PuTTY - SSH et Telnet Client pour Windows
PuTTY est un émulateur de terminal gratuit et open source, console série et application de transfert de fichiers réseau. Développé à l'origine pour Windows, PuTTY supporte les connexions SSH, Telnet, rlogin et socket brut. C'est l'un des clients SSH les plus populaires pour Windows et comprend une suite complète d'outils pour l'accès à distance sécurisé et le transfert de fichiers.
Installation
Fenêtres
# Download from official website
# https://www.putty.org/
# Via Chocolatey
choco install putty
# Via Scoop
scoop install putty
# Via Windows Package Manager
winget install PuTTY.PuTTY
# Portable version (no installation required)
# Download putty.exe and run directly
Linux
# Debian/Ubuntu
sudo apt update
sudo apt install putty
# Red Hat/CentOS/Fedora
sudo dnf install putty
# Arch Linux
sudo pacman -S putty
```_
### MACOS
```bash
# Via Homebrew
brew install putty
# Via MacPorts
sudo port install putty
```_
## Composants PuTTY Suite
### Principales applications
```bash
# Main applications
putty.exe # Main SSH/Telnet client
puttygen.exe # Key generation tool
pageant.exe # SSH authentication agent
pscp.exe # SCP file transfer client
psftp.exe # SFTP file transfer client
plink.exe # Command-line SSH client
Outils supplémentaires
# Utility tools
puttytel.exe # Telnet-only client
pterm.exe # Terminal emulator (Unix-like systems)
Configuration de la connexion de base
SSH Connexion
# Basic SSH connection setup in PuTTY GUI:
# Host Name: server.example.com
# Port: 22
# Connection Type: SSH
# Protocol Version: 2 (recommended)
# Save session for reuse
# Session Name: MyServer
# Click "Save"
# Load saved session
# Select "MyServer" from saved sessions
# Click "Load"
Types de connexion
# SSH (Secure Shell) - Port 22
Host: server.example.com
Port: 22
Connection Type: SSH
# Telnet - Port 23
Host: server.example.com
Port: 23
Connection Type: Telnet
# Raw connection
Host: server.example.com
Port: [custom port]
Connection Type: Raw
# Serial connection
Serial Line: COM1
Speed: 9600
Connection Type: Serial
SSH Authentification des clés
Générer des clés SSH (PutTYgen)
# Launch PuTTYgen
puttygen.exe
# Generate new key pair
# 1. Select key type (RSA, DSA, ECDSA, Ed25519)
# 2. Set key size (2048, 3072, 4096 bits for RSA)
# 3. Click "Generate"
# 4. Move mouse to generate randomness
# 5. Add key comment (optional)
# 6. Set passphrase (recommended)
# 7. Save private key (.ppk format)
# 8. Save public key (.pub format)
Conversion des clés
# Convert OpenSSH private key to PuTTY format
# 1. Load existing private key in PuTTYgen
# 2. File > Load private key
# 3. Select OpenSSH key file
# 4. Save as PuTTY private key (.ppk)
# Export PuTTY key to OpenSSH format
# 1. Load .ppk file in PuTTYgen
# 2. Conversions > Export OpenSSH key
# 3. Save as OpenSSH format
Configurer l'authentification des clés dans PuTTY
# SSH > Auth > Credentials
# Private key file for authentication: [Browse to .ppk file]
# Allow agent forwarding: [Check if needed]
# Allow attempted changes of username: [Check if needed]
# SSH > Auth > GSSAPI
# Attempt GSSAPI authentication: [Uncheck for key auth]
Assistant (agent SSH)
Utilisation de Pageant
# Start Pageant
pageant.exe
# Add keys to Pageant
# Right-click Pageant icon in system tray
# "Add Key" > Select .ppk file
# Enter passphrase if required
# View loaded keys
# Right-click Pageant icon
# "View Keys"
# Remove key
# Select key in "View Keys" dialog
# Click "Remove Key"
Ligne de commande Pageant
# Start Pageant with keys
pageant.exe key1.ppk key2.ppk
# Start Pageant and add key
pageant.exe -c "command to run"
# Kill Pageant
pageant.exe -k
Configuration du terminal
Paramètres d'apparence
# Window > Appearance
Font: Consolas, 10pt
Font quality: ClearType
Cursor appearance: Block/Underline/Vertical line
Cursor blinks: [Check/Uncheck]
# Window > Colours
Default Foreground: RGB(187, 187, 187)
Default Background: RGB(0, 0, 0)
Cursor Text: RGB(0, 0, 0)
Cursor Colour: RGB(0, 255, 0)
# ANSI Colors (can be customized)
ANSI Black: RGB(0, 0, 0)
ANSI Red: RGB(187, 0, 0)
ANSI Green: RGB(0, 187, 0)
ANSI Yellow: RGB(187, 187, 0)
ANSI Blue: RGB(0, 0, 187)
ANSI Magenta: RGB(187, 0, 187)
ANSI Cyan: RGB(0, 187, 187)
ANSI White: RGB(187, 187, 187)
Comportement des fenêtres
# Window > Behaviour
Warn before closing window: [Check]
Window closes on ALT-F4: [Check]
System menu appears on ALT-Space: [Check]
System menu appears on Alt alone: [Uncheck]
Ensure window is always on top: [Check if needed]
Full screen on Alt-Enter: [Check]
Caractéristiques du terminal
# Terminal > Features
Disable application cursor keys mode: [Uncheck]
Disable application keypad mode: [Uncheck]
Disable xterm-style mouse reporting: [Uncheck]
Disable remote window title changing: [Check for security]
Disable remote window title querying: [Check for security]
Disable destructive backspace on server: [Uncheck]
Disable remote character set configuration: [Check for security]
Raccourcis clavier
Navigation de base
# Text selection
Shift + Arrow Keys # Select text
Ctrl + Shift + Arrow # Select word by word
Shift + Home/End # Select to beginning/end of line
Ctrl + A # Select all text
# Clipboard operations
Ctrl + C # Copy selected text
Ctrl + V # Paste from clipboard
Shift + Insert # Paste from clipboard (alternative)
Right Click # Context menu (copy/paste)
# Window operations
Alt + Enter # Toggle fullscreen
Alt + F4 # Close window
Alt + Space # System menu
Contrôle terminal
# Process control
Ctrl + C # Send SIGINT (interrupt)
Ctrl + Z # Send SIGTSTP (suspend)
Ctrl + D # Send EOF
Ctrl + \ # Send SIGQUIT
# Terminal functions
Ctrl + L # Clear screen (if supported by shell)
Ctrl + R # Reverse search (if supported by shell)
Ctrl + U # Clear line (if supported by shell)
Spécifique
# Special key combinations
Ctrl + Right Click # Context menu
Alt + F4 # Close connection
Alt + Enter # Toggle fullscreen
Ctrl + Shift + C # Copy (if configured)
Ctrl + Shift + V # Paste (if configured)
Transfert de fichiers
PSPC (client du SCP)
# Basic file transfer
pscp source destination
# Copy file to remote server
pscp localfile.txt user@server:/path/to/destination/
# Copy file from remote server
pscp user@server:/path/to/file.txt localfile.txt
# Copy directory recursively
pscp -r localdirectory user@server:/path/to/destination/
# Copy with specific port
pscp -P 2222 file.txt user@server:/path/
# Copy with private key
pscp -i keyfile.ppk file.txt user@server:/path/
# Preserve file attributes
pscp -p file.txt user@server:/path/
# Verbose output
pscp -v file.txt user@server:/path/
# Batch mode (non-interactive)
pscp -batch file.txt user@server:/path/
PSFTP (client FSTP)
# Start SFTP session
psftp user@server
# SFTP commands within session
open user@server # Connect to server
ls # List remote directory
lls # List local directory
cd /path/to/directory # Change remote directory
lcd C:\local\path # Change local directory
pwd # Show remote working directory
lpwd # Show local working directory
# File operations
get remotefile.txt # Download file
put localfile.txt # Upload file
mget *.txt # Download multiple files
mput *.txt # Upload multiple files
del remotefile.txt # Delete remote file
rm remotefile.txt # Delete remote file (alias)
mkdir newdirectory # Create remote directory
rmdir emptydirectory # Remove remote directory
# Transfer modes
binary # Set binary transfer mode
ascii # Set ASCII transfer mode
# Exit SFTP
quit # Exit SFTP session
bye # Exit SFTP session (alias)
Opérations par lots PSFTP
# Create batch file (commands.txt)
cd /home/user
lcd C:\local\folder
mget *.log
quit
# Execute batch file
psftp -b commands.txt user@server
# Non-interactive batch mode
psftp -batch -b commands.txt user@server
Utilisation de la ligne de commande (Plink)
Utilisation de base de Plink
# Execute single command
plink user@server "ls -la"
# Interactive session
plink user@server
# Specify port
plink -P 2222 user@server
# Use private key
plink -i keyfile.ppk user@server
# Batch mode (non-interactive)
plink -batch user@server "uptime"
# SSH protocol version
plink -2 user@server # Force SSH-2
plink -1 user@server # Force SSH-1 (not recommended)
Plink Options avancées
# Connection options
plink -ssh user@server # Force SSH
plink -telnet user@server # Force Telnet
plink -raw server 80 # Raw connection
plink -serial COM1 -sercfg 9600,8,n,1 # Serial connection
# Authentication options
plink -pw password user@server # Password authentication
plink -i keyfile.ppk user@server # Key authentication
plink -agent user@server # Use Pageant
# Tunneling options
plink -L 8080:localhost:80 user@server # Local port forwarding
plink -R 8080:localhost:80 user@server # Remote port forwarding
plink -D 1080 user@server # Dynamic port forwarding (SOCKS)
# X11 forwarding
plink -X user@server # Enable X11 forwarding
plink -x user@server # Disable X11 forwarding
# Compression
plink -C user@server # Enable compression
# Verbose output
plink -v user@server # Verbose mode
Transbordement et tunnel
Transmission locale des ports
# Forward local port to remote service
# Connection > SSH > Tunnels
Source Port: 8080
Destination: localhost:80
Type: Local
Click "Add"
# Command line equivalent
plink -L 8080:localhost:80 user@server
# Multiple forwards
plink -L 8080:localhost:80 -L 3306:database:3306 user@server
Transfert de port à distance
# Forward remote port to local service
# Connection > SSH > Tunnels
Source Port: 8080
Destination: localhost:80
Type: Remote
Click "Add"
# Command line equivalent
plink -R 8080:localhost:80 user@server
Transmission dynamique des ports (SOCKS Proxy)
# Create SOCKS proxy
# Connection > SSH > Tunnels
Source Port: 1080
Type: Dynamic
Click "Add"
# Command line equivalent
plink -D 1080 user@server
# Configure applications to use SOCKS proxy
# Proxy: localhost:1080
# Type: SOCKS5
Gestion des séances
Sessions de sauvegarde
# Save session configuration
# 1. Configure all settings
# 2. Enter session name in "Saved Sessions"
# 3. Click "Save"
# Default session
# Leave "Saved Sessions" blank
# Click "Save" to save as default
Importation/Exportation de session
# Export session to file
# Windows Registry: HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\Sessions
# Export via Registry Editor
regedit /e putty-sessions.reg "HKEY_CURRENT_USER\Software\SimonTatham\PuTTY"
# Import sessions
regedit /i putty-sessions.reg
# Command line export
reg export "HKEY_CURRENT_USER\Software\SimonTatham\PuTTY" putty-config.reg
Automatisation des séances
# Auto-login script
# Connection > SSH > Remote command
# Enter: /bin/bash -l
# Startup script
# Terminal > Shell
# Send to server on startup: source ~/.bashrc
# Keep session alive
# Connection > Sending of null packets to keep session active
# Seconds between keepalives: 60
Configuration de sécurité
SSH Paramètres de sécurité
# SSH > Protocol options
SSH protocol version: 2 only
Enable compression: [Check for slow connections]
# SSH > Encryption
Encryption cipher selection policy:
- ChaCha20-Poly1305 (SSH-2 only)
- AES-256 (SSH-2 only)
- AES-192 (SSH-2 only)
- AES-128 (SSH-2 only)
# SSH > Host keys
Policy for unknown host keys: Ask
Cache host keys: [Check]
Sécurité d'authentification
# SSH > Auth > Credentials
Display pre-authentication banner: [Check]
Bypass authentication entirely: [Uncheck]
Allow agent forwarding: [Check only if needed]
Allow attempted changes of username: [Uncheck for security]
# SSH > Auth > Methods
Attempt authentication using Pageant: [Check if using Pageant]
Attempt TIS or CryptoCard authentication: [Uncheck unless needed]
Attempt keyboard-interactive authentication: [Check]
Allow fallback to password authentication: [Check]
Sécurité de connexion
# Connection > Data
Terminal-type string: xterm
Terminal speed: 38400,38400
Environment variables: [Only add if necessary]
# Connection > Proxy
Proxy type: None (unless using proxy)
Do DNS name lookup at proxy end: [Check if using proxy]
Username/Password: [Only if proxy requires authentication]
Dépannage
Problèmes de connexion
# Common connection problems
# 1. Check host name and port
# 2. Verify firewall settings
# 3. Test with telnet first
telnet server.example.com 22
# Network connectivity test
ping server.example.com
nslookup server.example.com
# SSH service status (on server)
systemctl status ssh
systemctl status sshd
Problèmes d'authentification
# Key authentication issues
# 1. Verify key format (.ppk for PuTTY)
# 2. Check key permissions on server
# 3. Verify public key in ~/.ssh/authorized_keys
# 4. Check SSH server configuration
# Server-side debugging
tail -f /var/log/auth.log
tail -f /var/log/secure
# Client-side debugging
# Enable logging in PuTTY
# Session > Logging
# Log file name: putty.log
# What to do if log file exists: Append
Problèmes de performance
# Slow connections
# Enable compression
# Connection > SSH > Protocol options
# Enable compression: [Check]
# Optimize cipher selection
# SSH > Encryption
# Move faster ciphers to top of list
# Adjust window size
# Connection > SSH > Protocol options
# Max data before sending return: 4096
Afficher les problèmes
# Character encoding problems
# Window > Translation
# Character set: UTF-8
# Handling of line drawing characters: Use Unicode
# Font rendering issues
# Window > Appearance
# Font quality: ClearType
# Try different fonts: Consolas, Courier New, Lucida Console
# Color problems
# Window > Colours
# Allow terminal to specify ANSI colours: [Check]
# Allow terminal to use xterm 256-colour mode: [Check]
Caractéristiques avancées
Exploitation forestière
# Session logging
# Session > Logging
Log file name: C:\logs\putty-%Y%M%D-%h%m%s.log
What to do if log file exists: Ask user
Flush log file frequently: [Check]
# Log types
All session output: Complete session log
SSH packets: Protocol-level debugging
SSH packets and raw data: Detailed debugging
Scénario et automatisation
# Automated login script
# Create batch file (connect.bat)
@echo off
putty.exe -ssh user@server -pw password -m commands.txt
# Commands file (commands.txt)
ls -la
uptime
df -h
exit
# Registry-based automation
# Save session configuration
# Use batch file to launch saved session
putty.exe -load "SessionName"
Intégration avec d'autres outils
# WinSCP integration
# Configure WinSCP to use PuTTY for terminal
# Options > Integration > Applications
# PuTTY path: C:\Program Files\PuTTY\putty.exe
# Windows Terminal integration
# Add PuTTY profile to Windows Terminal
\\\\{
"name": "PuTTY SSH",
"commandline": "putty.exe -ssh user@server",
"icon": "C:\\Program Files\\PuTTY\\putty.exe"
\\\\}
Meilleures pratiques
Pratiques exemplaires en matière de sécurité
# Use key-based authentication
# Generate strong keys (RSA 4096-bit or Ed25519)
# Use passphrases on private keys
# Regularly rotate keys
# Disable password authentication on server
# /etc/ssh/sshd_config
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no
# Use jump hosts for sensitive servers
# Configure bastion host access
# Use agent forwarding carefully
Gestion de la configuration
# Backup PuTTY configuration
# Export registry settings regularly
reg export "HKEY_CURRENT_USER\Software\SimonTatham\PuTTY" putty-backup.reg
# Version control for configurations
# Store exported configurations in Git
# Document session purposes and access requirements
# Standardize configurations across team
# Create template configurations
# Share session exports with team members
Optimisation des performances
# Optimize for network conditions
# Enable compression for slow links
# Adjust keepalive settings for unstable connections
# Use appropriate cipher selection
# Terminal optimization
# Use appropriate fonts and sizes
# Configure scrollback appropriately
# Disable unnecessary features for performance
PuTTY reste la norme de facto pour l'accès SSH sur les systèmes Windows, offrant une suite complète d'outils pour l'accès à distance sécurisé et le transfert de fichiers. Ses options de configuration étendues et son ensemble de fonctionnalités robustes le rendent adapté à tout, des connexions SSH simples aux scénarios de tunnel complexes. Comprendre les capacités de PuTTY est essentiel pour les administrateurs et développeurs de systèmes basés sur Windows travaillant avec les systèmes Unix/Linux distants.