PuTTY wish banner-escape-codes

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Snapshot | Docs | Changes | Wishlist

summary: Interpret escape codes in pre-login banner
class: wish: This is a request for an enhancement.
difficulty: fun: Just needs tuits, and not many of them.
priority: never: We don't ever intend to fix this.

People occasionally ask for PuTTY to interpret escape codes in the banner some SSH servers send prior to authentication.

The SSH-2 authentication specification, RFC 4252, states, in the section about SSH_MSG_USERAUTH_BANNER:

If the 'message' string is displayed, control character filtering, discussed in [SSH-ARCH], SHOULD be used to avoid attacks by sending terminal control characters.

This is what PuTTY does, and as such, terminal-control sequences won't work.

Update, March 2019: while our policy on control characters hasn't changed, our implementation has. The previous filtering was very simplistic, and could mangle printable characters such as UTF-8-encoded non-ASCII characters. Now we use a more sophisticated approach that lets through characters considered printable by the current locale or terminal configuration through; so non-ASCII characters can now be displayed unmolested (if the terminal and banner message agree on the encoding, in the usual way).


If you want to comment on this web site, see the Feedback page.
Audit trail for this wish.
(last revision of this bug record was at 2019-03-17 00:12:46 +0000)