PuTTY

PuTTY is the SSH and Telnet client that everyone in system administration ends up using at some point. It’s small, it’s quick, and it does exactly one thing: open a terminal session to a remote machine over a network protocol.

Around that core sits a handful of companion utilities for key generation, agent forwarding, and scripted transfers, which together make it a complete toolkit for command-line remote access.

The interface is famously plain. One window, one configuration tree on the left, one terminal in the middle once you connect. There are no tabs, no built-in file manager, no session dashboard, no themes. For some people that’s a deal-breaker. For others it’s exactly the appeal, since there’s nothing to learn beyond the protocols themselves.

If you want tabs and panels, multi-tab wrappers like MTPuTTY or SuperPuTTY sit on top of the same engine without changing how it actually connects.

The connection workflow and what each protocol covers

PuTTY speaks SSH, Telnet, Rlogin, Serial, and raw socket. SSH is what most people use, with full support for SSH-2 and the modern cipher suites including AES, ChaCha20-Poly1305, and the standard MAC and key exchange algorithms. SSH-1 is still available but disabled by default for new sessions, which is the right call given how long it’s been deprecated.

Telnet and Rlogin are there for legacy gear, mostly network switches, routers, and old industrial equipment that never got an SSH upgrade. Serial mode connects over COM ports to console cables, which is how a lot of network engineers still bring up new hardware.

You can set baud rate, parity, stop bits, and flow control in the same configuration tree. The raw socket option opens a plain TCP connection to any port, useful for poking at services like SMTP or HTTP when you want to type the protocol by hand.

The startup sequence is simple. Type a hostname, pick a protocol, click Open. The first connection to a new host prompts you to accept the host key, which gets cached for future sessions. Subsequent connections just open.

Session profiles and how saved configurations actually work

Each combination of host, port, authentication method, terminal settings, and behavior options can be saved as a named session. You load the session by double-clicking its name in the list. Settings are stored in the Windows registry by default, under HKEY_CURRENT_USER\Software\SimonTatham\PuTTY, which has implications for portability.

This is one of those small details people don’t notice until they need to. If you want to move your sessions to another machine, you export the registry key and import it on the other side.

There’s no built-in export-import wizard, which feels primitive next to richer clients like MobaXterm or Xshell that handle this as a normal menu action. For most users the registry hop is a one-time inconvenience. For people moving between many machines, it’s the kind of thing that pushes them toward a wrapper.

Sessions can also inherit from a Default Settings profile, so if you always want the same font, color scheme, and keyboard layout, you save it to Default once and every new session picks it up.

The companion tools that come bundled

The download includes more than just the main terminal. PuTTYgen generates and converts SSH keys, supporting RSA, DSA, ECDSA, and Ed25519 in both the native .ppk format and the OpenSSH format you’d find on Linux servers.

Conversion between formats is one of the most common everyday tasks, especially when a colleague hands you a key generated on Linux and your PuTTY install needs the .ppk variant.

Pageant is the SSH authentication agent. You add your private key once at the start of your session, type the passphrase, and Pageant holds the decrypted key in memory. Any subsequent SSH connection through PuTTY, pscp, or plink will use Pageant transparently. This is the single biggest quality-of-life feature for anyone who hops between many servers in a day.

Then there’s pscp and psftp for command-line file transfer over SSH, and plink for scripting non-interactive SSH commands from batch files or PowerShell. These don’t replace a real file transfer client (you’d use WinSCP or FileZilla for that), but they’re handy when you need to drop a file onto a server from inside a script.

Key authentication and Pageant for SSH agents

Public-key authentication in PuTTY uses the .ppk format, which is the main format friction with the rest of the Unix world where keys are typically stored in OpenSSH format. PuTTYgen handles conversion both ways with the Conversions menu.

You point a session at a private key file in Connection → SSH → Auth, save the session, and from that point on the connection authenticates against the remote authorized_keys without prompting for a password.

If you load the key into Pageant first, you don’t even need to specify the key file in the session profile, because Pageant offers all loaded keys automatically.

Agent forwarding works the same way SSH agent forwarding works elsewhere. Enable it in the session settings, connect to host A, and from there SSH to host B will use the original key from your local Pageant.

Useful for bastion-host workflows. Worth being deliberate about, because enabling agent forwarding to an untrusted server is a known security risk.

Terminal behavior, fonts, and what it can’t render

The terminal emulates xterm closely enough that most line-oriented programs work without issue. Bash, vim, htop, tmux, screen, nano, mc, ranger, all behave as expected with the right TERM setting. You can customize the terminal font, character set, line drawing, color palette, and how backspace and function keys are encoded.

Where it shows weakness is on modern terminal features like truecolor, sixel graphics, ligatures, or 24-bit color emoji. If you live inside Neovim with a vibrant theme and a programming font with ligatures, PuTTY will render the text correctly but not the visual flourishes. For that kind of work, alternatives that ship with a more modern engine are a better fit. For server administration where readability matters more than aesthetics, this is a non-issue.

Copy-paste follows xterm conventions. Selecting text copies automatically, right-click pastes. Some users find this jarring at first because there’s no Ctrl+C / Ctrl+V (Ctrl+C is reserved for sending the interrupt signal to the remote shell). You get used to it within a day.

Networking extras (tunnels, port forwarding, X11)

Local, remote, and dynamic port forwarding all work from the Connection → SSH → Tunnels panel. Local forwarding lets you connect to a remote service as if it were running on your machine, which is the standard trick for reaching a database that only listens on the loopback interface of the server. Remote forwarding does the reverse.

Dynamic forwarding turns the SSH connection into a SOCKS proxy, handy for routing browser traffic through a remote machine without setting up a VPN.

X11 forwarding is supported if you run an X server on your side (Xming or VcXsrv are the usual ones). Set the display location, enable X11 forwarding in the session, and graphical Linux apps render in a window on your desktop. It works, though performance over slow links is limited by the protocol, not the client.

Keepalive packets, proxy chaining through HTTP or SOCKS, and connection sharing are all in the configuration tree. Connection sharing in particular is useful when you open multiple sessions to the same host, since subsequent connections piggyback on the existing one and skip the SSH handshake.

Where PuTTY shows its age

The interface looks like it was designed in an era when Windows 95 was the reference for what dialog boxes should look like, and it has not changed meaningfully since. That’s not entirely a criticism, since the layout is logical and everything you need is exactly where you’d expect after the first hour. But the lack of tabs, the registry-based session storage, the absence of a built-in connection manager with grouping or color-coding, all feel like missing features in a category where competitors moved on long ago.

There’s also no built-in scripting language. plink lets you wrap PuTTY in batch files, but if you want anything resembling expect-style interaction or session macros, you’ll need third-party tooling or a different client like KiTTY, which is a fork with macros, auto-login scripts, and an integrated chat window baked in.

Conclusion

PuTTY suits administrators, developers, and network engineers who need a dependable terminal client and don’t care about a polished interface. If you spend your day connecting to Linux servers, switches, routers, or serial consoles, it gives you everything required and almost nothing more. The protocol support is thorough, the companion utilities cover the surrounding tasks, and the executable is small enough to drop on a USB stick when you need it on someone else’s machine.

It is not the right pick for someone who wants a single application that bundles terminal, file transfer, session manager, and scripting in one polished frame. For that workflow there are richer commercial and open alternatives.

PuTTY stays minimal on purpose, which is both its biggest virtue and its biggest limitation, depending on what you actually want from a terminal.