How to Use PuTTY to Connect to Your Server via SSH

PuTTY is a free SSH client for Windows. You type in a server address, it opens an encrypted connection, and you get a command-line terminal on that server. It’s been around since 1999 and it’s still the most widely used SSH client on Windows, mainly because it works, it’s simple, and it handles everything from basic password logins to key-based authentication and port forwarding.

If you manage a web server, a VPS, or a hosting account that provides SSH access, PuTTY is how you connect from a Windows machine. This guide covers installation, configuration, key-based authentication, and how to save sessions so you don’t have to re-enter connection details every time.

Installing PuTTY#

Download PuTTY from the official site at putty.org. You’ll see two options:

The MSI installer (recommended) installs PuTTY along with its companion tools: PuTTYgen (key generator), Pageant (SSH key agent), PSCP (command-line file copy), and PSFTP (command-line SFTP client). These are useful as you get more comfortable with SSH.

The standalone executable is just putty.exe with no installation required. Useful if you’re on a machine where you can’t install software, but you miss out on the companion tools.

Download the 64-bit x86 MSI installer (the right choice for virtually all modern Windows machines), run it, and click through the installer. The defaults are fine.

Note for Windows 10/11 users: Windows has a built-in SSH client accessible from PowerShell or Command Prompt ( ssh user@hostname ). If you’re comfortable with the command line, you may not need PuTTY at all. PuTTY’s advantage is its graphical interface for managing saved sessions, key files, and connection settings, which is convenient if you connect to multiple servers regularly.

Connecting with a password#

The simplest way to use PuTTY: connect with a username and password.

1. Open PuTTY. The configuration window appears immediately.
2. In the Host Name field, enter your server’s IP address or hostname (e.g., 203.0.113.50 or server.example.com ).
3. Port should be 22 (the default SSH port). If your host uses a different port, change it here.
4. Connection type should be set to SSH.
5. Click Open.

The first time you connect to a server, PuTTY shows a security alert about the server’s host key. This is normal. PuTTY is telling you it hasn’t seen this server before and asking you to verify its identity. Click Accept to continue. PuTTY stores the host key so you won’t see this prompt again for the same server.

A terminal window opens. Enter your username when prompted, then your password. You’re now connected.

Saving sessions#

Re-entering the hostname and port every time is tedious if you connect frequently. PuTTY lets you save connection profiles.

1. Fill in the Host Name, Port, and any other settings you want.
2. In the Saved Sessions field (below the hostname), type a name for this session (e.g., “Production Server” or “Hostney Account”).
3. Click Save.

Next time you open PuTTY, your saved session appears in the list. Select it, click Load to populate the settings, then click Open to connect.

Any setting you configure (font size, terminal colors, key files, port forwarding) is saved with the session when you click Save. Get your session configured once, save it, and you’re set.

Connecting with SSH keys (recommended)#

Passwords work, but key-based authentication is both more secure and more convenient. Instead of typing a password each time, your SSH client proves its identity using a cryptographic key pair: a private key (which stays on your machine and is never shared) and a public key (which is installed on the server).

Generating a key pair with PuTTYgen

If you installed PuTTY with the MSI installer, you have PuTTYgen.

1. Open PuTTYgen (search for it in the Start menu).
2. At the bottom, select RSA as the key type and set the bit count to 4096 (stronger than the default 2048).
3. Click Generate. Move your mouse around the blank area to generate randomness. PuTTYgen uses your mouse movements as entropy for key generation.
4. Once generated, you’ll see the public key in the text area at the top.
5. Optionally set a passphrase. This encrypts your private key file so that even if someone steals the file, they can’t use it without the passphrase. Recommended for production servers.
6. Click Save private key. Save it somewhere secure (e.g.,  C:\Users\YourName\.ssh\myserver.ppk ). This is your  .ppk  file, PuTTY’s proprietary key format.
7. Copy the public key text from the top of the window. You’ll need to add this to your server’s  ~/.ssh/authorized_keys  file.

Adding the public key to your server

Connect to your server with a password (one last time) and run:

mkdir -p ~/.ssh
chmod 700 ~/.ssh
nano ~/.ssh/authorized_keys

Paste the public key on a single line, save, and set permissions:

chmod 600 ~/.ssh/authorized_keys

Configuring PuTTY to use the key

1. Open PuTTY and load your saved session (or enter the hostname).
2. In the left panel, navigate to Connection > SSH > Auth > Credentials.
3. In the Private key file for authentication field, click Browse and select your  .ppk  file.
4. Go back to Session in the left panel.
5. Click Save to store the key file path with your session.
6. Click Open to connect.

PuTTY will authenticate using your key. If you set a passphrase, you’ll be prompted for it. If not, the connection opens immediately with no password prompt.

Using Pageant for key management

If you connect to multiple servers with different keys, or you don’t want to enter your passphrase every time, use Pageant (installed with PuTTY).

1. Open Pageant (it appears as a small icon in your system tray).
2. Right-click the icon and select Add Key.
3. Select your  .ppk  file and enter the passphrase once.
4. Pageant holds the decrypted key in memory for the duration of your Windows session.

Now PuTTY (and PSCP, PSFTP, and any other PuTTY tools) will automatically use the key from Pageant without prompting for a passphrase. When you log off or restart Windows, Pageant clears the keys from memory.

Connecting to your Hostney hosting account#

Hostney provides SSH access on every hosting plan with built-in key management. You can generate keys directly from the control panel, download them in PuTTY format, and connect, no PuTTYgen required.

Generate an SSH key

1. Sign in at my.hostney.com
2. Navigate to Security > SSH keys
3. In the “Add SSH key” section, enter a name for the key (e.g., “Work laptop”)
4. Optionally set a password to protect the key (recommended). You can use the generate button to create a strong random password.
5. Click Generate key

Download the PuTTY key

Once generated, the key appears in your key list. Click the dropdown menu on the key card and select PuTTY key. This downloads the key in .ppk format, ready for PuTTY. No conversion needed.

You can also download the Private key (OpenSSH format, for Linux/macOS terminals) or copy the Public key if you need it for other servers.

Find your connection details

From the same dropdown menu on any SSH key, select SSH credentials. This shows:

• Hostname (e.g.,  server.hostney.net )
• Username (your account username)
• Port (22)
• A ready-to-copy SSH command

You can also find this information under your account’s Server information panel.

Connect with PuTTY

1. Open PuTTY
2. Enter the hostname from your SSH credentials
3. Port 22
4. In the left panel, go to Connection > SSH > Auth > Credentials
5. Browse to the  .ppk  file you downloaded from Hostney
6. Go back to Session, enter a name in Saved Sessions, and click Save
7. Click Open
8. Enter your username when prompted

You’re connected. No password needed since the SSH key handles authentication.

Or skip PuTTY entirely: web terminal

Hostney also provides a browser-based terminal accessible from the control panel. From your SSH credentials panel, click the Terminal button and you get a full SSH session in your browser, no PuTTY, no key files to manage, no client software to install. It connects using your account credentials automatically.

The web terminal is useful for quick tasks. For longer sessions or if you prefer a desktop application, PuTTY with your downloaded key is the better option.

Restrict key access by IP

For additional security, you can restrict each SSH key to specific IP addresses. From the key’s dropdown menu, select Manage IP addresses and add the IPs or CIDR ranges that should be allowed to use this key. The key won’t work from any other address.

This is useful if you always connect from the same office or VPN. Supports IPv4, IPv6, and CIDR notation (e.g., 10.0.0.0/24 or 2001:db8::/32 ). Leave it empty to allow connections from any IP.

Useful PuTTY features#

Copy and paste

PuTTY’s copy/paste works differently from most Windows applications:

• Copy: Select text with your mouse. That’s it. Selected text is automatically copied to the clipboard.
• Paste: Right-click anywhere in the terminal window.

No Ctrl+C or Ctrl+V. Ctrl+C in a terminal sends an interrupt signal (kills the running command), so PuTTY avoids overloading that shortcut.

Changing terminal appearance

Go to Window > Appearance in the PuTTY settings to change the font and size. The default is 10pt Courier New, which is small on modern high-resolution displays. Try 12pt or 14pt Consolas or Cascadia Mono for better readability.

Under Window > Colours, you can customize the background and text colors. Save your changes with the session so they persist.

Keeping connections alive

SSH connections can drop if there’s no activity for a while (usually because a firewall or NAT gateway closes idle connections). To prevent this:

1. Go to Connection in the left panel.
2. Set Seconds between keepalives to  60 .
3. Save the session.

PuTTY will send a small packet every 60 seconds to keep the connection alive.

Port forwarding (SSH tunnels)

PuTTY can forward local ports through the SSH tunnel to reach services on the remote server. This is commonly used to access database servers, admin panels, or internal services that aren’t exposed to the internet.

In PuTTY: go to Connection > SSH > Tunnels. Enter a local port (e.g., 3306 ), the destination (e.g., 127.0.0.1:3306 ), and click Add. Now connecting to localhost:3306 on your machine routes through the SSH tunnel to the remote server’s MySQL.

How SSH encryption works#

When PuTTY connects to your server, a multi-step encryption process happens in the background:

Key exchange. The client and server agree on a shared secret using an algorithm like Diffie-Hellman. This happens over the unencrypted connection, but the math is designed so that anyone eavesdropping can’t derive the shared secret from the exchanged messages.

Session encryption. The shared secret generates a symmetric session key. All data from this point forward is encrypted with this key using a fast cipher (typically AES-256). Symmetric encryption is efficient enough to handle large data transfers in real time.

Server authentication. The server presents its host key. PuTTY checks this against its stored list of known hosts (the security alert you see on first connection). This prevents man-in-the-middle attacks where someone impersonates your server.

Client authentication. You prove your identity, either by entering a password (encrypted by the session key) or by signing a challenge with your private SSH key. Key-based authentication is stronger because the private key never leaves your machine; only a mathematical proof is sent.

Data integrity. Every packet includes a message authentication code (MAC) that the recipient verifies. If a single bit is altered during transmission, the MAC check fails and the packet is rejected. This prevents tampering with commands or data in transit.

The entire process takes about a second. By the time you see the login prompt, the encrypted tunnel is already established and everything you type travels through it.

For more information about PuTTY’s features, check out the official PuTTY documentation.

Try Hostney web hosting free for 14 days. Every plan includes SSH access, key management from the control panel, a browser-based terminal, and per-key IP restrictions.