Home
|
FAQ
|
Feedback
|
Licence
|
Updates
|
Mirrors
|
Keys
|
Links
|
Team
Download:
Stable
·
Pre-release
·
Snapshot
|
Docs
|
Privacy
|
Changes
|
Wishlist
People occasionally ask for PuTTY to interpret escape codes in the banner some SSH servers send prior to authentication.
The SSH-2 authentication specification, RFC 4252,
states, in the section about SSH_MSG_USERAUTH_BANNER
:
If the 'message' string is displayed, control character filtering, discussed in [SSH-ARCH], SHOULD be used to avoid attacks by sending terminal control characters.
This is what PuTTY does, and as such, terminal-control sequences won't work.
Update, March 2019: while our policy on control characters hasn't changed, our implementation has. The previous filtering was very simplistic, and could mangle printable characters such as UTF-8-encoded non-ASCII characters. Now we use a more sophisticated approach that lets through characters considered printable by the current locale or terminal configuration through; so non-ASCII characters can now be displayed unmolested (if the terminal and banner message agree on the encoding, in the usual way).