PuTTY is a free implementation of SSH and Telnet for Windows and Unix
platforms, along with an
xterm terminal emulator. It is
written and maintained primarily by
The latest version is 0.72. Download it here.
LEGAL WARNING: Use of PuTTY, PSCP, PSFTP and Plink is illegal in countries where encryption is outlawed. We believe it is legal to use PuTTY, PSCP, PSFTP and Plink in England and Wales and in many other countries, but we are not lawyers, and so if in doubt you should seek legal advice before downloading it. You may find useful information at cryptolaw.org, which collects information on cryptography laws in many countries, but we can't vouch for its correctness.
Use of the Telnet-only binary (PuTTYtel) is unrestricted by any cryptography laws.
2019-07-20 PuTTY 0.72 released
PuTTY 0.72, released today, is a bug-fix release. It fixes a small number of further security issues found by the 2019 EU-funded HackerOne bug bounty, and a variety of other bugs introduced in 0.71.
2019-07-08 Bug bounty concluded
The EU-funded bug bounty programme is now closed. Many thanks to everybody who sent in reports!
Anyone with a vulnerability to report should now go back to reporting it in the old way, via email to the PuTTY team, as described on the Feedback page. If you think it needs to be reported confidentially, encrypt it with our Secure Contact Key.
2019-03-25 Bug bounty continues
This year's EU-funded bug bounty programme is still running. It was originally scheduled to end on 7th March, but there was money left over in the budget. So while that money lasts, you still have a chance to earn some by finding vulnerabilities in PuTTY 0.71 or the development snapshots!
As before, vulnerabilities should be reported through the HackerOne web site in order to qualify for a bounty: if you send reports directly to the PuTTY team in the usual way, then we'll still fix them, but we can't provide money for them.
2019-03-16 PuTTY 0.71 released
PuTTY 0.71, released today, includes a large number of security fixes, many of which were found by the recent EU-funded HackerOne bug bounty. There are also other security enhancements (side-channel resistance), and a few new features. It's also the first release to be built for Windows on Arm.
2019-01-18 EU bug bounty for finding vulnerabilities in PuTTY
From now until 7th March, you can earn money by reporting security vulnerabilities in PuTTY!
HackerOne is running a bug bounty programme for PuTTY, funded by the European Union as part of the ‘Free and Open Source Software Audit’ project (EU-FOSSA 2). If you report a vulnerability through their web site, it may qualify for a bounty. (The exact amount will depend on how serious the problem is, and there's also a bonus for providing a patch that fixes it.)
For more details, or if you have something to report, see the link above.
(Please note that HackerOne will only consider vulnerabilities reported to them. If you send a report directly to the PuTTY team in the usual way, then of course we'll still fix it, but we can't also arrange for you to get paid.)
2018-08-25 GPG key rollover
This week we've generated a fresh set of GPG keys for signing PuTTY release and snapshot builds. We will begin signing snapshots with the new snapshot key, and future releases with the new release key. The new master key is signed with the old master keys, of course. See the keys page for more information.
2017-07-08 PuTTY 0.70 released, containing security and bug fixes
PuTTY 0.70, released today, fixes further problems with Windows DLL hijacking, and also fixes a small number of bugs in 0.69, including broken printing support and Unicode keyboard input on Windows.