[We need to finally settle on a logo]
... although we have done fine without one for years and years

PMMan Putty settings

The following is a panel by panel walkthrough of setting putty options under Windows (there is also a Linux varaint) for use with PMMan. To some part this writeup shows the preferences of the author, but it also provides a series of setting to 'check off' from a working configuration in the case of problems. Click any left side image for a larger screenshot in a new panel.


putty_options
putty_options-1

Initial Putty startup screen

When started, or a 'New session' is requested, putty starts up with this screen, to permit specification of the host profile to connect to. It ships with a 'Default Settings' profile, and in this computer, we had previously also added a 'windows keying' stored session profile. By adding a startup option in the properties of a GUI shortcut link, one may directly open a remote session with a pre-set profile.


putty_options
putty_options-2

Select a 'stored session' profile

We start by highlighting a 'stored session' profile. It is usually a better practice to NOT tamper with the 'Default Settings' to avoid encountering some strange and unexpected collection of settings when moving from work-station to workstation with differing local installs.


putty_options
putty_options-3

Load that 'stored session' profile

We then use the 'Load' button to move a copy of that 'stored session' profile into the working configuration area of putty. The single line box above the list of possible profiles, and optioanlly, the 'Host Name (or IP address)' will then display content. The top one may remain empty, if the profile is not particular to a given host.


putty_options
putty_options-4

Logging

We choose to turn up logging levels during initial or diagnostic setup, so that we can see what is not working more easily. It may be restored to the default of 'None' once all is working properly. We did not choose to add the optional values for the log file naming, so that the system would generate unique log file names, and as such, we are promoted sometimes about over-writing an older log file.


putty_options
putty_options-5

Terminal emulation details

No changes here


putty_options
putty_options-6

Terminal emulation - Keyboard options

No changes here, although die hard-Unix fiends may want to set CTRL-h up like a reasonable terminal should behave.


putty_options
putty_options-7

Terminal emulation - Bell behaviour

No changes here


putty_options
putty_options-8

terminal emulation - Advanced features

No changes here


putty_options
putty_options-9

Terminal panel window options - Main

Simply to demonstrate the option, we lock the terminal to the old 'green screen' 80 columns by 24 lines. We also dial up the number of lines in the scrollback buffer to 1000 from the more frugal 200 which putty uses as its default.


putty_options
putty_options-10

Window - Appearance options

We changed the font to a fixed width font, and accept the largest available offered font size


putty_options
putty_options-11

Window - Behaviour of the panel

We add a custom panel title bar


putty_options
putty_options-12

Window - Character set related

We clearly make a change here -- the UTF-8 character set has fairly universal support at this point, and we change accordingly.


putty_options
putty_options-13

Window - 'copy and paste' selection behaviour

No changes here


putty_options
putty_options-14

Window - Color handling options

No changes here


putty_options
putty_options-15

Connection optons - General

We set the value for keepalives to a value that will send such traffic every 900 seconds (15 minutes) to hold upen a connection through most common NAT and firewalling software's timeout intervals (from experimentation, usually at least 20 minutes). We also enable this feature in the lower checkbox.


putty_options
putty_options-16

Connection - login USERID setting

This one is important and hard to find. We have to force putty to send the userid, rather than querying for it. Once you are accustomed to the program, it is able to be reset to an empty field, and let the initial connection time prompt ask which of the userid's on your virtual instance you wish to connect as.


putty_options
putty_options-17

Connection -- Proxy options

No changes here.


putty_options
putty_options-18

Connection - Telnet

As we are not using 'telnet' we have no changes here.


putty_options
putty_options-19

Connection - Rlogin

As we are not using 'rlogin', we have no changes here.


putty_options
putty_options-20

Connection - SSH general options

This panel covers SSH, as do its children, and have many options we consider. First, and as a matter of housekeeping, we only enable SSH version 2, and so it is safe but not required to choose the checkbutton for '2 only'


putty_options
putty_options-21

Connection - SSH

As the next step, we simply clicked the '+' sign on the left to expand the sub-options


putty_options
putty_options-22

Connection - SSH Key Exchange 'Kex' options

We set values for faster new key exchange as a matter of making the task of a holder of a session capture file's life more difficult. As a practical matter, it probably is not a material set of changes


putty_options
putty_options-23

Connection - SSH authentication options

In reverse order from the bottom up, we enable the manuall setting of the 'userid' (here, called 'username' for some reason), and navigate in the 'Browse' box to one of the two SSH-2 kets -- RSA or DSA -- that we previously generated with the 'ssh-genkey' program. Recall that on the conventional Windows setup, these keys are stored by default in the folder: Documents in a sub-folder called: ssh-keys We select the key with the .ppk ('putty private key') extension.

At connection time, because the local public key is not used, it does not need to know the name or location of it. Recall that private keys are always protected by a 'pass phrase' by careful systems administrators. While this cannot make it imposible to be compromised, use of a strong pass phrase does help rule out prying eyes that fall into possession of a image backup of your system from being able to use those private keys.

Particularly, if there is a 'keylogger' such as the FBI is alleged to have used in their investigations, or a similar facility somehow added to the backgournd programs run on your system, but reporting to a third-party, it is possible to identify unusual but repeated strings such as passwords, or pass phrases in log files. Counter-techniques include the use of 'one time passwords' ('OTP') as from a hardware device.


putty_options
putty_options-24

Connection - SSH Remote terminal settings

No changes here.


putty_options
putty_options-25

Connection - SSH X11 forwarding

No changes here.


putty_options
putty_options-26

Connection - Tunnels

No changes here.


putty_options
putty_options-27

Connection - SSH bug workarounds

No changes here.


putty_options
putty_options-28

Connection - SSH serial line options

No changes here.


putty_options
putty_options-29

Putty options save

Click back to the top of the options setting menu, preparatory to saving this updated profile.


putty_options
putty_options-30

Putty - options save

... and select the 'Save' button to commit the changes.


putty_options
putty_options-31

Testing the new settings

... and so we have a saved set of options which should work to properly reach a virtual instance. As we noted above, the log file is not uniquely named with this group of settings, and so we are prompted as to the possible over-write of data. We actually chose 'yes' and proceed here.


putty_options
putty_options-32

Making a connection .. a client side question

When putty then goes to use the private key, it finds that key is protected with a pass phrase. We supply it (note that as that pass phrase is typed, it does NOT echo to the screen, to prevent leaking a hint to a 'shoulder surfer' as to the length of that pass phrase.)


putty_options
putty_options-33

We're in

We have a root console at the remote host, and can display its IP, the date, and such. Of course, one can then log out in the regular fashion as well.



[  Top  |  About  |  Pricing  |  Sign Up  |  LOG ON  |  Tour  |  News  |  Support  |  Media  |  Site Map  |  EULA  |  Legal  |  DMCA  |  Contact  ]

Copyright © 2009 .. 2013 PMMan.com, a division of 781 Resolution, LLC