Bitvise SSH Client Version History

Changes in Bitvise SSH Client 6.24:    [ 9 March 2015 ]

  • File transfer:
    • The graphical SFTP client now supports editing of remote files. A remote file can be edited using right click > Edit. The client will automatically download the file; open it in the editor associated with its file extension in Windows; then monitor the local copy of the file for changes. When changes are saved, the file will be uploaded automatically.
    • The graphical SFTP client now supports right click > 'Open with...', both for local and remote files.
    • Further improvements to tab completion in sftpc.
    • The 'move' and 'lmove' commands in sftpc now support the -o (overwrite) parameter.
  • In command line clients, the -keypairFile parameter would only work if another keypair (even if unused) was available, either in the profile being used, or in global client settings. Fixed.
  • Fixed a long-standing graphical glitch which would cause edit boxes in the graphical SSH Client to temporarily lose borders whenever the Sysinternals Process Explorer was launched.

Changes in Bitvise SSH Client 6.23:    [ 17 February 2015 ]

  • SSH:
    • Key exchange methods that use group exchange will now be de-prioritized when connecting to all non-Bitvise SSH server implementations. This serves to avoid a compatibility issue where most non-Bitvise SSH servers will generate weak DH groups which cannot be used with the FIPS 140-2 validated cryptographic provider used by Bitvise SSH Client. Previously, group exchange was already de-prioritized for a handful of known SSH server implementations with this issue.
    • It is now easier to turn compression on and off using the "Prefer zlib compression" setting on the SSH tab.
  • File Transfer:
    • The sftpc command line client now supports batch rename (using wildcards).
    • The sftpc command line client now implements further improved support for command, path, and filename completion using the Tab key.
    • Remote file copy is now supported, in the graphical SFTP interface as well as the sftpc command line client, with SSH servers that implement the SFTP version 6 file copy extension (including Bitvise SSH Server).
    • The graphical SFTP interface now supports drag and drop, copy, cut, and paste features.
  • Remote Desktop:
    • Smart sizing - automatic adjustment of remote desktop resolution to local client window size - can now be enabled or disabled for forwarded Remote Desktop connections in the SSH Client profile.
    • When not using SSH login credentials, the domain name to use for Remote Desktop authentication can now be configured in a field separate from the user name.
    • If you experience trouble with Use SSH login credentials when connecting to Remote Desktop running on Windows Server 2003 or XP, disable Use SSH login credentials, and enter the username, domain, and password manually in the respective fields.
  • Fixes:
    • Fixed a problem with newlines when pasting text into joe/nano editors.
    • Fixed an issue which would cause the SSH Client to stop with an assertion failure if it was configured to use a proxy of type SOCKS4 with "Resolve locally" disabled.
    • Fixed an issue which would cause command-line proxy parameters to not work correctly.
    • Fixed an issue introduced in version 6.21 which would cause the SSH Client to close a connection before sending a failure reply in the event of a connect failure when using dynamic port forwarding (the SOCKS/HTTP CONNECT proxy forwarding feature).
    • Fixed an issue which would cause Export and Remove buttons to not be available in the Host Key Manager unless a named (file-based) profile was opened.
    • Fixed an issue which would prevent the Client Key Manager from importing ECDSA private keys in OpenSSH format if they were password protected. Improved accuracy of error messages if an invalid password is entered.
    • The -flowDebugFile feature will no longer truncate quantum data, allowing a complete debug log of the SSH session to be recorded.

Changes in Bitvise SSH Client 6.22:    [ 31 January 2015 ]

  • The SSH Client now supports SSH protocol obfuscation. When connecting to an SSH server that supports it, obfuscation makes it harder for an observer to determine that the protocol being used is SSH.
  • The sftpc command line client now supports tab completion.
  • If a command is configured to be run under On Login > Execute on the Options tab, the SSH Client can now also be configured to close or terminate the program launched this way after the SSH session ends.
  • Remote Desktop forwarding:
    • A username and password can now be configured for single-click Remote Desktop forwarding, separately from the credentials used to log in via SSH.
    • If the user name for Remote Desktop starts with ".\", it will now be communicated to the Remote Desktop client in the same way as in version 6.08 and older.
  • Graphical xterm console:
    • Block selection and copying is now supported by using the mouse to select while pressing the left Alt key.
    • A tooltip is now displayed when text is copied to clipboard, or pasted in the terminal window. The tooltip can be turned off through the console's system menu.
    • Fixed an issue which would cause a Ctrl+Alt+key event to be sent to the server in addition to a national character, when the user intended to input only a national character with AltGr+key.
  • Links on the SSH Client's About tab now work correctly again.
  • Fixed an issue that would cause the SSH session to terminate with an error after applying removal of some, but not all, client-configured C2S or S2C port forwarding rules.
  • To maintain installer size, an initial Bitvise SSH Client 6.22 installation no longer includes files to support the Remote Control Panel feature for WinSSHD versions older than 5.22. The files necessary to use this feature with such older versions continue to be available separately.

Changes in Bitvise SSH Client 6.21:    [ 23 January 2015 ]

  • Profiles:
    • Per-profile host keys and client keypairs: Host authentication public keys, as well as client authentication keypairs, can now be stored in individual profiles. This allows a profile to contain all information needed to establish an SSH session, without requiring host key or client keypair information to be passed via command line parameters, or stored in Windows registry.
    • When a host key is verified by the user, and the SSH session uses a profile, a copy of the host key will now be automatically saved in the profile.
    • Per-profile proxy settings: Proxy settings can now be configured for individual profiles as well, allowing a profile to override globally configured proxy settings.
    • Implemented measures to ensure profile consistency when accessed by multiple SSH Client instances.
    • When opening profiles created using Bitvise SSH Client 4.xx, previous 6.xx versions would be unable to open profiles with an invalid Remote Desktop Computer field. Attempts to open such profiles would fail with a validation error, but a description of the validation error would not be displayed. Fixed.
  • SSH:
    • Delayed negotiation of zlib compression, as advertised by servers using the '' algorithm, is now supported. Because of an inherent race condition in the OpenSSH implementation of delayed compression, Bitvise SSH Client implements this in the same way as PuTTY - by triggering a second key exchange after successful authentication.
  • Authentication:
    • Graphical management of server-side public keys: The graphical SSH Client now supports management of the user's public keys trusted by the server using SPKS, the Secure Shell Public Key Subsystem. As in previous 6.xx versions, this functionality also continues to be available in the spksc command line client.
    • Agent forwarding: The SSH Client now supports agent forwarding if it is supported by the SSH Server. A remote SSH client running on the server can use agent forwarding to perform public key authentication using client keypairs managed by the local SSH Client.
    • Agent support: Both the graphical client, as well as the command line clients, now support public key authentication using keypairs available through the OpenSSH authentication agent (ssh-agent) or the PuTTY authentication agent (pageant).
    • Improved the choice of default subsequent authentication method offered when the server requires both password and public key authentication.
    • Fixed an issue which prevented use of public key authentication as configured in a profile supplied with the "-profile" command line parameter.
  • Terminal:
    • When using the graphical SSH Client in conjunction with a non-bvterm terminal protocol, such as xterm, the SSH Client will now use a custom terminal window with features not available with a Windows console window:
      • Draggable resizing
      • Support for xterm-256color
      • Support for non-block copy & paste
      • Improved performance
    • Mouse input is now supported. Supported mouse modes are X10 compatible, Normal, Cell Motion and All Motion. Supports X10, UTF8, SGR, and URXVT coordinates. Supported are all 3 main mouse buttons; combinations with Alt, Shift, and Ctrl keys; and the mouse wheel. When mouse tracking is enabled by the server, client-side text selection and copying remains possible using the left Shift key.
    • The terminal window color palette can now be configured.
    • A setting is now supported to allow the terminal window to remain open after a terminal session closes.
    • The terminal client will now display terminal titles received from the server via xterm. The client will append such titles to the initial title.
    • Characters that could not normally be entered using the currently active input method can now be entered using Alt + NumPad or using copy and paste.
  • File transfer:
    • sftpc now supports launching local commands prefixed with '!' in scripted mode. A non-zero return code is treated as an error.
    • sftpc can now execute "ldir" to provide expected results if the current local directory points to a network share.
  • Remote Desktop:
    • Automatic sign-on for Remote Desktop now works with Microsoft accounts, as well.
  • General:
    • Sessions that attempted to register a large number of simultaneous client-to-server port forwarding rules could be terminated by an error. Fixed.
    • Improved disconnection responsiveness and reliability.
    • Improved trace logging.
    • In recent 6.xx versions, a license code could not be applied unless the client was started using elevation. Fixed.

Changes in Bitvise SSH Client 6.08:    [ 8 September 2014 ]

  • Improved reliability and responsiveness of disconnecting a session, resolving an issue where the client could hang during a disconnect.

Changes in Bitvise SSH Client 6.07:    [ 31 August 2014 ]

  • In version 6.05, an issue was introduced that would cause the SSH session to terminate with an error during a server-to-client port forwarding failure. Fixed.
  • In "Reconnect always" mode, when automatically reconnecting without first being successfully authenticated, the client would display the user authentication dialog instead of proceeding with the configured initial authentication method. Fixed.
  • In SFTP Upload and Download panes, the individual file progress bar in the list control was always stuck at 0% when transferring. Fixed.

Changes in Bitvise SSH Client 6.06:    [ 25 August 2014 ]

  • Implemented support for unattended password authentication via the "keyboard-interactive" method. When the SSH Client is configured to authenticate with a stored password, it will now try to pass the stored password to the "keyboard-interactive" method if "password" authentication is not available.
  • User authentication keypairs can now be imported and exported in the PuTTY format.
  • Since migrating Bitvise SSH Client to use Crypto++ as a FIPS 140-2-certified cryptographic provider in versions 6.xx, Diffie Hellman-based SSH key exchange methods that use group exchange have not been working well with servers including OpenSSH, Tectia, and IBM Sterling Connect. The issue arises because these servers generate random DH group parameters which do not pass validation by Crypto++, and we cannot disable this validation in FIPS mode. To avoid this issue, we are changing default Bitvise SSH Client settings to disable DH key exchange methods that use group exchange. We encourage use of the new ECDH key exchange methods instead.
  • The User keypair manager failed to show the first few characters of MD5 fingerprints below the keypair list. Fixed.

Changes in Bitvise SSH Client 6.05:    [ 15 August 2014 ]

  • SFTP: When downloading, characters in the file name that are invalid on Windows will now be replaced with an underscore. Files whose name contains a colon (':') will no longer be downloaded to an alternate NTFS stream.
  • Remote Desktop: When using a custom Remote Desktop profile, prompting for credentials will now be properly disabled if "Use SSH login credentials" is checked.
  • Added support for UTF-8 and UTF-16 byte order markers when importing keys from textual files.
  • Fixed log message describing when reconnection attempt is scheduled.
  • Fixed issues with proxy support for outgoing connections when "Resolve DNS names locally" was enabled.
  • The SOCKS/HTTP proxy forwarding subsystem (dynamic tunneling) did not correctly handle IPv6 HTTP CONNECT request. Fixed.
  • Several warning messages related to port forwarding are now informational messages, to avoid unnecessary pop-ups from being displayed.
  • Graphical SFTP: Fixed an issue which prevented the "Target file already exists" dialog from opening when resuming is not available.

Changes in Bitvise SSH Client 6.04:    [ 13 July 2014 ]

  • When creating remote directories and files, Bitvise SSH Client will no longer send a default set of POSIX permissions, instead letting the server choose appropriate POSIX permissions for the new directories and files.
  • In sftpc, batch list and download operations, such as "get *.txt", would always return an unsuccessful exit code. Fixed.

Changes in Bitvise SSH Client 6.03:    [ 5 July 2014 ]

  • In sftpc, the exit code would not be set properly after failed transfers. Fixed.
  • When the SSH Client is run for the first time after installation, it would be run under the installer's elevated security context. This could cause subtle discrepancies in behavior compared to when the client is run without elevation later. Fixed.
  • Since the new terminal client implementation introduced with version 4.60, the bvterm client would close with an exception if the server sent a particular rarely sent packet (BVT2_WRITEOUTPUTCHAR). Fixed.

Changes in Bitvise SSH Client 6.02:    [ 1 July 2014 ]

  • The graphical SFTP remote files pane was incorrectly using start directory and other settings from the local pane.

Changes in Bitvise SSH Client 6.01:    [ 26 June 2014 ]

  • New features in the sftpc command line client:
    • The put and get commands now support a "-del" flag to delete files after they have been transferred successfully.
    • When using put or get with the "-s" flag (recursive transfer), matching empty directories will now also be transferred.
  • Importing of OpenSSH private keys encrypted using "aes192-cbc" and "aes256-cbc" algorithms is now also supported.
  • When converting file times from UTC for display in local time, the SSH Client would not correctly account for DST when there was a mismatch between the file's DST offset and current DST. Fixed.
  • An SFTP pane resizing issue is now believed fixed.
  • Fixed a number of 6.00 beta issues:
    • If exiting of the graphical client was canceled through the "profile changed" dialog, the Login button would no longer work.
    • When viewing help for command line clients piped through a pager such as "more" or "less", the command line clients would terminate with an error if the pager was exited prematurely.
    • Tooltips would not show when hovering the mouse pointer over an SSH Client icon in the system notification area.
    • sftpc would show file modification times in UTC instead of local time when listing files.
    • In the graphical SFTP window, under Browse, selecting the local or remote path from the dropdown list failed to work properly.
    • On older Windows versions, including Windows XP, the Remote Desktop window title would not update properly when opening a single-click Remote Desktop window in full screen mode.
    • On older Windows versions that did not include IPv6 support, including Windows XP, the newly added IPv6 support would fail, interfering with some aspects of the client.

Changes in Bitvise SSH Client 6.00 beta:    [ 28 May 2014 ]

  • Bitvise SSH Client now uses FlowSsh and the technological platform of Bitvise SSH Server versions 5.xx and 6.xx. This includes, but is not limited to:
    • The cryptographic algorithms used by the SSH Client are now implemented in a FIPS 140-2 certified cryptographic module.
    • The SSH Client now supports Elliptic Curve algorithms - key exchange using ECDH, and ECDSA public keys for client and server authentication.
    • The SSH Client now implements defensive measures against attacks based on the CBC encryption mode.
  • IPv6 is now supported.
  • Command line clients:
    • A new command line client, stnlc, supports scriptable and command line access to port forwarding functionality and the FTP-to-SFTP bridge.
    • A new command line client, spksc, supports scriptable and command line access to the SSH public key subsystem. With Bitvise SSH Server, and other servers that support SPKS, the client can manage public keys which the server will accept for the client's authentication.
    • The sftpc and stermc command line clients now also support an implied trailing command without the "-cmd=..." parameter, for example: "sftpc user@host get *.txt", or "stermc user@host dir".
    • The sexec command line client now supports X11 forwarding.
  • FTP-to-SFTP bridge:
    • Wildcards (* and ?) can now be used in directory listings.
    • As a compatibility improvement, the FTP-to-SFTP bridge now attempts to detect and ignore parameters passed to the LIST command.
    • An optional FTP password can now be configured, which an FTP client then must provide in order to access the bridge.
    • A port range for PASV mode transfers can now be configured.
    • The starting directory for the FTP-to-SFTP bridge session can now be configured.
  • Usability improvements:
    • Settings changes in the Options, Terminal, Remote Desktop, and SFTP tabs now have immediate effect even if a session is active.
    • Settings changes in the Services, C2S, and S2C tabs can now take effect, even if a session is active, after clicking Apply.
    • Settings changes in the Login and SSH tabs continue to take effect for the next SSH session, and are not applied to any currently active session.
    • Errors in initializing a port forwarding or the FTP-to-SFTP bridge will now no longer prevent establishment of the SSH session.
    • Algorithms in the SSH settings tab can now be reordered in terms of priority.
    • The graphical client's close behavior can now be configured. (Whether to exit, or hide to the system notification area.)
    • When using single-click Remote Desktop forwarding in full screen mode, the Remote Desktop window title now reflects the destination server.

Security Clarification:    [ 9 April 2014 ]

  • We have recently received many inquiries about whether our software is affected by the heartbeat vulnerability in OpenSSL (nicknamed "Heartbleed"). This vulnerability relates to a protocol we do not implement, and a code base that is independent of ours. None of our software shares common code with OpenSSL or OpenSSH.

Older Versions

Bitvise SSH Client 4.xx Version History

Tunnelier 3.xx Version History