PuTTY wish ssh-proxy

This is a mirror. Follow this link to find the primary PuTTY web site.

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Snapshot | Docs | Changes | Wishlist

summary: In-process proxy SSH connections (like OpenSSH's -J/ProxyJump)
class: wish: This is a request for an enhancement.
difficulty: tricky: Needs many tuits.
priority: medium: This should be fixed one day.
fixed-in: 4d1b125885e469e41c78772bb493f68f66199324 (0.77)

The ability to connect to an SSH server 'A' by first making an SSH connection to an intermediate server 'B' (sometimes called a 'bastion' or 'jump host'), and using that connection to open a tunnel to A's SSH server port.

This is already possible in PuTTY using the 'Local' proxy type with a command (specified in the 'Proxy hostname' field) like 'plink -batch %proxyhost -nc %host:%port', but it's fiddly – requiring the separate Plink executable to be installed and identified – and doesn't allow you to interact with the intermediate host, for instance to enter a password.

Having a single PuTTY instance manage both SSH connections would make it possible to avoid these problems. (This is similar to what OpenSSH has implemented since 7.3 with its -J / ProxyJump feature.)

December 2021: this is now available as the "SSH" option on the "Proxy" tab, and is feature-complete. Interactive authentication prompts are fully supported, even if you have to enter one password or key passphrase to authenticate to the proxy and then a second for the real server (or even more than that, if you have a many-hop setup). Host keys can be confirmed in sequence in a similar way. PuTTY announces which host it's about to give you auth prompts for.

(An earlier version available in development snapshots from May 2021 did not support interacting with intermediate hosts; the limitations of this intermediate version are well described in the initial commit message.)

If you want to comment on this web site, see the Feedback page.
Audit trail for this wish.
(last revision of this bug record was at 2022-01-12 01:18:19 +0000)