mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-25 09:12:24 +00:00
35bdd95a56
added an introduction to public key authentication, and made a couple of changes in intro.but. Transatlantic flights have some uses after all. [originally from svn r1146]
137 lines
6.3 KiB
Plaintext
137 lines
6.3 KiB
Plaintext
\C{gs} Getting started with PuTTY
|
||
|
||
This chapter gives a quick guide to the simplest types of
|
||
interactive login session using PuTTY.
|
||
|
||
\H{gs-insecure} Starting a session
|
||
|
||
When you start PuTTY, you will see a dialog box. This dialog box
|
||
allows you to control everything PuTTY can do. See \k{config} for
|
||
details of all the things you can control.
|
||
|
||
You don't usually need to change most of the configuration options.
|
||
To start the simplest kind of session, all you need to do is to
|
||
enter a few basic parameters.
|
||
|
||
In the \e{Host Name} box, enter the Internet host name of the server
|
||
you want to connect to. You should have been told this by the
|
||
provider of your login account.
|
||
|
||
Now select a login protocol to use, from the \e{Protocol} buttons.
|
||
For a login session, you should select Telnet, Rlogin or SSH. See
|
||
\k{which-one} for a description of the differences between the three
|
||
protocols, and advice on which one to use. The fourth protocol,
|
||
\e{Raw}, is not used for interactive login sessions; you would
|
||
usually use this for debugging other Internet services.
|
||
|
||
When you change the selected protocol, the number in the \e{Port}
|
||
box will change. This is normal: it happens because the various
|
||
login services are usually provided on different network ports by
|
||
the server machine. Most servers will use the standard port numbers,
|
||
so you will not need to change the port setting. If your server
|
||
provides login services on a non-standard port, your system
|
||
administrator should have told you which one. (For example, many
|
||
MUDs run Telnet service on a port other than 23.)
|
||
|
||
Once you have filled in the \e{Host Name}, \e{Protocol}, and
|
||
possibly \e{Port} settings, you are ready to connect. Press the
|
||
\e{Open} button at the bottom of the dialog box, and PuTTY will
|
||
begin trying to connect you to the server.
|
||
|
||
\H{gs-hostkey} Verifying the Host Key (SSH only)
|
||
|
||
If you are not using the SSH protocol, you can skip this section.
|
||
|
||
If you are using SSH to connect to a server for the first time, you
|
||
will probably see a message looking something like this:
|
||
|
||
\# FIXME: copy the real message from the host key dialog
|
||
|
||
This is a feature of the SSH protocol. It is designed to protect you
|
||
against a network attack known as \e{spoofing}: secretly redirecting
|
||
your connection to a different computer, so that you send your
|
||
password to the wrong machine. Using this technique, an attacker
|
||
would be able to learn the password that guards your login account,
|
||
and could then log in as if they were you and use the account for
|
||
their own purposes.
|
||
|
||
To prevent this attack, each server has a unique identifying code,
|
||
called a \e{host key}. These keys are created in a way that prevents
|
||
one server from forging another server's key. So if you connect to a
|
||
server and it sends you a different host key from the one you were
|
||
expecting, PuTTY can warn you that the server may have been switched
|
||
and that a spoofing attack might be in progress.
|
||
|
||
PuTTY records the host key for each server you connect to, in the
|
||
Windows Registry. Every time you connect to a server, it checks that
|
||
the host key presented by the server is the same host key as it was
|
||
the last time you connected. If it is not, you will see a warning,
|
||
and you will have the chance to abandon your connection before you
|
||
type any private information (such as a password) into it.
|
||
|
||
However, when you connect to a server you have not connected to
|
||
before, PuTTY has no way of telling whether the host key is the
|
||
right one or not. So it gives the warning shown above, and asks you
|
||
whether you want to trust this host key or not.
|
||
|
||
Whether or not to trust the host key is your choice. If you are
|
||
connecting within a company network, you might feel that all the
|
||
network users are on the same side and spoofing attacks are
|
||
unlikely, so you might choose to trust the key without checking it.
|
||
If you are connecting across a hostile network (such as the
|
||
Internet), you should check with your system administrator, perhaps
|
||
by telephone or in person. (Some modern servers have more than one
|
||
host key. If the system administrator sends you more than one
|
||
fingerprint, you should make sure the one PuTTY shows you is on the
|
||
list, but it doesn't matter which one it is.)
|
||
|
||
\# FIXME: this is all very fine but of course in practice the world
|
||
doesn't work that way. Ask the team if they have any good ideas for
|
||
changes to this section!
|
||
|
||
\H{gs-login} Logging In
|
||
|
||
After you have connected, and perhaps verified the server's host
|
||
key, you will be asked to log in, probably using a username and a
|
||
password. Your system administrator should have provided you with
|
||
these. Enter the username and the password, and the server should
|
||
grant you access and begin your session. If you have mistyped your
|
||
password, most servers will give you several chances to get it
|
||
right.
|
||
|
||
If you are using SSH, be careful not to type your username wrongly,
|
||
because you will not have a chance to correct it after you press
|
||
Return. This is an unfortunate feature of the SSH protocol: it does
|
||
not allow you to make two login attempts using different usernames.
|
||
If you type your username wrongly, you must close PuTTY and start
|
||
again.
|
||
|
||
If your password is refused but you are sure you have typed it
|
||
correctly, check that Caps Lock is not enabled. Many login servers,
|
||
particularly Unix computers, treat upper case and lower case as
|
||
different when checking your password; so if Caps Lock is on, your
|
||
password will probably be refused.
|
||
|
||
\H{gs-session} After Logging In
|
||
|
||
After you log in to the server, what happens next is up to the
|
||
server! Most servers will print some sort of login message and then
|
||
present a prompt, at which you can type commands which the server
|
||
will carry out. Some servers will offer you on-line help; others
|
||
might not. If you are in doubt about what to do next, consult your
|
||
system administrator.
|
||
|
||
\H{gs-logout} Logging Out
|
||
|
||
When you have finished your session, you should log out by typing
|
||
the server's own logout command. This might vary between servers; if
|
||
in doubt, try \c{logout} or \c{exit}, or consult a manual or your
|
||
system administrator. When the server processes your logout command,
|
||
the PuTTY window should close itself automatically.
|
||
|
||
You \e{can} close a PuTTY session using the Close button in the
|
||
window border, but this might confuse the server - a bit like
|
||
hanging up a telephone unexpectedly in the middle of a conversation.
|
||
We recommend you do not do this unless the server has stopped
|
||
responding to you and you cannot close the window any other way.
|