What is it?
PuTTY is an SSH client for Windows. SSH, or “Secure SHell” is a method of connecting to computers remotely and accessing the command line. This allows you to run programs and scripts on the remote server.
The connection is strongly encrypted which means that everything you type and everything that is sent back to you cannot be read by anyone else while it is in transit. This is particularly important to protect your password when you are logging in so no-one else can see what it is and then log in as you.
Downloading PuTTY
PuTTY is available from http://www.chiark.greenend.org.uk/~sgtatham/putty/. Go to the Download page and choose the Installer, which will put the executables in your Program Files folder and add items to the Start menu.
Connecting to a server
Once you have installed PuTTY, find it on the Start menu and run it. You can then enter the hostname you wish to connect to and click Open. The first time you do this for a particular server, you will be presented with a security alert. This lets you know that because you’ve never connected to that computer before, you don’t have a copy of the server’s secure fingerprint. Click “Yes” to add the fingerprint to your cache. This will meant that your computer then trusts the computer to which you are connecting.
If the key ever changes, that means that you may not be connecting to the same computer and you should exercise caution. It may be that another machine is pretending to be the server you wanted to connect to. It could also mean that the server has been upgraded and the key has been changed. You should check with your system administrator if you’re not sure.
You will now be prompted for your username and password. Type these in to connect to the server. Note that you will not see any characters appear when you type your password. This is normal.
Changing your password
The first time you log into the system, you should change your password so that only you know it.
Make sure you choose something that you will remember, but won’t be easily guessed by others. Ideally it should not be the same password you use on another system. It should not be a dictionary word as it is trivial for an attacker to try logging in as you by running through all the words in the dictionary. It’s generally best to use a mix of lowercase, uppercase, numbers and symbols. You may want to come up with a phrase and use the initial letters of each word as your password or find some other way of coming up with a password that is easy for you to remember but hard for others to guess. Make sure it is at least 10 characters long. The longer the password, the longer it will take on average for an attacker to guess it.
Once you have come up with a good password, you can set it with the “passwd” command like so:
[username@hostname ~]$ passwd
Changing password for user username.
Changing password for username.
(current) UNIX password:
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[username@hostname ~]$
Again, the password will not appear on the screen when you type it.
Disconnecting from the server
When you have finished using your SSH connection, you should not just close the window. This is likely to leave processes running on the server. You should instead logout with the “exit” command.
Transferring files
To transfer files to and from the server, use a separate program such as WinSCP, a walkthrough for which is available here.