PuTTY Changelog

What's new in PuTTY 0.80

Dec 18, 2023
  • Security fix: support for OpenSSH's new kex-strict protocol modification, addressing a vulnerability in some @openssh.com cipher and MAC modes, in particular ChaCha20+Poly1305.
  • Bug fix: the MSI-installed version of putty.exe can now find its help file again.
  • Bug fix: a server sending non-displaying terminal escape sequences such as ESC[0m now no longer resets the scrollback to the bottom of the window.

New in PuTTY 0.79 (Aug 26, 2023)

  • Terminal mouse tracking: support for mouse movements which are not drags.
  • Terminal mouse tracking: support for horizontal scroll events (e.g. generated by trackpads).
  • Backwards compatibility fix: certificate-based user authentication now works with OpenSSH 7.7 and earlier.
  • Bug fix: in a session using the 'Raw' protocol, pressing ^D twice in the terminal window could cause an assertion failure.
  • Bug fix: terminal output could hang if a resize control sequence was sent by the server (and was not disabled in the Features panel) but PuTTY's window was set to non-resizable in the Window panel.
  • Bug fix: GTK PuTTY could fail an assertion if a resize control sequence was sent by the server while the window was docked to one half of the screen in KDE.
  • Bug fix: GTK PuTTY could fail an assertion if you tried to change the font size while the window was maximised.
  • Bug fix: the 'bell overload' timing settings were misinterpreted by Unix PuTTY and pterm 0.77/0.78; if any settings were saved using these versions, confusion can persist with newer versions.
  • Bug fix: SSH authentication banners were not reliably printed if a server sent one immediately before closing the connection (e.g. intended as a user-visible explanation for the connection closure).
  • Bug fix: the 'close' command in PSFTP always reported failure, so that ending a psftp -b batch script with it would cause PSFTP as a whole to believe it had failed, even if everything worked fine.
  • Bug fix: certificate handling would do the wrong thing, for RSA keys only, if you specified a detached certificate to go with a PPK file that had a different certificate embedded.
  • Bug fix: Windows Pageant's option to write out a configuration file fragment for Windows OpenSSH now works even if you have a space in your user name.
  • Bug fix: in local-line-editing mode, pressing ^U now just clears the line, instead of clearing it and then inserting a literal ^U.
  • Several bug fixes in edge cases of terminal wrapping, involving double-width characters.

New in PuTTY 0.78 (Oct 29, 2022)

  • Support for OpenSSH certificates, for both user authentication keys and host keys.
  • New SSH proxy modes, for running a custom shell command or subsystem on the proxy server instead of forwarding a port through it.
  • New plugin system to allow a helper program to provide responses in keyboard-interactive authentication, intended to automate one-time password systems.
  • Support for NTRU Prime post-quantum key exchange,
  • Support for AES-GCM (in the OpenSSH style rather than RFC 5647).
  • Support for more forms of Diffie-Hellman key exchange: new larger integer groups (such as group16 and group18), and support for using those and ECDH with GSSAPI.
  • Bug fix: the 32-bit Windows build now runs on Windows XP again.
  • Bug fix: server-controlled window title setting now works again even if the character set is ISO 8859 (or a few other affected single-byte character sets).
  • Bug fix: certain forms of OSC escape sequences (sent by some real servers) could cause PuTTY to crash.
  • Bug fix: the -pwfile/-pw options no longer affect local key passphrase prompts, and no longer suppress Plink's anti-spoofing measures.
  • Note: installing the 0.78 or later Windows installer will not automatically uninstall 0.77 or earlier, due to a change we've made to work around a bug. We recommend uninstalling the old version first, if possible. If both end up installed, uninstalling both and then re-installing the new version will fix things up.

New in PuTTY 0.77 (May 30, 2022)

  • Major improvements to network proxy support:
  • Support for interactively prompting the user if the proxy server requires authentication.
  • Built-in support for proxying via another SSH server, so that PuTTY will SSH to the proxy and then automatically forward a port through it to the destination host. (Similar to running plink -nc as a subprocess, but more convenient to set up, and allows you to answer interactive prompts presented by the proxy.)
  • Support for HTTP Digest authentication, when talking to HTTP proxies.
  • Introduced pterm.exe, a PuTTY-like wrapper program for Windows command prompts (or anything else running in a Windows console). Not yet included in the installer, but available as a .exe file from the Download page.
  • Updated Unicode and bidi support to Unicode 14.0.0.
  • New command-line option -pwfile, like -pw except that it reads the password from a file so that it doesn't show up on the command line.
  • Windows Pageant: option --openssh-config to allow easy interoperation with Windows's ssh.exe.
  • -pw (and -pwfile) now do not fall back to interactively prompting for a password if the provided password fails. (That was the original intention.)
  • New configuration options for keyboard handling:
  • Option to control handling of Shift + arrow keys
  • Extra mode in the function-keys option, for modern xterm (v216 and above).
  • Bug workaround flag to wait for the server's SSH greeting before sending our own, for servers (or proxies) that lose outgoing data before seeing any incoming data.
  • Crypto update: added side-channel resistance in probabilistic RSA key generation.
  • Crypto update: retired the use of short Diffie-Hellman exponents (just in case).
  • Bug fix: reconfiguring remote port forwardings more than once no longer crashes.
  • Bug fix: terminal output processing is now paused while handling a remote-controlled terminal resize, so that the subsequent screen redraw is interpreted relative to the new terminal size instead of the old.
  • Bug fix: Windows PuTTYgen's mouse-based entropy collection now handles high-frequency mice without getting confused.
  • Bug fix: Windows Pageant can now handle large numbers of concurrent connections without hanging or crashing.
  • Bug fix: if Windows Pageant is started multiple times simultaneously, the instances should reliably agree on one of them to be the persistent server.
  • Bug fix: remote-controlled changes of window title are now interpreted according to the configured character set.
  • Bug fix: remote-controlled changes of window title no longer get confused by UTF-8 characters whose encoding includes the byte 0x9C (which terminates the control sequence in non-UTF-8 contexts).
  • Bug fix: popping up the window context menu in the middle of a drag-select now no longer leaves the drag in a stuck state.
  • Bug fix: extensive use of true colour in the terminal no longer slows down window redraws unnecessarily.
  • Bug fix: when PSCP reports the server sending a disallowed compound pathname, it correctly reports the replacement name it's using for the downloaded file.
  • Bug fix: enabling X11 forwarding in psusan failed to fall back through possible port numbers for the forwarded X display.
  • For developers: migrated the build system to CMake, removing the old idiosyncratic mkfiles.pl and the autotools system.

New in PuTTY 0.76 (Jul 17, 2021)

  • New option to abandon an SSH connection if the server allows you to authenticate in a trivial manner.
  • Bug fix: Windows PuTTY crashed when the 'Use system colours' option was used.
  • Bug fix: crash on Windows when using MIT Kerberos together with 'Restart Session'.
  • Bug fix: Windows PuTTY leaked named pipes after contacting Pageant.
  • Bug fix: Windows PuTTY didn't update the window while you held down the scrollbar arrow buttons long enough to 'key-repeat'.
  • Bug fix: user colour-palette reconfiguration via 'Change Settings' were delayed-action.
  • Bug fix: server colour-palette reconfigurations were sometimes lost.
  • Bug fix: a tight loop could occur on reading a truncated private key file.
  • Bug fix: the Windows Pageant GUI key list didn't display key lengths.

New in PuTTY 0.75 (May 9, 2021)

  • Security fix: on Windows, a server could DoS the whole Windows GUI by telling the PuTTY window to change its title repeatedly at high speed.
  • Pageant now supports loading a key still encrypted, and decrypting it later by prompting for the passphrase on first use.
  • Upgraded default SSH key fingerprint format to OpenSSH-style SHA-256.
  • Upgraded private key file format to PPK3, with improved passphrase hashing and no use of SHA-1.
  • Terminal now supports ESC [ 9 m for strikethrough text.
  • New protocols: bare ssh-connection layer for use over already-secure IPC channels, and SUPDUP for talking to very old systems such as PDP-10s.
  • PuTTYgen now supports alternative provable-prime generation algorithm for RSA and DSA.
  • The Unix tools can now connect directly to a Unix-domain socket.

New in PuTTY 0.74 (Jun 27, 2020)

  • Security fix: if an SSH server accepted an offer of a public key and then rejected the signature, PuTTY could access freed memory, if the key had come from an SSH agent.
  • Security feature: new config option to disable PuTTY's dynamic host key preference policy, if you prefer to avoid giving away to eavesdroppers which hosts you have stored keys for.
  • Bug fix: the installer UI was illegible in Windows high-contrast mode.
  • Bug fix: console password input failed on Windows 7.
  • Bug fixes in the terminal: one instance of the dreaded "line==NULL" error box, and two other assertion failures.
  • Bug fix: potential memory-consuming loop in bug-compatible padding of an RSA signature from an agent.
  • Bug fix: PSFTP's buffer handling worked badly with some servers (particularly proftpd's mod_sftp).
  • Bug fix: cursor could be wrongly positioned when restoring from the alternate terminal screen. (A bug of this type was fixed in 0.59; this is a case that that fix missed.)
  • Bug fix: character cell height could be a pixel too small when running GTK PuTTY on Ubuntu 20.04 (or any other system with a similarly up-to-date version of Pango).
  • Bug fix: old-style (low resolution) scroll wheel events did not work in GTK 3 PuTTY. This could stop the scroll wheel working at all in VNC.

New in PuTTY 0.72 (Jul 20, 2019)

  • It fixes a small number of further security issues found by the 2019 EU-funded HackerOne bug bounty, and a variety of other bugs introduced in 0.71.

New in PuTTY 0.71 (Mar 19, 2019)

  • Security fixes found by an EU-funded bug bounty programme:
  • A remotely triggerable memory overwrite in RSA key exchange, which can occur before host key verification
  • Potential recycling of random numbers used in cryptography
  • On Windows, hijacking by a malicious help file in the same directory as the executable
  • On Unix, remotely triggerable buffer overflow in any kind of server-to-client forwarding
  • Multiple denial-of-service attacks that can be triggered by writing to the terminal
  • Other security enhancements: major rewrite of the crypto code to remove cache and timing side channels.
  • We now provide pre-built binaries for Windows on Arm.
  • Hardware-accelerated versions of the most common cryptographic primitives: AES, SHA-256, SHA-1.
  • GTK PuTTY now supports non-X11 displays (e.g. Wayland) and high-DPI configurations.
  • Type-ahead now works as soon as a PuTTY window is opened: keystrokes typed before authentication has finished will be buffered instead of being dropped.
  • Support for GSSAPI key exchange: an alternative to the older GSSAPI authentication system which can keep your forwarded Kerberos credentials updated during a long session.
  • More choices of user interface for clipboard handling.
  • New terminal features: support the REP escape sequence (fixing an ncurses screen redraw failure), true colour, and SGR 2 dim text.
  • Pressing Ctrl+Shift+PgUp or Ctrl+Shift+PgDn now takes you straight to the top or bottom of the terminal scrollback.

New in PuTTY 0.70 (Jul 8, 2017)

  • Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory, even a name we missed when we thought we'd fixed this in 0.69. See vuln-indirect-dll-hijack-3.
  • Windows PuTTY should be able to print again, after our DLL hijacking defences broke that functionality.
  • Windows PuTTY should be able to accept keyboard input outside the current code page, after our DLL hijacking defences broke that too.

New in PuTTY 0.69 (Apr 29, 2017)

  • Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory, even the names we missed when we thought we'd fixed this in 0.68. See vuln-indirect-dll-hijack-2.
  • Windows PuTTY should work with MIT Kerberos again, after our DLL hijacking defences broke it.
  • Jump lists should now appear again on the PuTTY shortcut in the Windows Start Menu.
  • You can now explicitly configure SSH terminal mode settings not to be sent to the server, if your server objects to them.

New in PuTTY 0.68 (Feb 22, 2017)

  • Security fix: an integer overflow bug in the agent forwarding code.
  • Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory (on versions of Windows where they previously were).
  • Windows PuTTY no longer sets a restrictive process ACL by default, because this turned out to inconvenience too many legitimate applications such as NVDA and TortoiseGit. You can still manually request a restricted ACL using the command-line option -restrict-acl.
  • The Windows PuTTY tools now come in a 64-bit version.
  • The Windows PuTTY tools now have Windows's ASLR and DEP security features turned on.
  • Support for elliptic-curve cryptography (the NIST curves and 25519), for host keys, user authentication keys, and key exchange.
  • Support for importing and exporting OpenSSH's new private key format.
  • Host key preference policy change: PuTTY prefers host key formats for which it already knows the key.
  • Run-time option (from the system menu / Ctrl-right-click menu) to retrieve other host keys from the same server (which cross-certifies them using the session key established using an already-known key) and add them to the known host-keys database.

New in PuTTY 0.67 Beta (Mar 7, 2016)

  • Security fix: a buffer overrun in the old-style SCP protocol when receiving the header of each file downloaded from the server is fixed. See vuln-pscp-sink-sscanf
  • Windows PuTTY now sets its process ACL more restrictively, in an attempt to defend against malicious other processes reading sensitive data out of its memory
  • Assorted other robustness fixes for crashes and memory leaks
  • We have started using Authenticode to sign our Windows executables and installer

New in PuTTY 0.66 Beta (Nov 8, 2015)

  • Security fix: an escape sequence which used to make PuTTY's terminal code read and potentially write the wrong memory is fixed. See vuln-ech-overflow.
  • Bug fix: better Unicode handling in Windows PuTTY keyboard messages, so it should now work better with WinCompose.
  • Bug fix: jump lists on Windows 10 should now work.
  • There's now a set of command-line options to enable session logging.
  • P in the log file name now substitutes in the port number from the configuration.

New in PuTTY 0.65 Pre-release (Jul 1, 2015)

  • This will be a bug-fix release: it will not contain the various new cryptographic features in the development snapshots, but it will contain large and small bug fixes over 0.64, including in particular a fix for the recent Vista-specific bug in which the configuration dialog becomes invisible.

New in PuTTY 0.64 Beta (Feb 28, 2015)

  • Security fix: PuTTY no longer retains the private half of users' keys in memory by mistake after authenticating with them. See private-key-not-wiped-2. (Sorry! We thought we'd fixed that in 0.63, but missed one.)
  • Support for SSH connection sharing, so that multiple instances of PuTTY to the same host can share a single SSH connection instead of all having to log in independently.
  • Command-line and configuration option to specify the expected host key(s).
  • Defaults change: PuTTY now defaults to SSH-2 only, instead of its previous default of SSH-2 preferred.
  • Local socket errors in port-forwarded connections are now recorded in the PuTTY Event Log.
  • Bug fix: repeat key exchanges in the middle of an SSH session now never cause an annoying interactive host key prompt.
  • Bug fix: reset the bolded-text default setting back to what it used to be. (0.63 set it to something wrong, as a side effect of refactoring.)
  • Bug fix: IPv6 literals are handled sensibly throughout the suite, if you enclose them in square brackets to prevent the colons being mistaken for a :port suffix.
  • Bug fix: IPv6 dynamic port forwardings should work again.

New in PuTTY 0.63 Beta (Aug 7, 2013)

  • Security fix: prevent a nefarious SSH server or network attacker from crashing PuTTY at startup in three different ways by presenting a maliciously constructed public key and signature.
  • Security fix: PuTTY no longer retains the private half of users' keys in memory by mistake after authenticating with them.
  • Revamped the internal configuration storage system to remove all fixed arbitrary limits on string lengths. In particular, there should now no longer be an unreasonably small limit on the number of port forwardings PuTTY can store.
  • Port-forwarded TCP connections which close one direction before the other should now be reliably supported, with EOF propagated independently in the two directions. This also fixes some instances of port-forwarding data corruption (if the corruption consisted of losing data from the very end of the connection) and some instances of PuTTY failing to close when the session is over (because it wrongly thought a forwarding channel was still active when it was not).
  • The terminal emulation now supports xterm's bracketed paste mode (allowing aware applications to tell the difference between typed and pasted text, so that e.g. editors need not apply inappropriate auto-indent).
  • You can now choose to display bold text by both brightening the foreground colour and changing the font, not just one or the other.
  • PuTTYgen will now never generate a 2047-bit key when asked for 2048 (or more generally n−1 bits when asked for n).
  • Some updates to default settings: PuTTYgen now generates 2048-bit keys by default (rather than 1024), and PuTTY defaults to UTF-8 encoding and 2000 lines of scrollback (rather than ISO 8859-1 and 200).
  • Unix: PSCP and PSFTP now preserve the Unix file permissions, on copies in both directions.
  • Unix: dead keys and compose-character sequences are now supported.
  • Unix: PuTTY and pterm now permit font fallback (where glyphs not present in your selected font are automatically filled in from other fonts on the system) even if you are using a server-side X11 font rather than a Pango client-side one.
  • Bug fixes too numerous to list, mostly resulting from running the code through Coverity Scan which spotted an assortment of memory and resource leaks, logic errors, and crashes in various circumstances.

New in PuTTY 0.62 Beta (Dec 12, 2011)

  • Security fix preventing passwords from being accidentally retained in memory.

New in PuTTY 0.61 Beta (Jul 13, 2011)

  • Kerberos/GSSAPI authentication in SSH-2.
  • Local X11 authorisation support on Windows.
  • Support for non-fixed-width fonts on Windows.
  • Specifying the logical host name independently of the physical network address to connect to.
  • Crypto and flow control optimisations.
  • Support for the [email protected] SSH-2 compression method.
  • Support for new Windows 7 UI features: Aero resizing and jump lists.
  • Support for OpenSSH AES-encrypted private key files in PuTTYgen.
  • Bug fix: handles OpenSSH private keys with primes in either order.
  • Bug fix: corruption of port forwarding is fixed (we think).
  • Bug fix: various crashes and hangs when exiting on failure,
  • Bug fix: hang in the serial back end on Windows.
  • Bug fix: Windows clipboard is now read asynchronously, in case of deadlock due to the clipboard owner being at the far end of the same PuTTY's network connection (either via X forwarding or via tunnelled rdesktop).

New in PuTTY 0.60 Beta (Jul 13, 2011)

  • Pressing Ctrl+Break now sends a serial break signal. (The previous behaviour can still be obtained with Ctrl+C.)
  • Serial ports higher than COM9 now no longer need a leading \\.\.
  • You can now store a host name in the Default Settings.
  • Bug fix: serial connections and local proxies should no longer crash all the time.
  • Bug fix: configuring the default connection type to serial should no longer cause the configuration dialog to be skipped on startup.
  • Bug fix: "Unable to read from standard input" should now not happen, or if it still does it should produce more detailed diagnostics.
  • Bug fix: fixed some malformed SSH-2 packet generation.
  • Other minor bug fixes.

New in PuTTY 0.59 Beta (Jul 13, 2011)

  • PuTTY can now connect to local serial ports as well as making network connections.
  • Windows PuTTY now supports "local proxying", where a network connection is replaced by a local command. (Unix PuTTY has supported this since it was first released in 0.54.) Also, Plink has gained a "-nc" mode where the primary channel is replaced by an SSH tunnel, which makes it particularly useful as the local command to run.
  • Improved speed of SSH on Windows (particularly SSH-2 key exchange and public-key authentication).
  • Improved SFTP throughput.
  • Various cryptographic improvements in SSH-2, including SDCTR cipher modes, a workaround for a weakness in CBC cipher modes, and Diffie-Hellman group exchange with SHA-256.
  • Support for the Arcfour cipher in SSH-2.
  • Support for sending terminal modes in SSH.
  • When Pageant is running and an SSH key is specified in the configuration, PuTTY will now only try Pageant authentication with that key. This gets round a problem where some servers would only allow a limited number of keys to be offered before disconnecting.
  • Support for SSH-2 password expiry mechanisms, and various other improvements and bugfixes in authentication.
  • A change to the SSH-2 password camouflage mechanism in 0.58 upset some Cisco servers, so we have reverted to the old method.
  • The Windows version now comes with documentation in HTML Help format. (Windows Vista does not support the older WinHelp format. However, we still provide documentation in that format, since Win95 does not support HTML Help.)
  • On Windows, when pasting as RTF, attributes of the selection such as colours and formatting are also pasted.
  • Ability to configure font quality on Windows (including antialiasing and ClearType).
  • The terminal is now restored to a sensible state when reusing a window to restart a session.
  • We now support an escape sequence invented by xterm which lets the server clear the scrollback (CSI 3 J). This is useful for applications such as terminal locking programs.
  • Bug fix: 0.58 utterly failed to run on some installations of Windows XP.
  • Bug fix: PSCP and PSFTP now support large files (greater than 4 gigabytes), provided the underlying operating system does too.
  • Bug fix: PSFTP (and PSCP) sometimes ran slowly and consumed lots of CPU when started directly from Windows Explorer.
  • Bug fix: font linking (the automatic use of other fonts on the system to provide Unicode characters not present in the selected one) should now work again on Windows, after being broken in 0.58. (However, it unfortunately still won't work for Arabic and other right-to-left text.)
  • Bug fix: if the remote server saturated PuTTY with data, PuTTY could become unresponsive.
  • Bug fix: certain large clipboard operations could cause PuTTY to crash.
  • Bug fix: SSH-1 connections tended to crash, particularly when using port forwarding.
  • Bug fix: SSH Tectia Server would reject SSH-2 tunnels from PuTTY due to a malformed request.
  • Bug fix: SSH-2 login banner messages were being dropped silently under some circumstances.
  • Bug fix: the cursor could end up in the wrong place when a server-side application used the alternate screen.
  • Bug fix: on Windows, PuTTY now tries harder to find a suitable place to store its random seed file PUTTY.RND (previously it was tending to end up in C:\ or C:\WINDOWS).
  • Bug fix: IPv6 should now work on Windows Vista.
  • Numerous other bugfixes, as usual.

New in PuTTY 0.58 Beta (Jul 13, 2011)

  • Wildcards (mput/mget) and recursive file transfer in PSFTP.
  • You can now save your session details from the Change Settings dialog box, after you've started your session.
  • Various improvements to Unicode support, including:
  • support for right-to-left and bidirectional text (Arabic, Hebrew etc). Thanks to arabeyes.org for design and most of the implementation.
  • support for Arabic text shaping, again thanks to arabeyes.org.
  • support for Unicode combining characters.
  • Support for the xterm 256-colour control sequences.
  • Port forwardings can now be reconfigured in mid-session.
  • Support for IPv6.
  • More configurability and flexibility in SSH-2 key exchange. In particular, PuTTY can now initiate repeat key exchange during the session, which means that if your server doesn't initiate it (some servers don't bother) you can still have the cryptographic benefits.
  • Bug fix: display artefacts caused by characters overflowing their character cell should now all be gone. (This would probably have bothered Windows ClearType users more than anyone else.)
  • Bug fix: keepalives are now supported everywhere. (Previously they were supported by Windows GUI PuTTY, but were missing in Plink, PSFTP and the Unix port.)
  • Miscellaneous improvements for CJK/IME users;

New in PuTTY 0.57 Beta (Jul 13, 2011)

  • Security fixes: two vulnerabilities discovered by iDEFENSE, potentially allowing arbitrary code execution on an SFTP client by a malicious SFTP server (but only after host key verification), have been fixed.
  • Fixed small bug with X forwarding to local displays.
  • Fixed crashing bug with remote port forwarding.
  • Fixed handling of SSH-2 debug messages

New in PuTTY 0.56 Beta (Jul 13, 2011)

  • Security fix: a vulnerability discovered by iDEFENSE, potentially allowing arbitrary code execution on the client by a malicious SSH-2 server before host key verification, has been fixed. See vuln-ssh2-debug.
  • Ability to restart a session within an inactive window, via a new menu option.
  • Minimal support for not running a shell or command at all in SSH protocol 2 (equivalent to OpenSSH's "-N" option). PuTTY/Plink still provide a normal window for interaction, and have to be explicitly killed.
  • Transparent support for CHAP cryptographic authentication in the SOCKS 5 proxy protocol. (Not in PuTTYtel.)
  • More diagnostics in the Event Log, particularly of SSH port forwarding.
  • Ability to request setting of environment variables in SSH (protocol 2 only). (However, we don't know of any servers that support this.)
  • Ability to send POSIX signals in SSH (protocol 2 only) via the "Special Commands" menu. (Again, we don't know of any servers supporting this.)
  • Bug fix: The PuTTY tools now more consistently support usernames containing "@" signs.
  • Support for the Polish character set "Mazovia".
  • When logging is enabled, the log file is flushed more frequently, so that its contents can be viewed before it is closed.
  • More flexibility in SSH packet logging: known passwords and session data can be omitted from the log file. Passwords are omitted by default. (This option isn't perfect for removing sensitive details; you should still review log files before letting them out of your sight.)

New in PuTTY 0.55 Beta (Jul 13, 2011)

  • Security fix: a vulnerability discovered by Core Security Technologies (advisory number CORE-2004-0705), potentially allowing arbitrary code execution on the client by a malicious server before host key verification, has been fixed.
  • Bug fix: General robustness of the SSH-1 implementation has been improved, which may have fixed further potential security problems although we are not aware of any specific ones.
  • Bug fix: Random noise generation was hanging some computers and interfering with other processes' precision timing, and should now not do so.
  • Bug fix: dead key support should work better.
  • Bug fix: a terminal speed is now sent to the SSH server.
  • Bug fix: removed a spurious diagnostic message in Plink.
  • Bug fix: the `-load' option in PSCP and PSFTP should work better.
  • Bug fix: X forwarding on the Unix port can now talk to Unix sockets as well as TCP sockets.
  • Bug fix: various crashes and assertion failures fixed..

New in PuTTY 0.54 Beta (Jul 13, 2011)

  • Dynamic SSH port forwarding.
  • Ability to leave DNS lookups to the proxy, when using a proxy.
  • Sped up PSFTP.
  • Fixed various bugs, notably one which was impeding port-forwarding of SMB.
  • Some default settings changes: SSH and SSH-2 are now default, BCE is off.

New in PuTTY 0.53b Beta (Jul 13, 2011)

  • Fixed an embarrassing command-line bug: the -P option didn't work at all.
  • Security fix: the vulnerability found by the Rapid7 SSHredder test suite is now believed fixed.
  • Security fix: an improvement in random number policy when running more than one PuTTY at the same time.

New in PuTTY 0.53 Beta (Jul 13, 2011)

  • The feature everyone's been asking for: ANSI printer support. Currently this sends data to the printer in completely raw mode, without benefit of Windows GDI or the printer driver; so it will be fine for anyone whose server already knows what type of printer it expects to be talking to, but probably not ideal for someone who wants to print a text file and have it look nice. A less raw mode of printer access is still on the Wishlist, but is quite a big piece of coding work so it's in the Implausible section.
  • The other feature everyone's been asking for: PuTTYgen can now import and export OpenSSH and ssh.com SSH-2 private keys, as well as PuTTY's own format.
  • We now ship the PuTTY tool set as an installer, created using Jordan Russell's excellent and easy-to-use Inno Setup. (For the other half of our users, who felt the best thing about PuTTY was that they didn't have to mess around with installers, we still ship the single executables and the zip file, so nobody has to use the installer if they don't want to.)
  • PuTTY now has a default file extension for private key files: .PPK (PuTTY Private Key). The installer associates this file extension with Pageant and PuTTYgen.
  • PuTTY now natively supports making its connection through various types of proxy. We support SOCKS 4 and 5, HTTP CONNECT (RFC 2817), and the common ad-hoc type of proxy where you telnet to the proxy and then send text of the form "connect host.name 22". Basic password authentication is supported in SOCKS and HTTP proxies. Many thanks to Justin Bradford for doing most of the work here.
  • PuTTY now supports a standard set of command-line options across all tools. Most of these options are ones that Plink has always supported; however, we also support a number of new options similar to the OpenSSH ones (-A and -a, -X and -x, and similar things; also the -i option to specify a private key file).
  • The right-button menu on Pageant's System tray icon now offers the option to start PuTTY (New Session plus the Saved Sessions submenu). This feature is disabled if Pageant can't find the PuTTY binary on startup. Thanks to Dominique Faure.
  • Added the Features control panel, allowing the user to disable some of the more controversial terminal capabilities.
  • Added the Bugs control panel, allowing the user to manually control PuTTY's various workarounds for SSH server bugs.
  • Various bug fixes, including (with luck) much greater stability in high-traffic port forwarding situations.