But we are a team of free software developers, and that means your relationship with us is nothing like that at all. If you once downloaded our software from our website, that's great and we hope you found it useful, but it doesn't mean we have the least idea who you are, or any incentive to do lots of unpaid work to support our ‘relationship’ with you. It's not that we are unwilling to provide information. We put as much of it as we can on our website for your convenience, and if you actually need to know some fact about PuTTY which you haven't been able to find on the website (and which is not obviously inapplicable to free software in the first place) then please do ask us, and we'll try to answer as best we can. But we put up the website and this FAQ precisely so that we don't have to keep answering the same questions over and over again, so we aren't prepared to fill in completely generic form-letter questionnaires for people who haven't done their best to find the answers here first.
If you work for an organisation which you think might be at risk of making this mistake, we urge you to reorganise your list of software suppliers so that it clearly distinguishes paid vendors who know about you from free software developers who don't have any idea who you are. Then, only send out these mass mailings to the former.
A.9.16 The sha1sums / sha256sums / etc files on your download page don't match the binaries. People report this every so often, and usually the reason turns out to be that they've matched up the wrong checksums file with the wrong binaries.
The PuTTY download page contains more than one version of the software. There's a latest release version; there are the development snapshots; and when we're in the run-up to making a release, there are also pre-release builds of the upcoming new version. Each one has its own collection of binaries, and its own collection of checksums files to go with them.
So if you've downloaded the release version of the actual program, you need the release version of the checksums too, otherwise you will see a mismatch. Similarly, the development snapshot binaries go with the development snapshot checksums, and so on. (We've colour-coded the download page in an effort to reduce this confusion a bit.)
If you have double-checked that, and you still think there's a real mismatch, then please send us a report carefully quoting everything relevant:
•the exact URL you got your binary from
•the checksum of the binary after you downloaded
•the exact URL you got your checksums file from
•the checksum that file says the binary should have.
A.10 Miscellaneous questions A.10.1 Is PuTTY a port of OpenSSH, or based on OpenSSH or OpenSSL? No, it isn't. PuTTY is almost completely composed of code written from scratch for PuTTY. The only code we share with OpenSSH is the detector for SSH-1 CRC compensation attacks, written by CORE SDI S.A; we share no code at all with OpenSSL.
A.10.2 Where can I buy silly putty? You're looking at the wrong web site; the only PuTTY we know about here is the name of a computer program.
If you want the kind of putty you can buy as an executive toy, the PuTTY team can personally recommend Thinking Putty, which you can buy from Crazy Aaron's Putty World, at www.puttyworld.com
. A.10.3 What does ‘PuTTY’ mean?