Red: RGB(187, 0, 0) ANSI Green: RGB(0, 187, 0) ANSI Yellow: RGB(187, 187, 0) ANSI Blue: RGB(0, 0, 187) ANSI Magenta: RGB(187, 0, 187) ANSI Cyan: RGB(0, 187, 187) ANSI White: RGB(187, 187, 187) ```_

Window Behavior

```bash

Window > Behaviour

Warn before closing window: [Check] Window closes on ALT-F4: [Check] System menu appears on ALT-Space: [Check] System menu appears on Alt alone: [Uncheck] Ensure window is always on top: [Check if needed] Full screen on Alt-Enter: [Check] ```_

Eigenschaften des Terminals

```bash

Terminal > Features

Disable application cursor keys mode: [Uncheck] Disable application keypad mode: [Uncheck] Disable xterm-style mouse reporting: [Uncheck] Disable remote window title changing: [Check for security] Disable remote window title querying: [Check for security] Disable destructive backspace on server: [Uncheck] Disable remote character set configuration: [Check for security] ```_

Keyboard Shortcuts

Hauptnavigation

```bash

Text selection

Shift + Arrow Keys # Select text Ctrl + Shift + Arrow # Select word by word Shift + Home/End # Select to beginning/end of line Ctrl + A # Select all text

Clipboard operations

Ctrl + C # Copy selected text Ctrl + V # Paste from clipboard Shift + Insert # Paste from clipboard (alternative) Right Click # Context menu (copy/paste)

Window operations

Alt + Enter # Toggle fullscreen Alt + F4 # Close window Alt + Space # System menu ```_

Terminal Control

```bash

Process control

Ctrl + C # Send SIGINT (interrupt) Ctrl + Z # Send SIGTSTP (suspend) Ctrl + D # Send EOF Ctrl + # Send SIGQUIT

Terminal functions

Ctrl + L # Clear screen (if supported by shell) Ctrl + R # Reverse search (if supported by shell) Ctrl + U # Clear line (if supported by shell) ```_

Spezifischer PuTT

```bash

Special key combinations

Ctrl + Right Click # Context menu Alt + F4 # Close connection Alt + Enter # Toggle fullscreen Ctrl + Shift + C # Copy (if configured) Ctrl + Shift + V # Paste (if configured) ```_

Dateiübertragung

PSCP (SCP Client)

```bash

Basic file transfer

pscp source destination

Copy file to remote server

pscp localfile.txt user@server:/path/to/destination/

Copy file from remote server

pscp user@server:/path/to/file.txt localfile.txt

Copy directory recursively

pscp -r localdirectory user@server:/path/to/destination/

Copy with specific port

pscp -P 2222 file.txt user@server:/path/

Copy with private key

pscp -i keyfile.ppk file.txt user@server:/path/

Preserve file attributes

pscp -p file.txt user@server:/path/

Verbose output

pscp -v file.txt user@server:/path/

Batch mode (non-interactive)

pscp -batch file.txt user@server:/path/ ```_

PSFTP (SFTP Client)

```bash

Start SFTP session

psftp user@server

SFTP commands within session

open user@server # Connect to server ls # List remote directory lls # List local directory cd /path/to/directory # Change remote directory lcd C:\local\path # Change local directory pwd # Show remote working directory lpwd # Show local working directory

File operations

get remotefile.txt # Download file put localfile.txt # Upload file mget *.txt # Download multiple files mput *.txt # Upload multiple files del remotefile.txt # Delete remote file rm remotefile.txt # Delete remote file (alias) mkdir newdirectory # Create remote directory rmdir emptydirectory # Remove remote directory

Transfer modes

binary # Set binary transfer mode ascii # Set ASCII transfer mode

Exit SFTP

quit # Exit SFTP session bye # Exit SFTP session (alias) ```_

PSFTP Batch Operationen

```bash

Create batch file (commands.txt)

cd /home/user lcd C:\local\folder mget *.log quit

Execute batch file

psftp -b commands.txt user@server

Non-interactive batch mode

psftp -batch -b commands.txt user@server ```_

```bash

Execute single command

plink user@server "ls -la"

Interactive session

plink user@server

Specify port

plink -P 2222 user@server

Use private key

plink -i keyfile.ppk user@server

Batch mode (non-interactive)

plink -batch user@server "uptime"

SSH protocol version

plink -2 user@server # Force SSH-2 plink -1 user@server # Force SSH-1 (not recommended) ```_

```bash

Connection options

plink -ssh user@server # Force SSH plink -telnet user@server # Force Telnet plink -raw server 80 # Raw connection plink -serial COM1 -sercfg 9600,8,n,1 # Serial connection

Authentication options

plink -pw password user@server # Password authentication plink -i keyfile.ppk user@server # Key authentication plink -agent user@server # Use Pageant

Tunneling options

plink -L 8080:localhost:80 user@server # Local port forwarding plink -R 8080:localhost:80 user@server # Remote port forwarding plink -D 1080 user@server # Dynamic port forwarding (SOCKS)

X11 forwarding

plink -X user@server # Enable X11 forwarding plink -x user@server # Disable X11 forwarding

Compression

plink -C user@server # Enable compression

Verbose output

plink -v user@server # Verbose mode ```_

Port Forwarding und Tunneling

Lokaler Hafen

```bash

Forward local port to remote service

Connection > SSH > Tunnels

Source Port: 8080 Destination: localhost:80 Type: Local Click "Add"

Command line equivalent

plink -L 8080:localhost:80 user@server

Multiple forwards

plink -L 8080:localhost:80 -L 3306:database:3306 user@server ```_

Remote Port Forwarding

```bash

Forward remote port to local service

Connection > SSH > Tunnels

Source Port: 8080 Destination: localhost:80 Type: Remote Click "Add"

Command line equivalent

plink -R 8080:localhost:80 user@server ```_

Dynamic Port Forwarding (SOCKS Proxy)

```bash

Create SOCKS proxy

Connection > SSH > Tunnels

Source Port: 1080 Type: Dynamic Click "Add"

Command line equivalent

plink -D 1080 user@server

Configure applications to use SOCKS proxy

Proxy: localhost:1080

Type: SOCKS5

```_

Sitzungsmanagement

Saving Sessions

```bash

Save session configuration

1. Configure all settings

2. Enter session name in "Saved Sessions"

3. Click "Save"

Default session

Leave "Saved Sessions" blank

Click "Save" to save as default

```_

Sitzung Import/Export

```bash

Export session to file

Windows Registry: HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\Sessions

Export via Registry Editor

regedit /e putty-sessions.reg "HKEY_CURRENT_USER\Software\SimonTatham\PuTTY"

Import sessions

regedit /i putty-sessions.reg

Command line export

reg export "HKEY_CURRENT_USER\Software\SimonTatham\PuTTY" putty-config.reg ```_

Sitzungsautomatisierung

```bash

Auto-login script

Connection > SSH > Remote command

Enter: /bin/bash -l

Startup script

Terminal > Shell

Send to server on startup: source ~/.bashrc

Keep session alive

Connection > Sending of null packets to keep session active

Seconds between keepalives: 60

```_

Sicherheitskonfiguration

SSH Sicherheitseinstellungen

```bash

SSH > Protocol options

SSH protocol version: 2 only Enable compression: [Check for slow connections]

SSH > Encryption

Encryption cipher selection policy: - ChaCha20-Poly1305 (SSH-2 only) - AES-256 (SSH-2 only) - AES-192 (SSH-2 only) - AES-128 (SSH-2 only)

SSH > Host keys

Policy for unknown host keys: Ask Cache host keys: [Check] ```_

Authentication Security

```bash

SSH > Auth > Credentials

Display pre-authentication banner: [Check] Bypass authentication entirely: [Uncheck] Allow agent forwarding: [Check only if needed] Allow attempted changes of username: [Uncheck for security]

SSH > Auth > Methods

Attempt authentication using Pageant: [Check if using Pageant] Attempt TIS or CryptoCard authentication: [Uncheck unless needed] Attempt keyboard-interactive authentication: [Check] Allow fallback to password authentication: [Check] ```_

Verbindungssicherheit

```bash

Connection > Data

Terminal-type string: xterm Terminal speed: 38400,38400 Environment variables: [Only add if necessary]

Connection > Proxy

Proxy type: None (unless using proxy) Do DNS name lookup at proxy end: [Check if using proxy] Username/Password: [Only if proxy requires authentication] ```_

Fehlerbehebung

Verbindungsprobleme

```bash

Common connection problems

1. Check host name and port

2. Verify firewall settings

3. Test with telnet first

telnet server.example.com 22

Network connectivity test

ping server.example.com nslookup server.example.com

SSH service status (on server)

systemctl status ssh systemctl status sshd ```_

Authentication Probleme

```bash

Key authentication issues

1. Verify key format (.ppk for PuTTY)

2. Check key permissions on server

3. Verify public key in ~/.ssh/authorized_keys

4. Check SSH server configuration

Server-side debugging

tail -f /var/log/auth.log tail -f /var/log/secure

Client-side debugging

Enable logging in PuTTY

Session > Logging

Log file name: putty.log

What to do if log file exists: Append

```_

Leistungsfragen

```bash

Slow connections

Enable compression

Connection > SSH > Protocol options

Enable compression: [Check]

Optimize cipher selection

SSH > Encryption

Move faster ciphers to top of list

Adjust window size

Connection > SSH > Protocol options

Max data before sending return: 4096

```_

Anzeige von Problemen

```bash

Character encoding problems

Window > Translation

Character set: UTF-8

Handling of line drawing characters: Use Unicode

Font rendering issues

Window > Appearance

Font quality: ClearType

Try different fonts: Consolas, Courier New, Lucida Console

Color problems

Window > Colours

Allow terminal to specify ANSI colours: [Check]

Allow terminal to use xterm 256-colour mode: [Check]

```_

Erweiterte Funktionen

Protokoll

```bash

Session logging

Session > Logging

Log file name: C:\logs\putty-%Y%M%D-%h%m%s.log What to do if log file exists: Ask user Flush log file frequently: [Check]

Log types

All session output: Complete session log SSH packets: Protocol-level debugging SSH packets and raw data: Detailed debugging ```_

Skript und Automatisierung

```bash

Automated login script

Create batch file (connect.bat)

@echo off putty.exe -ssh user@server -pw password -m commands.txt

Commands file (commands.txt)

ls -la uptime df -h exit

Registry-based automation

Save session configuration

Use batch file to launch saved session

putty.exe -load "SessionName" ```_

Integration mit anderen Tools

```bash

WinSCP integration

Configure WinSCP to use PuTTY for terminal

Options > Integration > Applications

PuTTY path: C:\Program Files\PuTTY\putty.exe

Windows Terminal integration

Add PuTTY profile to Windows Terminal

\\{ "name": "PuTTY SSH", "commandline": "putty.exe -ssh user@server", "icon": "C:\Program Files\PuTTY\putty.exe" \\} ```_

Best Practices

Sicherheit Best Practices

```bash

Use key-based authentication

Generate strong keys (RSA 4096-bit or Ed25519)

Use passphrases on private keys

Regularly rotate keys

Disable password authentication on server

/etc/ssh/sshd_config

PasswordAuthentication no ChallengeResponseAuthentication no UsePAM no

Use jump hosts for sensitive servers

Configure bastion host access

Use agent forwarding carefully

```_

Konfigurationsmanagement

```bash

Backup PuTTY configuration

Export registry settings regularly

reg export "HKEY_CURRENT_USER\Software\SimonTatham\PuTTY" putty-backup.reg

Version control for configurations

Store exported configurations in Git

Document session purposes and access requirements

Standardize configurations across team

Create template configurations

Share session exports with team members

```_

Leistungsoptimierung

```bash

Optimize for network conditions

Enable compression for slow links

Adjust keepalive settings for unstable connections

Use appropriate cipher selection

Terminal optimization

Use appropriate fonts and sizes

Configure scrollback appropriately

Disable unnecessary features for performance

```_

PuTTY bleibt der de facto Standard für SSH-Zugriff auf Windows-Systeme und bietet eine umfassende Palette von Werkzeugen für sicheren Fernzugriff und Dateiübertragung. Die umfangreichen Konfigurationsoptionen und das robuste Feature-Set eignen sich für alles von einfachen SSH-Verbindungen bis hin zu komplexen Tunnelszenarien. PuTTYs Fähigkeiten zu verstehen ist für Windows-basierte Systemadministratoren und Entwickler, die mit Remote Unix/Linux-Systemen arbeiten, unerlässlich.