- Plink is key to automating and executing commands SSH en Windows, allowing secure and efficient connections to remote servers from the command line.
- Plink can be integrated into scripts and automation pipelines, facilitating remote management and connection via SSH tunnels or secure port forwarding.
- Authentication and hostkey management is essential for using Plink, and there are Tricks and advanced parameters to automate fingerprint acceptance and improve security.
The world of secure remote access and task automation Server storage has become increasingly important for system administrators, developers, and technology enthusiasts. One of the great allies in this area, especially in Windows environments, is PlinkThis small but powerful utility makes it easy to connect and execute commands on remote machines via SSH, and offers tremendous possibilities for those looking to integrate automated processes and scripts into their workflows.
If ever you wondered how to connect to servers Linux from Windows without resorting to graphical interfaces, or as automate tasks that would normally require manual intervention, Plink is your toolIn this article, we explain in detail not only what Plink is, but also how to use it from scratch, its common and advanced applications, and some tips to get the most out of it on Windows.
What is Plink and what is it used for?
Plink, short for PuTTY Link, is a command-line program that accompanies the PuTTY suite. Designed primarily for Windows systems, Plink allows you to establish secure connections to remote servers using protocols such as SSH, Telnet or rlogin. It is mostly used with SSH to access and control Linux servers or Unix safely from the Windows command console.
One of the great attractions of Plink is its focus on automationUnlike PuTTY (the graphical version), Plink is designed to run in scripts or processes that do not require direct user interaction. This makes it a fundamental piece of Integrate remote operations into scheduled tasks, automatic deployments, CI/CD pipelines and even for mass server management.
Plink is free and open source, which favors its adoption in both personal projects and professional environments. Its compatibility with batch scripts on Windows differentiates it from other SSH clients, and its ability to integrate with PuTTY sessions and configurations greatly simplifies access to already configured servers.
Advantages of using Plink on Windows
The main reason to use Plink is the automation of administrative and operational tasks between Windows systems and remote servers. Some of the most significant advantages include:
- Portable executable: You can take Plink in a USB or share it easily, since you only need the file plink.exe.
- Integration with scripts: It is ideal for launching commands from batch scripts, PowerShell or even more advanced tools like Jenkins.
- PuTTY Configuration Support: Allows you to reuse profiles, SSH keys, and predefined hosts.
- Port Forwarding and SSH Tunneling: Facilitates secure connections and encrypted data transfer between remote and local computers.
- Advanced Authentication Management: Supports passwords, public keys, Pageant (PuTTY's authentication agent), and integration with automated systems.
Getting Started: Installation and Configuration
Before we jump into using Plink, you need to download and install itThese are the recommended steps:
- Download PuTTY or its individual utilities from its official website: https://www.putty.org/. There you can find plink.exe and other related programs (such as pscp.exe for file transfers).
- Copy plink.exe to an accessible locationas the C: \ Windows \ System32 or any folder included in the Windows PATH.
- Optionally, Add the folder where plink.exe is located to the environment variables, to be able to run it from any terminal of commands.
If you are using Ubuntu or any Linux distribution and want to have the same utilities for cross-platform scripts, look for the package putty tools and install it using sudo apt-get install putty-tools.
How to Use Plink: Basic Syntax and Commands
The simplest use of Plink is connect to a remote server and execute commands as if you were using a traditional SSH terminal. The general syntax usually:
plink -ssh user@host
This will open a interactive SSH session. If your server requires a password, it will prompt you for it via console. You can specify the SSH port if it is not the standard one (22) with the option -P, and pass your private key with -i:
plink -ssh -i C:\path\to\key.ppk user@host -P 2222
To run non-interactive commands directly (ideal for scripts or automatic tasks), just add the command after the connection:
plink -ssh user@host command
For example, to list the files in the directory on the remote server:
plink -ssh user@host ls -l
The -batch parameter allows you to run in silent mode, suppressing interactive prompts (very useful in automated processes):
plink -batch -ssh user@host "ls -l"
Authentication and Public Keys: Security Tips
One of the key aspects for security in SSH connections is public key authentication. Plink supports both key (.ppk files) and password authentication. It is highly recommended to use passphrase-protected keys to add an extra layer of security.
To improve the robustness of your scripts and connections:
- Store private keys in secure locations and restricts access to only the necessary users.
- Use Pageant If you want to manage passphrase-protected keys without having to enter the password manually every time you log in.
- In automated environments, disable interaction using -batch to avoid blocking if the server requests an unregistered key.
Managing fingerprints (hostkey) in Plink
When connecting to a server for the first time, Plink will warn that the hostkey (server fingerprint) is not registered on the client. This is a trust mechanism to ensure you're actually connecting to the intended server. In PuTTY, this hostkey is cached in the Windows registry:
HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys
On the command line, Plink will ask for confirmation to save the hostkey if it isn't already stored. You can either accept manually (by answering 'y') or Automate acceptance in scripts using a 'trick':
echo y | plink user@host
This sends the 'y' response automatically. However, there are situations where this doesn't work, especially when you force the version 2 of the SSH protocol or you use advanced tunneling. In these cases, Plink may abort the connection without asking for confirmation, and you'll have to specify the hostkey manually using the -hostkey:
plink.exe -ssh -2 -batch -L 8080:remote_host:80 -P 22 -pw password user@host -hostkey fingerprint
The fingerprint is obtained on the first connection or from registration. This ensures valid connections and You automate the acceptance of hostkeys in complex scripts or CI/CD pipelines.
Practical examples of using Plink in Windows
Let's see some Common and advanced Plink use cases on Windows, which demonstrate its versatility and power.
1. Remote command execution
For example, to launch a list of files remotely by authenticating with a password:
plink.exe -pw your_password your_user@remote_host ls -l
2. Executing remote scripts
You can prepare a command file (for example, BACKUP. Sh) and run it like this:
plink.exe -pw your_password -m BACKUP.sh your_user@remote_host
Very useful for making backups, deployments, installations or any repetitive process.
3. Automation with batch scripts and Python
Many users create batch scripts or in Python that use Plink and other utilities like pscp.exe (from PuTTY itself) to automate file download and upload, execution of multiple remote commands, integration with databases, etc.
For example, a Python library can wrap Plink and pscp to launch automatic tasks from Windows or Linux, detecting the operating system and using the appropriate commands.
4. File transfer: plink and pscp
To transfer files you can rely on pscp.exe, another PuTTY tool, but in many workflows the two often go hand in hand:
pscp.exe -pw your_password local_file.txt your_user@remote_host:/remote_path/
Or to download files from remote to your local machine:
pscp.exe -pw your_password your_user@remote_host:/remote_path/file.txt ./downloaded_file.txt
Port Forwarding and SSH Tunneling with Plink
One of the most advanced and powerful features of Plink is the SSH tunnel creation and port forwarding (port forwarding). This allows network traffic to be securely and encryptedly redirected between machines and networks.
— Local port forwarding: Redirects a port on your local machine to a port on a remote machine via SSH.
plink.exe -L local_port:remote_host:remote_port -P 22 -pw your_password your_user@remote_host
You can use this to, for example, expose a database, access an internal website, or even open an RDP session through a secure tunnel.
— Dynamic tunnels (SOCKS): Plink can create SOCKS proxies (very useful in pentesting or when you need to navigate through a compromised computer):
plink.exe -D 9050 -P 22 -pw your_password your_user@remote_host
You can then configure your applications to use 127.0.0.1:9050 as a SOCKS proxy, and traffic will travel encrypted over SSH to the remote host.
Advanced integrations and automation with Plink
In professional environments, Plink can be integrated into automation pipelines like Jenkins, allowing remote debugging, deployment, and monitoring of servers using code. Basic example in a Jenkinsfile:
pipeline { agent any stages { stage('Deploy') { steps { bat 'Plink -ssh user@remote_host "deploy.sh"' } } } }
You can also combine it with tools like Proxifier to create advanced network rules and access internal services or ports through SSH tunnels initiated with Plink. This technique is very common in pentesting, advanced administration, and setting up secure test labs from Windows environments.
Passionate writer about the world of bytes and technology in general. I love sharing my knowledge through writing, and that's what I'll do on this blog, show you all the most interesting things about gadgets, software, hardware, tech trends, and more. My goal is to help you navigate the digital world in a simple and entertaining way.