33 comments

[ 3.2 ms ] story [ 83.8 ms ] thread
Which one would you recommend nowadays, PuTTY or (the fork) KiTTY?
openssh
I second that. The latest versions of Windows even have OpenSSH included.
Neither, try Mobaxterm if on Windows.
Convenient for the built-in Xserver, but not open source.
Termius has some nice features - questionable since it's closed-source.
If you have a recent version of Windows, the copy of OpenSSH you get with Bash for Windows would be ideal, as you then use the same tools everyone else does eliminating the Putty specific setup and terminal emulation bugs Windows devs generally need to go through. If you really need to use it, stick with Putty, as even then you benefit from other people having the same setup steps and experience, and as such common issues are more likely to be resolved.

Side thought: why doesn’t Putty follow a more normal setup and configuration process, i.e. why does it have its own private key format and tooling around that instead of using standards?

I've always assumed that PuTTY used its own private key format because the OpenSSH one was terrible until about 2013.

See eg https://latacora.singles/2018/08/03/the-default-openssh.html (which is from 2018, but I think the weakness has been well known for a long time).

"Bash for windows" are you referring to WLS?
Ahh good point, yes I mean WSL, not the extra tools that come with Git on Windows.
Ssh is now part of Windows, I haven't used Putty since.
Are you referring to OpenSSH via WSL or the Windows port of OpenSSH? Latter I thought was still in development.

Just checked Windows 10 1803 and it appears to be installed by default on my work Windows machine. Nice!

> why doesn’t Putty follow a more normal setup and configuration process

Putty is ancient. It was perfectly normal c.1999.

WSL lacks compatibility with devices such as YubiKeys, unfortunately.
I couldn't find a terminal emulator I liked for WSL so now I use PuTTY SSHed to localhost to login to WSL...
I really like openssh under cygwin on Windows.

Having a ~/.ssh/config file has been a lot easier to work with than PuTTY's list box of hosts, and I can share my config across my Linux & Mac boxes.

For serial port connections, PuTTY is fantastic. Thank you Simon!

Same for me, cygwin is a godsend, and has been for a long time.
You might want to check out WSL; it has the exact same convenience as cygwin, but is now coming direct from Microsoft.
One day I will probably have to do that. Until then, I'm sticking with cygwin. If it ain't broke...
On Windows I've switched to the Bitvise SSH Client. SFTP built-in, keygen and manager built in, RDP support (creates tunnel, spawns Remote Desktop client automatically).

Then again I'm not dealing with anything mission critical, so it not being open source doesn't bother me too much.

At that cost I’d just go with Secure CRT.
Client is free. Their SSH server is free for personal, non-commercial use.
Oh didn’t see that. Never mind.
On Win 10, install WSL and use the ssh client there. If I have to use a win box as a workstation I never use Putty if I have that option.
While it's not free, so IDK if it's acceptable to you, I highly recommend XShell and XFtp. They are so good, I even miss them under Lunux. To be more specific, some features I like most. 1) Rich window layout options, very important for my comfort 2) Edit multiple connections at once 3) Group connections in folders
At work (win 7), I use SSH which comes with git-bash.
Compare for yourself. Only you know your workflow issues well enough to judge. PuTTY and WinSCP make a goood combo, and MobaXterm is okay, but I prefer and use SecureCRT. SecCRT has some competition I haven’t tried but it’s the best I’ve seen so far.
(comment deleted)
The linked page doesn't list details on the security vulnerabilities but the mailing list announcement does: https://lists.tartarus.org/pipermail/putty-announce/2019/000...

Most major seems to be this: A malicious server could trigger a buffer overrun by abusing the RSA key exchange protocol. This would happen before host key verification, so even if you trust the server you intended to connect to, you would still be at risk.