10 PuTTY PLINK Examples to Automate Remote Linux

Commands from Windows Batch Files

www.thegeekstuff.com/2017/05/putty-plink-examples/

Ramesh Natarajan

Tweet
Plink stands for PuTTY Link.

Plink is a companion command-line utility

for PuTTY.

On a very high-level:

Use PuTTY for interactive SSH

session from your Windows to Linux
Servers
Use Plink for non-interactive SSH
session to execute remote linux
commands for automation purpose
from your Windows

In this tutorial, well discuss the following:

1. Launch plink from Command Prompt

2. Plink Interactive SSH Session
3. Plink Non-Interactive SSH Session to execute a Remote Command
4. Execute Multiple Linux Commands from a Windows File
5. Specify Connection Protocol
6. Specify SSH Password as Plink Argument
7. Debug Plink Issues
8. Specify SSH Port as Plink Option
9. Plink Log Files for SSH Connections
10. Specify SSH Protocol (SSH-1 or SSH-2)
11. Specify IP Protocol (IPv4 or IPv6)
12. Use Private Key File for Authentication with Plink
13. Additional Enable and Disable Options for Plink SSH
14. Fingerprint and HostKey with Plink
15. Plink -batch option for Windows Batch Files

First, download plink executable from here.

If you dont have PuTTY already installed on your machine, make sure you also download
putty executable along with plink.
1/11
If you have a 32-bit Windows laptop, make sure you download the 32-bit version of plink. If
not, download the 64-bit version.

1. Launch plink from Command Prompt

You cant just double-click on plink.exe to launch it. Since this is a command-line only utility
(Without GUI), you should first launch your Windows command prompt.

For this, click on start menu on your windows, and type cmd.exe in the search box and
press enter, this will launch the Windows command prompt.

Also, depending on where you have downloaded the plink.exe, you may have to modify the
Windowss PATH variable accordingly.

Go to your System properties windows, click on Environment Variables, select Path

variable, and append the directory where the plink.exe is located here.

Or, you can just set your PATH variable as shown below. In the following example, Ive
downloaded the plink.exe to C:\Downloads directory.

set PATH=%PATH%;C:\Downloads

Next, type plink in the command prompt, this will display the various options available.

2. Plink Interactive SSH Session

The following is the basic syntax for plink:

plink [options] connection [command]

In the above syntax:

options You can pass various options to plink. This is optional.

connection This will have the connection information of the Linux server that you
want to connect to. Various connection methods are explained in the examples below.
command This is the command that should be executed on the remote Linux server.
This is optional.

While the command is optional, when you dont give it, it will display a raw interactive
session, which will have lot of non-printable non-readable character on the screen. As
explained earlier, plink is not meant to be used as interactive session. Use putty for
interactive session.

For now, let us see various methods to use the connection.

2/11
First, you can just give the ip-address of the remote-server. This will then ask for the
username and password to login.

C:\>plink 192.168.101.1
login as: root
root@192.168.101.1's password:

Or, you can also use the username using @ symbol as shown below. This will ask only for
the password, as weve specified the username.

C:\>plink root@192.168.101.1
Using username "root".
root@192.168.101.1's password:

You can also pass the username using -l option as shown below:

C:\>plink 192.168.101.1 -l mysql

You can also use the name of an existing putty session. In this example, Im using the
existing saved putty session called devdb. This is the recommended way of using, as you
can bring all the configuration information from PuTTY to here for this particular devdb
session.

C:\>plink devdb
Using username "root".
root@192.168.101.1's password:

The following -load is exactly the same as above.

C:\>plink -load devdb

Using username "root".
root@192.168.101.1's password:

As you see below, once you login, youll get a command-prompt. But, doing anything here
will display some non user-friendly characters.

C:\>plink devdb
Using username "root".
root@192.168.101.1's password:
?]0;root@devdb:~[root@devdb ~]#
?]0;root@devdb:~[root@devdb ~]#
?]0;root@devdb:~[root@devdb ~]# ?[Kls -altr
total 326432
drwx------. 2 root root 4096 Jan 23 2016 ?[01;34m.ssh?[0m
drwxr-xr-x. 2 root root 4096 May 9 2016 ?[01;3Documents?[0m
drwxr-xr-x. 2 root root 4096 May 8 12:41 ?[01;3Downloads?[0m
?[m?]0;root@devdb:~[root@devdb ~]#

Again, for interactive SSH session, please use PuTTY.

On a related note, even if youve been using PuTTY for a while, you might find few tips from
3/11
here helpful: 10 Awesome PuTTY Tips and Tricks You Probably Didnt Know

3. Plink Non-Interactive SSH Session to execute a Remote

Command
Using plink, from windows, you can execute a command on the Linux server without any
user interaction and just display the output.

For this, pass the command as the last argument to the plink as shown below.

In the following example, it will execute crontab -l command on the remote server and
display the output.

C:\>plink root@192.168.101.1 crontab -l

no crontab for root

If you want to execute multiple commands, then group them together as shown below.

C:\>plink root@192.168.101.1 (hostname;crontab -l)

devdb.thegeekstuff.com
no crontab for root

The following will execute the db-backup.sh shellscript on the remote Linux server. But, you
are initiating this from your Windows machine.

plink mysql@192.168.101.1 /root/bin/db-backup.sh

Few points to keep in mind:

If the above command is asking for password, and if you dont want that to happen,
you should setup the public-private key authentication appropriately so that remote
Linux server doesnt ask for password.
You can also pass the password as a command-line option to plink as shown in one of
the examples below.
Also, if the above displays an error message about invalid protocol, then you should
pass the appropriate protocol as shown in the next example.

4. Execute Multiple Linux Commands from a Windows File

Instead of specifying all the commands to be executed on the remote Linux server in the
plink command-line, you can also put them in a text file and specify the file as a parameter to
the plink.

For example, create the following file called commands.txt on your Windows.

4/11
C:\>type commands.txt
hostname
service mysql stop
yum -y install httpd
service mysql start
service httpd start
crontab -l

Now to execute all of the above commands on the remote Linux server one-by-one in a
sequence, execute the following plink command on your Windows laptop.

C:\>plink root@192.168.101.1 -m C:\commands.txt

5. Specify Connection Protocol

Plink allows the following protocols: SSH, Telnet, Remote Login (rlogin), Raw, Serial
Connection

The most popular and the default is SSH. Use -ssh as shown below.

C:\>plink -ssh root@192.168.101.1

For Telnet:

C:\>plink -telnet root@192.168.101.1

For Remote Login using rlogin:

C:\>plink -rlogin root@192.168.101.1

For Raw:

C:\>plink -raw root@192.168.101.1

SSH-2.0-OpenSSH_5.3

If you are trying to specify a particular protocol, and if you are getting FATAL ERROR:
Network error: Connection refused error, it means that the remote server doesnt support
the specified protocol.

If you dont want to specify the protocol on the command line:

You can use a saved PuTTY session which already has the protocol defined for that
particular session.
Or, you can use Windows env variable called PLINK_PROTOCOL and set the value
accordingly, which will be used by plink.

6. Specify SSH Password as Plink Argument

5/11
If you dont have the key based authentication setup, then you can pass the password as a
parameter in the command-line. Needless to say this method is not recommended.

This will connect to the server as root using the password specified by the -pw option, and
execute all the given Linux commands and display the output on your Windows command-
prompt.

C:\>plink root@192.168.101.1 -pw SecretRootPwd (date;hostname;ls -l)

Of course, the easy method is to use a saved putty session (For example, devdb) instead of
specifying the username and ip-address as shown below.

C:\>plink devdb -pw SecretRootPwd (date;hostname;ls -l)

7. Debug Plink Issues

First, make sure you have the latest version of plink. Use -V option (upper-case V) as shown
below. The current stable release is 0.69

C:\>plink -V
plink: Release 0.69
Build platform: 64-bit Windows
Compiler: Visual Studio 2015 / MSVC++ 14.0 (_MSC_VER=1900)
Source commit: b1829b81b5c0d12dcc91f6b50b0b4d83c3df6a8e

Next, use -v option (lower-case v) as show below for more verbose output.

6/11
C:\>plink -v devdb service httpd restart
Connecting to 192.168.101.1 port 22
We claim version: SSH-2.0-PuTTY_Release_0.69
Server version: SSH-2.0-OpenSSH_5.3
We believe remote version has SSH-2 channel request bug
Using SSH protocol version 2
Doing Diffie-Hellman group exchange
Doing Diffie-Hellman key exchange with hash SHA-256
Server also has ssh-dss host key, but we don't know it
Host key fingerprint is:
ssh-rsa 2048 2f:d2:c1:7f:db:a1:16:21:d2:f4:31:f9:ae:96:be:89
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA1 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA1 server->client MAC algorithm
Using username "root".
Using SSPI from SECUR32.DLL
Attempting GSSAPI authentication
GSSAPI authentication request refused
Sent password
Access granted
Opening session as main channel
Opened main channel
Started a shell/command
..

Server sent command exit status 0

Disconnected: All channels closed

8. Specify SSH Port as Plink Option

By default for SSH, it will connect to port 22. But, on your Linux server if SSH is configured
to run on a different port, then use -P option in plink to specify the port.

In the following example, plink will connect to the remote Linux server on port 25.

C:\>plink root@192.168.101.1 -P 25 crontab -l

When you use a saved PuTTY session and -P option, instead of using the port from the
saved session, it will use the given Port.

C:\>plink devdb -P 25 crontab -l

9. Plink Log Files for SSH Connections

For the SSH protocol in Plink, there are couple of useful logging options.

The following sshlog option will save the logs in the given file (sshlog.txt).

C:\>plink devdb -sshlog sshlog.txt (date;hostname;ls -l)

7/11
This is the partial content of the sshlog.txt output

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2017.05.11 11:40:57 =~=~=~=~=~=~=~=~=~=~=~=

Event Log: Writing new session log (SSH packets mode) to file: sshlog.txt
Event Log: Connecting to 192.168.101.1 port 22
Event Log: We claim version: SSH-2.0-PuTTY_Release_0.69
Event Log: Server version: SSH-2.0-OpenSSH_5.3
Event Log: We believe remote version has SSH-2 channel request bug
Event Log: Using SSH protocol version 2
Outgoing packet #0x0, type 20 / 0x14 (SSH2_MSG_KEXINIT)
00000000 ed 8e ff c9 d3 67 cf 95 0e 8f 1a 4d 6d 65 6f 25 .....g.....Mmeo%
00000010 00 00 00 f0 63 75 72 76 65 32 35 35 31 39 2d 73 ....curve25519-s
......

Outgoing packet #0xc, type 96 / 0x60 (SSH2_MSG_CHANNEL_EOF)

00000000 00 00 00 00 ....
Outgoing packet #0xd, type 97 / 0x61 (SSH2_MSG_CHANNEL_CLOSE)
00000000 00 00 00 00 ....
Event Log: Disconnected: All channels closed

For more detailed log, use -sshrawlog option. Please note that the filesize of this will be
larger than the above, as this will store lot more information in the log file.

Also, this will take longer to execute than the above command, as sshrawlog option collects
more log information than regular sshlog option.

C:\>plink devdb -sshrawlog sshrawlog.txt (date;hostname;ls -l)

10. Specify SSH Protocol (SSH-1 or SSH-2)

By default, it will use SSH-2 protocol, which can also be specified using -2 option as shown
below.

C:\>plink devdb -2 (hostname;ls -l)

devdb.thegeekstuff.com
total 326380

For SSH-1 protocol, use -1 option as shown below. If your server doesnt support it, youll get
the following error.

C:\>plink devdb -pw -1 (hostname;ls -l)

FATAL ERROR: SSH protocol version 1 required by our configuration but not provided by
server

11. Specify IP Protocol (IPv4 or IPv6)

By default, it will use IPv4, which can also be specified using -4 option as shown below.

C:\>plink devdb -4 (hostname;ls -l)

8/11
To use IPv6, use-6 option as shown below.

C:\>plink devdb -6 (hostname;ls -l)

12. Use Private Key File for Authentication with Plink

Use -i option to specify the location of the private key file that should be used for
authentication.

In the following example, it will use the devdb.ppk file from C:\Downloads directory.

C:\>plink -i "C:\Downloads\devdb.ppk" root@192.168.101.1 hostname

Note: Youll get Server refused our key, if the given key is not properly configured to be
used with your Linux Server.

If the key file is not found (for example, when you give a wrong directory name), youll get
the following error:

C:\>plink -i "D:\Data\devdb.ppk" root@192.168.101.1 hostname

Unable to use key file "C:\Users\ramesh\Downloads\devdb.ppk" (unable to open file)
root@192.168.101.1's password:

If you specify a Key what is not of proper format, youll get the following error message.

C:\>plink -i "C:\Downloads\devdb.key" root@192.168.101.1 hostname

Unable to use key file "C:\Downloads\devdb.key" (OpenSSH SSH-2 private key (old PEM
format))

13. Additional Enable and Disable Options for Plink SSH

You can also use the following plink SSH options:

-X to enable X11 forwarding

-X to disable X11 forwarding
-A to enable agent forwarding
-a to disable agent forwarding
-t to enable pty allocation
-T to disable pty allocation
-noagent to disable use of Pageant
-agent to enable use of Pageant
-C to enable compression

14. Fingerprint and HostKey with Plink

Use -pgpfp option which will display the PGP fingerprint details for PuTTY. Typically you can
use this to establish trust from plink.exe executable to another program or executable that
9/11
you are trying to connect to.

C:\>plink -pgpfp
PuTTY Master Key as of 2015 (RSA, 4096-bit):
440D E3B5 B7A1 CA85 B3CC 1718 AB58 5DC6 0467 6F7C

Original PuTTY Master Key (RSA, 1024-bit):

8F 15 97 DA 25 30 AB 0D 88 D1 92 54 11 CF 0C 4C
Original PuTTY Master Key (DSA, 1024-bit):
313C 3E76 4B74 C2C5 F2AE 83A8 4F5E 6DF5 6A93 B34E

Also, you can use hostkey in the plink to connect to the remote server accordingly using -
hostkey option.

C:\>plink devdb -hostkey aa:dd:b1:f1:f8:00:4c:36:63:ec:cf:92:16:e6:df:26 hostname

15. Plink -batch option for Windows Batch Files

If you are running plink inside a Windows batch file, then it is recommended that you use -
batch option.

C:>plink -batch devdb [complex-linux-command]

In the above example, if the complex-linux-command fails, or asking for an input from the
user, or hangs, etc, then your Windows Batch script will not be waiting. Instead, plink will just
abandon the command, and the batch script will fail.

This is probably what you would expect to happen instead of your windows batch file job just
waiting or hanging.

So, use -batch option in plink when you are writing Windows batch scripts using plink.

Tweet
> Add your comment

If you enjoyed this article, you might also like..

1. 50 Linux Sysadmin Tutorials Awk Introduction 7 Awk Print

2. 50 Most Frequently Used Linux Commands Examples
(With Examples) Advanced Sed Substitution Examples
3. Top 25 Best Linux Performance Monitoring 8 Essential Vim Editor Navigation
and Debugging Tools Fundamentals
4. Mommy, I found it! 15 Practical Linux Find 25 Most Frequently Used Linux IPTables
Command Examples Rules Examples
5. Linux 101 Hacks 2nd Edition eBook Turbocharge PuTTY with 12 Powerful
Add-Ons

10/11
11/11