PuTTY has a new website
putty.software503 points by GalaxySnail 6 days ago
503 points by GalaxySnail 6 days ago
From the PuTTY FAQ: https://www.chiark.greenend.org.uk/~sgtatham/putty/faq.html#...
Would you like me to register you a nicer domain name?
No, thank you. Even if you can find one (most of them seem to have been registered already, by people who didn't ask whether we actually wanted it before they applied), we're happy with the PuTTY web site being exactly where it is. It's not hard to find (just type ‘putty’ into google.com and we're the first link returned), and we don't believe the administrative hassle of moving the site would be worth the benefit.
I wonder if they changed their mind because Google ceased to be a reliable way to find them.
The first link I get when I searched for "putty" was `putty.org` which, according to the footer: "The PuTTY project or its authors have never owned this domain, registered it, or purchased it."
Nevertheless, I can't consider relying on probabilistic algorithms controlled by 3rd parties to be a wise strategy.
Also, these days, after decades of habit building and a rise in awareness about scam-related stuff, I think people expect to see the name of the project early on in the URL, not in 7th position as it is currently.
> I can't consider relying on probabilistic algorithms controlled by 3rd parties to be a wise strategy.
That's pretty much all of the AI industry and clients.
Pretty much how the whole world works and why ads are multi-trillion dollar business.
Google right now lists the title of putty.org as "PuTTY", even though right now this text is only in the footer. Up until August I guess it provided a download link, but the title was not "PuTTY".
My first 3 matches are https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.ht..., https://www.putty.org/ and https://www.chiark.greenend.org.uk/~sgtatham/putty/
putty.org's page ranking used to be higher.
* https://hachyderm.io/@simontatham/115027646348662282
I suspect that the recent kerfuffle motivated people to finally clean out bogus hyperlinks that casually listed putty.org as the download site, which would have been contributing to inflated page rank up to that point. I found one on a wiki and fixed it, myself, and I'm sure that I was not the only person who went looking.
It's not inconceivable that some Googlers reads here or otherwise and took note to punish that site.
Hmm why punish that site?
Because it's affiliated with _another_ ssh client and there seems to have been various levels of shadyness over time, see previous discussion: https://news.ycombinator.com/item?id=44558328
Assuming he owns the green end.org.uk domain, why not letting people land on putty.greenend.org.uk ?
Your assumption is false, so the question is without proper foundation. GreenEnd's Chiark is owned by Ian Jackson. Simon Tatham is a user on the system, with a home directory. One of a list of such users, including Rachel Coleman and Matthew Garrett.
Google.com > putty > I'm feeling lucky > https://www.chiark.greenend.org.uk/~sgtatham/putty/
It seems almost hostile to users. Why should I need to use some third party tool to find your thing? If you're paying for a domain anyway, pay for a meaningful one.
… Well, I guess that's what they've done. Surely nobody could ever have been this naïve, though; it's not as though Google massaging results into unusable mess is anything new.
> Why should I need to use some third party tool to find your thing?
How else would you find it? By typing domain name guesses into your address bar until you hit the right one? How would you be sure you've hit the right one and not a scammer/squatter?
This is not a particularly easy problem to solve, and I agree that relying on Google to accurately and safely deliver you to the correct web site isn't great either, but I think we'd be much worse off without search engines.
Also a weird choice to go with a nuTLD which may or may not price gouge them in the future leaving them with the choice to either pay up or potentially have someone malicious taking over tons of inbound links.
I barely know what SSH keys are, but last week when I was asked to provide one for an stfp site at work they said create a pair using putty.
Well I googled putty and found a couple different .org domains, one who which said it was legit but not official, and another which said it was official but looked wildly out of date.
Neither one I could find a download for Mac that worked. The one I tried gave a scary “we no longer allow putty sudo access as it’s dangerous” and when I googled this error I could find no explanation to assuage me.
And since I wanted to make sure what I was doing was legit, I searched for alternatives.
Eventually I discovered I could use command line in mac to generate the keys I needed. But first I installed Xcode then ran the command (I used chatgpt to tell me exactly how to get the type and length I needed). It was easy.
Side note, the whole culture of downloading random software and using it with just a single line in a terminal is always sketchy to me too. But I’m not a coder so I’m not used to it.
It is sketchy. :) Your intuition is correct.
The idea is that you will need to put some trust in the project anyway, since you’re trying to install it. Might as well make it easier with a one line install.
Edit: You should only do this if someone reliable tells you to, honestly. Doing this with truly random projects you aimlessly find is not a good idea.
If you hadn’t discovered this already with you mac CLI commands, OpenSSH from OpenSSL ‘ssh-keygen’ command is a good way to create SSH keys in ClI and ships in many OSes or is a lightweight download. The OpenSSL website name is unambiguous, which is a benefit.
https://docs.github.com/en/authentication/connecting-to-gith...
OpenSSH and OpenSSL are completely unrelated projects.
Independent projects but not unrelated since there was a historical dependency from OpenSSH to OpenSSL.
https://serverfault.com/questions/780476/generating-ssh-keys...
My knowledge was a bit outdated by about a decade.
The wikipedia article has links to the official websites, and not to the scams: https://en.m.wikipedia.org/wiki/PuTTY
This is helpful (and something I've used wikipedia for myself) but it's far from ideal since it wouldn't be too hard for someone to edit that page to point to a malicious domain. Not sure if that's happened before, but I can see it as something that could go unnoticed for a quite a while as long as the target site looks legit enough.
That’s the outdated looking website I found that didn’t have mac version. I’m guessing I’m supposed to use the Unix version there?
The website I was sketched out by (but tried it anyway, then got the scary error) was puttygen.com which had me install homebrew (whatever that is) and then do “sudo brew install putty”
I think the main reason you couldn't find a mac version to download is that there is none.
The closest I saw was a .tr.gz file (i.e. a gzipped Tape ARchive) of Unix source code, but A) I don't know of their definition of "Unix" includes OS X / MacOS; and B) judging from your comments here, you don't seem like the type who would want to install software by downloading, decompressing, and compiling source code.
I'm thinking the people who told you to use PuTTY were assuming that you are a Windows user.
Homebrew is a reputable package manager (a.k.a. software installer, for Unix applications on the Mac). That said, I'm pretty sure the version of ssh shipping with the Mac could do the key generation for you so you wouldn't need putty.
Unfortunately the person who owns putty.org started to use it to spread misinformation about vaccines and the pandemic, as you can see on the site today.
This recently [1][2] got a lot of attention on the web and here on HN, along with a post on Mastodon from the author [3]
I imagine trying to disincentivize this and provide another shorter more official looking link is the hope here.
[1] https://www.theregister.com/2025/07/17/puttyorg_website_cont...
> Since 2020 I have been speaking out against the fraudulent pandemic and the intentionally dangerous injections and my experience has been to have been censored and smeared. If you have not heard of me before, that's the reason.
One weird trick to make your insignificance seem significant!
Hilarious how putty.org hasn't been updated, and still has a FINAL WARNING video on the landing page.
Extrapolated to the present time, all of us vaccinated individuals are now suffering the big consequences.
Too bad all nutjobs aren't so easy to disprove by simply taking a single large breath. :)
Did putty.org once link to the putty software? Or an alternative SSH client? Why did the site ever become popular?
I'm trying to grok this, but all of the posts sort of obliquely refer to things that happened in the past (even the old HN links here), rather than explicitly just explain what the hell happened.
It used to link to Putty _and_ to the domain owner's competing software:
https://web.archive.org/web/20170822083048/http://www.putty....
The domain owner seems to feel he was providing a service to putty by providing the short domain name and feels slighted that they are moving to have their own now that he is taking actions that they find more objectionable than just also linking to his competitor, but to be honest it always seemed some unethical squatting to me, based on the Putty devs not having the time to complete a UDRP process.
This seems similar to the Notepad++ team using their platform to promote political viewpoints.
The same thing happened with Facebook "pages", when they became a personal "soap box" by the owner of the page. It was downhill from there... You might as well turn the whole web into FB/Twitter/X/Insta promotional spam at that point.
It's not at all similar, and that doesn't have anything to do with the quality or lack thereof of the viewpoints.
The Notepad++ site is run by the authors and reflects their stance. Putty.org is run by an outside party who hijacks the reputation of the PuTTY project to push their agenda.
It's one thing to say "stand with Ukraine", and an entirely different thing to spread vaccine misinformation...
Sure, one is virtue signalling while the other has the potential of actually helping someone stay safe.
[dead]
That’s not how discourse works imho. Yeadon is making extraordinary claims, so the burden of explaining and backing up those claims should be on them, not on us. Until they do, there’s no point in addressing their concerns.
> Unfortunately the person who owns putty.org
> started to use it to spread misinformation
> about vaccines and[...]
Instead it's just some guy's website clearly unrelated to PuTTY. He's even gone out of his way to point people looking for PuTTY in the right direction. Who cares what his opinion is about anything else?
[flagged]
Argument from authority is not particularly strong. The information on putty.org is considered misinformation by the vast majority of professionals in the field of infectious diseases.
I thought it was argument from expertise? And while you’re on the topic of epistemology truth isn’t determined by how common an idea is.
He's not an expert on vaccines or infectious disease and pushed known provably false narratives during the pandemic.
I don't think being a medical and phramaceutical expert disqualifies him speaking about vaccines, do you?
"God has all positive properties. Existing is a positive property. Therefore God exists."
Amazing things happen when you crank up the level of simplification.
This is the modern world that we live in. If being “Vice President and Worldwide Head of Research in allergic and respiratory diseases at Pfizer” with 25 years of career does not qualify to talk about vaccines (in the context of of Covid, I assume because I do not know him or the videos), I frankly don’t know what does
Like being an expert in virology and vaccine therapies for example. Or being boots on the ground rather than a bean counter. Really doesn't take that much imagination now, does it? Or is this "modern world that we live in" this anemic on imagination power?
I'm sure we can then find experts with those kinds of qualifications who also pushed covid misinformation (or to use more old-school terms, straight up fucking lies and unfounded, conspiratorial speculations) and held minority opinions.
Then we can lament on how having a minority opinion means your opinion is definitely being unjustly oppressed, as opposed to justly oppressed, which somehow we'll not be able to produce an example for. Does that really matter though if we can just pretend that we do have an example, or even believe outright we do and just not agree?
Or maybe we can lament on how just blindly trusting either authority or expertise is possibly not the most solid idea in the world. As if we actually had the option to do otherwise at scale, even in the best case scenario, and all people were magically equal and equipped to do so.
Humans and their unattainable reasoning ability. Oh the modern world. Yeah right.