3
.putty/randomseed and .putty/sshhostkeys were found in my home directory of my MacBook Pro this morning.
I'm running OS X Snow Leopard. I've never installed PuTTY on my machine.
Does this mean my machine has been compromised, and by a Windows computer?
orokusaki
Posted 2012-04-19T12:49:22.090
Reputation: 1 044
3
According to this page, it's a sign of a Windows trojan only (?).
On Unix, PuTTY actually stores its data under ~/.putty, so that's normal too. So, no harm done – but just to be safe, and if you don't actually use PuTTY, delete the whole directory.
As always, make sure you don't have any Sharing options enabled under System Preferences that you don't want. You can also check open internet connections with sudo lsof -i for anything suspicious.
slhck
Posted 2012-04-19T12:49:22.090
Reputation: 182 472
4
Noticed the same thing today, found ~/.putty/sshhostkeys containing keys for some DB servers I use frequently. I was pretty concerned.. turns out that it was created after using a SQL GUI client. It had a feature to connect to your DB via SSH Tunnel. instead of using ~/.ssh directory it creates a .putty directory and stores its host keys there.
Answering a really old question, but I noticed this today as well. As this was 4th Google hit for ".putty osx" and the accepted answer not being very helpful
skrewler
Posted 2012-04-19T12:49:22.090
Reputation: 866
2
I can even clarify this furthers.
This directory is created by Filezilla for OS X. You can safely delete it and start Filezilla again.
You will then see Filezilla complaining about a syntax error, and every host you try to connect from your address book will throw an "Unknown Hostkey" info.
Arne
Posted 2012-04-19T12:49:22.090
Reputation: 29
There appear to be plenty of other apps that will also create it. On my system it's timestamped to about 2 minutes after I upgraded XCode to v9.1, and the file inside is being used reasonably frequently, so I suspect that XCode is touching it every time it restarts. – Jules – 2018-04-13T14:38:55.280