Host key type selection


4.20.1 Host key type selection

PuTTY supports a variety of SSH-2 host key types, and allows you to choose which one you prefer to use to identify the server. Configuration is similar to cipher selection (see section 4.21).

PuTTY currently supports the following host key types:

  • ‘Ed25519’: Edwards-curve DSA using a twisted Edwards curve with modulus 2^255-19.
  • ‘ECDSA’: elliptic curve DSA using one of the NIST-standardised elliptic curves.
  • ‘DSA’: straightforward DSA using modular exponentiation.
  • ‘RSA’: the ordinary RSA algorithm.

If PuTTY already has one or more host keys stored for the server, it will prefer to use one of those, even if the server has a key type that is higher in the preference order. You can add such a key to PuTTY's cache from within an existing session using the ‘Special Commands’ menu; see section

Otherwise, PuTTY will choose a key type based purely on the preference order you specify in the configuration.

If the first key type PuTTY finds is below the ‘warn below here’ line, you will see a warning box when you make the connection, similar to that for cipher selection (see section 4.21).