Bitvise SSH Client Version History
Security Clarification: [ 9 April 2014 ]
- We have recently received many inquiries about whether our software is affected by the heartbeat vulnerability in OpenSSL. This vulnerability relates to a protocol we do not implement, and a code base that is independent of ours. None of our software shares common code with OpenSSL or OpenSSH.
Changes in Bitvise SSH Client 4.63: [ 9 March 2014 ]
- SFTP: For compatibility with WS_FTP servers, when attempting to verify existence of the target directory during upload, the client will now assume that a generic failure response means the directory does not exist, and will try to create it. Previously, the client acted this way only if the server's response was along the lines of "path does not exist".
- When the graphical client is closed, it will no longer pop up a profile save dialog if profile contents were modified only through a command line parameter.
- With newer Remote Desktop clients, the feature "Use SSH login credentials" would fail when using local accounts. Now fixed.
- Terminal client for non-bvterm protocols: Fixed issue with reporting cursor position.
Changes in Bitvise SSH Client 4.62: [ 18 November 2013 ]
- The support for Ctrl+Alt+[A-Z] character combinations implemented in version 4.61 was conflicting with AltGr+[A-Z] combinations on non-US keyboards. The implementation has been improved so that Left Ctrl + Left Alt + [A-Z] will send the Ctrl+Alt+[A-Z] combination, but AltGr+[A-Z] will send the special character defined by the current keyboard configuration.
Changes in Bitvise SSH Client 4.61: [ 5 November 2013 ]
- Fixed an issue which caused Bitvise SSH Client 4.60 to display incorrect Bubble-Babble fingerprints.
- Fixed an issue which caused the graphical SSH client to either crash, or open an incomplete dialog, when clicking the Initial Directory link on the SFTP tab.
- Changed command line handling so that double backslashes ("\\") will be replaced with a single backslash only if followed by a quotation mark.
- The sexec command line client no longer hangs if the exec request is rejected by the server.
- Fixed an issue which could have caused the graphical SSH client to become unresponsive if a third-party application was installed that sent an unexpected GUI message.
- vt100/xterm terminal client:
- Implemented support for Ctrl+Alt+[A...Z] key combinations. Additionally, with xterm, Ctrl, Alt and Shift combinations are now supported with the following keys: cursor arrow keys, Home, End, Insert, Delete, PgUp, PgDn, and F1-F12. (However, Shift+PgUp and Shift+PgDn are used to scroll the history buffer, and are not sent to the server.)
- Restored behavior from previous client versions so that Ctrl+Break does not end the terminal client, but instead sends the appropriate signal to the server.
- The vt100/xterm terminal client will no longer exit if it receives characters from the server that are invalid with the character encoding being used.
- Fixed a bug with cursor position reporting in the vt100/xterm terminal client, so it will no longer cause strange characters to appear on screen, e.g. when starting Vim.
Changes in Bitvise SSH Client 4.60: [ 4 February 2013 ]
- The xterm/vt100 terminal client has been re-implemented to improve performance and add new features.
- Default colors displayed by the xterm/vt100 terminal client can now be configured on the Terminal tab.
- Command-line clients (sftpc, stermc, sexec) now support a parameter to enable delegation when using Kerberos user authentication with standard SSH host authentication and key exchange. Previously, the command line clients supported delegation only when using Kerberos-based key exchange.
- The Host Key Manager can now store multiple host key fingerprints per SSH host. When a new host key is verified by the user, it is now added to other known keys for that host, instead of replacing them.
- To improve compatibility with some FTP clients, FTP-to-SFTP bridge will now send more conventional reply codes to USER and PASS commands, mimicking the behavior of FTP servers that require authentication.
- When launched from the Bitvise SSH Client graphical client, the terminal client now supports executing a custom command (as an exec request) instead of requesting a plain shell.
- When using single-click Remote Desktop forwarding, temporary RDP profiles are now removed from the "most recently opened" list for the Remote Desktop Connection shortcut.
- WoW64 filesystem redirection is now disabled when creating temporary RDP profiles for single-click Remote Desktop forwarding.
- Improved keyboard accessibility for launch bar icons in the graphical client.
Changes in Bitvise SSH Client 4.51: [ 20 October 2012 ]
- Command line clients: Improved text colors; added a color scheme for dark blue background, and a color scheme for PowerShell's default colors and palette.
- Remote Desktop: Fixed an issue which could cause the SSH client to not detect the Remote Desktop client version on 64-bit platforms.
- Tunneling: Implemented a workaround for the Dropbear server, which translates the client's request to listen on 127.0.0.1 into "localhost" in server-to-client forwarding.
Changes in Bitvise SSH Client 4.50: [ 18 July 2012 ]
- Bitvise Tunnelier is now Bitvise SSH Client. The main graphical client, previously Tunnelier.exe, can now be launched as BvSsh.exe.
- The SSH client and its components now use Unicode internally.
- Command line: The graphical SSH Client (BvSsh) now supports the -hide=trayIcon parameter to hide the notification area icon.
- Command line: If the -host and/or -port parameter is provided, the default profile will be loaded instead of the most recently used profile.
- Command line: -keypairPassphrase had no effect in sftpc, stermc and sexec if -keypairFile specified a keypair in Bitvise format. Fixed.
- Command line: A BvSshCtrl command line utility is now included with Bitvise SSH Client, and can be used to send login, logout, and exit commands to a graphical BvSsh client process. Run BvSshCtrl for usage instructions.
- User interface: The Host value on the Login tab of the graphical client will now have its whitespace trimmed. Previously, whitespace in the Host value caused DNS lookup to fail.
- User keypair manager: Can now import OpenSSH private keys encrypted with AES-128-CBC. (Previously, only OpenSSH keys encrypted with 3DES were supported.)
- Command line clients: sftpc, sexec, and stermc will no longer exit when they are being run as a service, and an interactive user on the same machine logs off.
- Authentication: Keyboard-interactive authentication now makes it easier to try common keyboard-interactive submethods ("bsdauth" and "pam").
- Banner: Empty banner messages are no longer displayed. (VMWare ESXi 5.0 sends such a banner message.)
- Banner: Banner messages are now displayed using a monospace font, so that ASCII art will render as intended.
- SSH: Some Dropbear servers do not support SSH_MSG_GLOBAL_REQUEST, and would send SSH_MSG_UNIMPLEMENTED in response to Bitvise SSH Client's keep-alive requests. The Client will now recognize the UNIMPLEMENTED response as resetting the keep-alive timeout, no longer causing the session to break.
- SSH: Some broken terminal servers start sending channel data as soon as a 'session' channel is open, without waiting for a subsystem request. Subsequently, the server sends a response to the subsystem request after the channel is already closed. Bitvise SSH Client is now resilient against such implementations, and will ignore the belated channel response.
- Terminal: The non-bvterm terminal implementation (e.g. xterm/vt100) now supports sending the Backspace key as ASCII code 127, correcting Backspace behavior on some servers. This feature can be enabled in the Terminal tab of the main SSH Client. When using the command line client, stermc, this behavior can be enabled using the parameter -altBksp=y.
- SFTP: The SFTP client now supports larger pipelines, to enable faster transfers on high-bandwidth connections with some latency. The default pipeline size is now 512 kB, and can be increased to up to 4096 kB on the SFTP tab of the main SSH Client. The command line client, sftpc, also supports the -pipelineSize=... parameter.
- SFTP: The size of the initial chunk used to determine whether a file is binary or textual has been increased from 1000 bytes to 32 kB.
- SFTP: Resume is now disabled for file transfers by default. Due to limitations of most SFTP implementations, Resume cannot be implemented with 100% reliability, and may fail to update content that changed in the middle of the file between the initial transfer operation and the resume. Resume is now disabled by default to reduce the incidence of this issue, and to emphasize the notion that Resume should be enabled when needed, but not necessarily always.
- SFTP: Setting the file time on a recently uploaded file, whose handle has remained open, fails after uploading to some servers. If this happens, Bitvise SSH Client will now attempt to set the file time again after closing the uploaded file.
- bvterm: Fixed an issue which could have caused the bvterm client to fail with the error "parameter is incorrect" after a call to SetConsoleWindowInfo().
Changes in Tunnelier 4.40: [ 8 January 2011 ]
- Tunnelier now includes the WinSSHD Remote Control Panel for WinSSHD versions 5.22 and newer. WinSSHD Remote Control Panel versions 5.06+, 5.11+, and 5.18+ also continue to be included.
- Fixed issue introduced in version 4.39 that prevented Tunnelier from functioning correctly when used with the -noRegistry setting.
- Fixed issue where the Tunnelier graphical SFTP interface would fail to list a drive that was completely empty of all directory entries (did not even contain the default '.' or '..' entries).
Changes in Tunnelier 4.39: [ 13 December 2010 ]
- Added support for fully automated password + public key login. Previously, a login that required both password and public key authentication required the user to click through at least one dialog displayed by Tunnelier. This can now be avoided by selecting an initial authentication method such as "publickey - slot 1 + password".
- Added configurable code page support for non-bvterm terminals. (bvterm always uses Unicode.)
- Fixed line drawing in xterm and xterm-alt.
- Replaced cases where the "MS Sans Serif" font was used with "MS Shell Dlg", fixing font anti-aliasing issues.
- Removed support for protected mode handling from non-bvterm terminals - it was introducing issues without a known benefit.
Changes in Tunnelier 4.37: [ 22 September 2010 ]
- SFTP: Tunnelier will now transfer files even if file size information cannot be retrieved from the server.
- sftpc: Pressing the Esc key on an empty prompt would incorrectly disable further input of SFTP commands. Fixed.
- Terminal: added setting in Tunnelier Terminal tab, and -beep command line switch for stermc, to allow disabling of beeping sounds sent by the server.
- When connecting through a proxy server, some proxy servers choose to just send EOF to Tunnelier, instead of sending an error code. In this circumstance, Tunnelier would previously hang indefinitely, waiting for an explicit error response. Tunnelier will now handle the EOF response correctly, as well as timeout on its own if no response is forthcoming.
Changes in Tunnelier 4.36: [ 8 August 2010 ]
- The Tumbleweed compatibility fix in version 4.33 introduced a side effect which would sometimes cause Tunnelier to get stuck in an infinite loop while sending data. Fixed.
- The Tunnelier SFTP clients will now disable filesystem redirection on 64-bit platforms, allowing file transfer to and from directories such as C:\Windows\System32.
- For compatibility with some OpenSSH versions, Tunnelier will now accept SFTP version 3+ packets that do not contain an error message and language tag.
- The Tunnelier terminal clients are now more resilient when the Windows registry contains invalid console geometry settings.
Changes in Tunnelier 4.35: [ 27 May 2010 ]
- Fixed issue in Tunnelier SFTP graphical user interface where icons would drift slowly apart when Tunnelier was running for prolonged periods.
- Tunnelier now supports a new command line parameter, "-disableSftpLocation", which disables direct input of local and remote paths in the SFTP graphical user interface.
- Tunnelier now includes the WinSSHD Remote Control Panel for WinSSHD versions 5.18 and newer. WinSSHD Remote Control Panel versions 5.06+ and 5.11+ also continue to be included.
Changes in Tunnelier 4.33: [ 21 April 2010 ]
- The default xterm terminal selection will now again send the same cursor key movement sequences as in Tunnelier 4.31 and earlier. For servers such as AIX that need alternative key sequences, a separate xterm terminal selection is now available, named "xterm-alt".
- sftpc now supports the "-progress=percent" command line parameter, which will cause it to print the progress indicator in a new line instead of updating it on the same line each time. Useful for programs that process sftpc's redirected output.
- The SSH implementation now takes steps to prevent the initial packet (KEXINIT) from being sent in separate IP frames. This should improve compatibility with servers such as Tumbleweed, which expect (incorrectly) to receive the entire KEXINIT packet in a single receive call, and fail the connection if this condition is not met.
Changes in Tunnelier 4.32: [ 2 March 2010 ]
- Titles of forwarded Remote Desktop sessions will now be set properly on Windows 7.
- When using SFTP protocol version 3, the command line SFTP client (sftpc) will now generate directory listing entries like it does with SFTP 4 or higher, instead of displaying verbatim the listing sent by the server. This ensures that file times will be displayed using the client's local time if the server is in a different time zone.
- When displaying a directory listing in the command line SFTP client (sftpc), the detailed time format (with hours and minutes) will now be used if the time is less than half a year ago, rather than if the time is in the current year.
- The VT-100/xterm client will now properly handle extremely large buffer widths (2000+ characters or more).
- The terminal client will now send alternative key cursor movement sequences when using xterm for compatibility with AIX servers.
Changes in Tunnelier 4.31: [ 3 January 2010 ]
- Command line clients will no longer wrap their output when redirected.
- Tunnelier now includes the WinSSHD Remote Control Panel for WinSSHD versions 5.11 and newer. (For other version combinations, see the WRC download page.)
- Fixed an issue which caused no-wait loops (100% CPU consumption) in some situations, e.g. during intensive port forwarding.
Changes in Tunnelier 4.30: [ 13 October 2009 ]
- Implemented workaround for Ipswitch WS_FTP Server 7. Decreased the SSH maximum incoming packet size from 35 kB to 34 kB, which appears to avoid triggering a bug in WS_FTP Server 7 which would otherwise result in disconnect due to a MAC check failure. Warning: In our testing, WS_FTP Server 7 appeared to be highly susceptible to variations in the client's maximum incoming packet size. Observed symptoms included the server apparently entering an infinite loop and not responding to connections. It is our suspicion that, with high incoming packet sizes, the server incorrectly overwrites not only its buffers, but possibly also parts of its code. We suspect that this may indicate exploitable issues in WS_FTP Server 7. We have observed that it is possible for an authenticated client to mount at least a denial-of-service attack through a large maximum incoming packet size.
- FTP-to-SFTP bridge: Resolved compatibility issue with Windows File Explorer, Firefox, and possibly other FTP clients when the SFTP listing sent by the SFTP server lacks the modification time attribute. This can happen when listing drives with WinSSHD 5. The FTP-to-SFTP bridge will now provide the FTP client with a dummy modification time attribute in this case.
Changes in Tunnelier 4.29: [ 18 June 2009 ]
- Tunnelier 4.29 now includes a WinSSHD Remote Control Panel for WinSSHD 5.06.
- Added a setting which controls whether, as in previous versions, Tunnelier should use only a short list of trusted Windows Sockets Layered Service Providers (LSPs), promoting stability, but at a possible expense of connectivity; or whether Tunnelier should use any LSP, promoting connectivity, but at the possible expense of stability.
- Improved text-mode file transfer support.
Changes in Tunnelier 4.28: [ 19 January 2009 ]
- Tunnelier now supports X11 forwarding, which can now be enabled in the Terminal tab.
- Tunnelier and stermc now support a -title parameter which can be used to override the default session-dependent titles of Tunnelier windows.
- The gssapi-keyex authentication method can now be used regardless of the username provided in the username field. Previously, the username field had to match the Windows account username of the current user.
Changes in Tunnelier 4.27: [ 30 November 2008 ]
- Tunnelier now supports block encryption algorithms in CTR mode, in addition to CBC mode.
- Login tab: longer Service Principal Names (SPNs) for Kerberos authentication can now be entered.
- FtpBridge: fixed problem with EOF being sent on an already closed channel (discovered with Macromedia Homesite 5.5).
- Added various Layered Service Provider IDs belonging to Microsoft Firewall Client 2004 to the list of trusted LSPs that Tunnelier will use. This enables using Tunnelier with this firewall client.
- Remote Desktop forwarding: listening interface 127.0.0.1 is now used on Vista and Windows Server 2008. Previously, 127.0.0.2 was being used, which caused problems in some situations.
- Remote Desktop forwarding: implemented a one-second delay for the auto-logout feature. New RDP clients can establish two consequent connections to Tunnelier - disconnecting of the first connection would previously cause the auto-logout feature to close the SSH session.
Changes in Tunnelier 4.26: [ 25 February 2008 ]
- Tunnelier 4.26 is needed to remotely edit the settings of WinSSHD 4.26 and higher, until the next WinSSHD settings format change.
- Remote Desktop: for compatibility with Windows Vista SP1, the Microsoft Remote Desktop client is now launched with the '/admin' switch rather than with '/console' if the RDC client version is 6.0.6001 or newer.
- sftpc: When 'lmove' was used with a pattern like '*.txt', it acted as if '*' was used instead. Fixed.
- Implemented a minor workaround in socket usage to make Tunnelier compatible with Wine as of 0.9.53.
Changes in Tunnelier 4.25: [ 18 October 2007 ]
- Tunnelier: added support for -execute and -reExecOnReconn command-line parameters, providing the same functions as the "Execute" and "Re-execute on connection" profile settings.
- Console: to improve readability, the command-line clients stermc, sftpc and sexec now use teal (also referred to as aqua) as the accent color instead of light blue.
- SSH: the GSSAPI-with-MIC authentication method is now available even if the entered SSH username does not match the account name with which the user is logged on into Windows.
- SFTP: Tunnelier sends pipelined SSH_FXP_READDIR requests to improve the speed of getting large directory listings. The Maverick SSH server reacts to a pipelined SSH_FXP_READDIR request with an empty SSH_FXP_NAME even though it had already previously sent EOF. Rather than raising a protocol error as before, Tunnelier now handles this as if the server sent SSH_FXP_STATUS with SSH_FX_EOF.
- SOCKS proxy forwarding (dynamic port forwarding): fixed a malformed SOCKS5 success reply that could be sent to the application client under the following circumstances: the SSH server in the Login tab was configured as a DNS name; Tunnelier connected to the host through a proxy server with "Resolve DNS names locally" disabled; and "Specify Server Public IP" in the Service tab was disabled.
- SSH: improved compatibility of the GSSAPI-with-MIC authentication method with OpenSSH.
- SSH: Tunnelier now doesn't disconnect if there are too many channels, but instead now refuses to open new ones.
- SFTP: replaced use of C run-time library time conversion functions with direct calls to the Windows API, improving interpretation of remote file times.
- xterm: fixed a bug in the terminal description file which caused 'vim' to open as if the user just entered 'c' when connecting to some newer Linux distributions.
- VT-100: fixed terminal description files and removed alternative arrow key send sequences. This should make the F5-F10 keys now work properly in vt100.
Changes in Tunnelier 4.24: [ 13 June 2007 ]
- Security fix: when using the VT100/xterm terminal client in version 4.23, a file named c:\totermc.log would be created containing a log of all keys pressed during the VT100/xterm terminal session. The issue affects the VT100/xterm terminal client only (the one used for terminal sessions with non-WinSSHD servers) and does not affect the bvtermc terminal client (the one used for terminal sessions with WinSSHD). We recommend that all Tunnelier users upgrade to version 4.24 and securely wipe any files named c:\totermc.log on their hard drive. All users having a license with upgrade eligibility expiring after March 22 but before June 14, please contact us and we will extend your upgrade eligibility free of charge so that you can upgrade to version 4.24.
- sftpc: Fixed -s parameter handling on single files. For example, "put a.txt -s" previously uploaded the file a.txt in the current directory only, whereas "put a.tx? -s" uploaded matching files in all subdirectories.
Changes in Tunnelier 4.23: [ 23 March 2007 ]
- The Tunnelier installer and all contained executables are now digitally signed with the Bitvise private key. Windows Explorer will now show a 'Digital Signatures' tab if you right click on one of the executables and open its properties.
- The -baseRegistry parameter is now supported throughout Tunnelier to allow the Tunnelier base registry key to be configured. This makes it easier to package Tunnelier for portable use.
- When Tunnelier is minimized to the system notification area, clicking the icon now displays any pending SSH banner, host key or user authentication dialogs.
- The VT100/xterm client subsystem now supports sending the NUL character (ASCII 0) with Ctrl+Space.
- Graphical SFTP: fixed a problem with a local target file size being reported as 0 bytes in the Target File Already Exists dialog.
- Graphical SFTP: fixed up-folder keyboard shortcut that used to get incorrectly triggered on 'u' alone.
- SFTP protocol: increased maximum SFTP packet size from 64 kB to 96 kB to improve compatibility with the GlobalSCAPE SFTP server.
- Proxy configuration: wildcard settings (*.domain.com) did not work in the list of domains for which proxy settings should not be used. Fixed.
- Remote Desktop: the 'Use SSH login credentials' feature now does not supply RDC with an empty password - it would cause the Remote Desktop Client unable to open a connection.
Changes in Tunnelier 4.22: [ 25 December 2006 ]
- Tunnelier now installs and runs normally on Windows Vista. (With previous versions, explicit user action was necessary to make the installer run as administrator in order for installation for all users to work.)
- Improved Remote Desktop integration:
- Tunnelier can now convey SSH login credentials to Remote Desktop so that the username and password do not need to be re-entered.
- Single-click Remote Desktop forwarding now works with Remote Desktop client v6, on x64 platforms and on Windows Vista.
- Some Remote Desktop settings are now configurable directly from Tunnelier, and Tunnelier now makes it easy to create and edit a custom Remote Desktop profile to manage other settings.
- SFTP GUI: clarified menus with more descriptive names of menu items, added tooltips to toolbars.
- SFTP GUI: due to automatic directory refresh, focus was moving away from rename input during upload. Automatic directory refresh is now temporarily disabled while renaming.
- sftpc would previously skip the last instruction in a -cmd parameter if it ended with an escaped quote mark followed by a regular quote mark. Fixed.
- SFTP GUI and sftpc: fixed two cases of SSH_FX_NO_SUCH_PATH being incorrectly treated as an error.
- Disconnect descriptions are now correctly handled as UTF-8.
Changes in Tunnelier 4.21: [ 29 October 2006 ]
- WinSSHD and Tunnelier would trim trailing spaces in the other side's SSH version string. This would cause key exchange failure when the other SSH implementation sent a version string with trailing spaces. Fixed.
Changes in Tunnelier 4.20: [ 12 October 2006 ]
- Tunnelier now shows a different notification area icon when disconnected to clearly indicate whether the SSH session is online or offline.
- Tunnelier now supports new command-line parameters: -c2s, -s2c, -c2sAccept, -s2cAccept, -autoLogout, -openTerm, -openSFTP, -openRDP.
- The 'get' and 'put' commands in sftpc now support an -f parameter to indicate that the transfer target is a file, not a directory. There are servers that violate the SFTP specification by allowing a file to be opened as a directory.
Changes in Tunnelier 4.19: [ 29 August 2006 ]
- The SOCKS/HTTP-CONNECT proxy forwarding component in Tunnelier could cause periods of 100% CPU usage if the proxy client terminated the connection at exactly the time it was successfully established and the server subsequently took time to close the channel.
Changes in Tunnelier 4.18: [ 24 August 2006 ]
- An SSH session could hang while consuming 100% CPU when a port forwarding tunnel was closing. Believed fixed.
- An SSH session could hang indefinitely waiting for a graceful shutdown of the SSH TCP connection. Fixed.
- Fixed synchronization issue in sessions with larger numbers of concurrently opened channels (for example, a session with many concurrent port forwardings).
Changes in Tunnelier 4.16: [ 04 July 2006 ]
- Incorporates updated WinSSHD Settings with the extra nulls issue fixed (see changes for WinSSHD 4.16).
- The SSH implementation would sometimes prematurely let through higher-layer packets sent by some SSH implementations which do not mind their output during key re-exchange. This could result in the session terminating due to conflicting transport state.
- Improved SSH packet tracing.
- Fixed socket closing issues where deinitialization functions could be attempted on a socket after it had already been closed.
Changes in Tunnelier 4.15a: [ 08 May 2006 ]
- WinSSHD Settings could freeze on some machines in some circumstances when a new window was opened. Fixed.
Changes in Tunnelier 4.15: [ 27 April 2006 ]
- Under heavy port forwarding stress, the Tunnelier session thread could block in a tight CPU-consuming loop, requiring Tunnelier to be restarted. Believed fixed.
- sexec now supports classic scriptable usage: 'sexec user@host command parameters' now works alongside 'sexec user@host -cmd='command parameters''.
- The Tunnelier system tray icon now doesn't change on info messages and flashes on error only.
- Improved command line clients' input/output redirection support. Previously, all character devices were treated as console, but now output and input can be successfully redirected to NUL and other character devices.
Changes in Tunnelier 4.14: [ 29 March 2006 ]
- Tunnelier now supports server-side (server-configured) port forwarding. Support for server-side port forwarding can be enabled separately for the client-to-server and server-to-client directions. At the time of this release, WinSSHD is the only SSH server that supports server-side forwarding.
Changes in Tunnelier 4.13: [ 17 March 2006 ]
- Tunnelier now shows host:port as well as the profile name in titles of GUI windows when using a file-based profile.
- Fixed: sftpc would fail on Windows 9x when launched with the -cmdFile parameter due to use of an NT file access flag unrecognized on Windows 9x.
- The VT100/xterm terminal client subsystem will now send a single Esc character instead of two when the Esc key is pressed. This should now be more in line with how the Esc key behaves when logged on locally to a Unix system.
Changes in Tunnelier 4.12a: [ 31 January 2006 ]
- sftpc: fixed local directory detection bug which caused 'put' command not to work properly in version 4.12.
Changes in Tunnelier 4.12: [ 15 January 2006 ]
- Improvements in the command-line SFTP client (sftpc):
- The rename and lrename commands now support wildcards.
- Fixed: uploading a file without specifying a target filename would fail when the client didn't have permission on the server to stat the current directory.
- Improvements in terminal console support:
- If a window size larger than the screen was saved for a bvterm, xterm or VT-100 window, it would not be possible to open that type of terminal console to that SSH server and port. The terminal clients now verify that the saved window size is in bounds.
Changes in Tunnelier 4.11: [ 12 December 2005 ]
- The Tunnelier graphical SFTP client now automatically resumes transfers when reconnected.
- The host's Service Principal Name (SPN) can now be configured (for use with Kerberos authentication).
- Improved user authentication friendliness in command-line clients sftpc (SFTP file transfer), stermc (remote terminal console) and sexec (remote program execution).
- User authentication keypair comments are now shown when a keypair is being selected (shown in tool-tip).
- The user authentication banner can now be configured not to open automatically. If received from the server, the banner can now also be opened manually after user authentication.
- All Tunnelier clients (graphical and command-line) now support tracing (-traceLevel and -traceFile parameters).
- Tunnelier would fail on Windows NT4 running on Intel processors with SSE2 capability. Windows NT4 does not support this capability, and Tunnelier was checking only for the processor feature and not also for operating system support. Fixed.
- Fixed 'WaisObjectContainer' problem that occurred to some users when connecting to the SSH server by DNS name.
- Fixed loss of keyboard focus on Login button after exiting authentication dialog in Tunnelier GUI.
- Robustness improvements so that Tunnelier will run even if it can't read nor fix essential registry entries (previously sometimes caused Tunnelier to not run due to 'Registry I/O error').
Changes in Tunnelier 4.10: [ 24 November 2005 ]
- Added 'stermc', a command-line bvterm/VT-100/xterm terminal client.
- Added 'sexec', a scriptable command-line remote execution client (provides similar functionality as plink of PuTTY).
- The uninstaller interface can now be automated from the command line. When upgrading, the installer will now smoothly uninstall the previous version without additional clicks.
- Halved the size of the distributable due to a better compression scheme and size optimizations in the installer.
- GSSAPI is now availabe even if the username entered is not fully qualified. GSSAPI now sends the user authentication request with an empty username only if none is supplied.
- Implemented support for more than 1024-bit DSA keys, primarily to allow such keys to be imported from OpenSSH. However, note that there is an implementation detail in OpenSSH that voids any security benefit from DSA keys larger than 1024 bits. Tunnelier-generated DSA keys do not have this problem, but this means that Tunnelier-generated DSA keys larger than 1024 bits cannot be used with current versions of OpenSSH.
- Command-line arguments now accept '/' in addition to '-' as the switch character and are case insensitive.
- The FTP-to-SFTP bridge now supports the poorly documented but widely used extension to the MDTM command to allow setting the file modification time on upload.
- GUI window titles now contain the name of the profile instead of the target server when connected if a non-default profile is used.
Changes in Tunnelier 4.06a: [ 02 October 2005 ]
- Tunnelier now includes the 'log' utility - for use with sftpc, the command-line SFTP client, for easier auditing.
- End-User License Agreement overhauled.
Changes in Tunnelier 4.06: [ 20 September 2005 ]
- Keyboard-interactive authentication now works. Previously it was listed among supported authentication methods, but failed while decoding server's first keyboard-interactive info request.
Changes in Tunnelier 4.05a: [ 18 September 2005 ]
- Fixed the -pp parameter in sftpc, now works.
Changes in Tunnelier 4.05: [ 13 September 2005 ]
- Fixed a resource leak which could have manifested itself when Tunnelier was kept running over long periods of time.
- sftpc: added local rename (lren/lrename) and local remove (lrm/ldel) commands.
Changes in Tunnelier 4.04a: [ 10 August 2005 ]
- Fixed sockets-not-closing problem introduced in 4.04 which would, on many machines, cause subsequent attempts to forward the same port as previously to fail, as well as consume resources over the course of a session with a high rate of creation of new tunneled connections or terminal shells.
Changes in Tunnelier 4.04: [ 06 August 2005 ]
- Added support for the Proxifier Winsock 2 LSP. Tunnelier's outgoing connections can now be forwarded with Proxifier.
Changes in Tunnelier 4.03: [ 05 August 2005 ]
- Fixed issues in SOCKS/HTTP CONNECT dynamic port forwarding that were introduced in version 4.
- Tunnelier's SFTP is now compatible with the latest versions of Van Dyke VShell which use SFTP version 4. Fixed SFTP v4 attribute encoding/decoding and text mode resume handling.
- In sftpc (the command-line SFTP client), when a source directory is transferred, a target directory will now be created instead of transferring just the contained files.
- Fixed pasting of passwords in the Windows NT/2000/XP/2003 build of WinSSHD Settings.
- Fixed Tunnelier's proxy password bug that caused connect attempts to fail with an 'Integrity check failed' error.
- Fixed Tunnelier SFTP listing failure occuring when file modification time was outside 1970-2038 year range.
- Fixed the setting of WinSSHD password cache entries in WinSSHD Remote Control Panel.
- Fixed child process execution paths to ensure that the correct child process is always run.
Changes in Tunnelier 4.02: [ 11 July 2005 ]
- Added the Microsoft Firewall LSP to the list of supported Windows Sockets 2 Layered Service Providers. Tunnelier will now connect on machines relying on this LSP for cross-firewall connectivity.
- The menu shown when clicking on the notification area (system tray) icon would not disappear except by clicking on a choice in it. Fixed.
Changes in Tunnelier 4.01: [ 30 June 2005 ]
- New features:
- Now supports GSSAPI/SSPI key exchange and host authentication with Kerberos 5.
- Now supports GSSAPI/SSPI user authentication with NTLM and Kerberos 5.
- Now supports 'keyboard-interactive' user authentication. This eases interoperability with OpenSSH, which in some installations incorrectly uses 'keyboard-interactive' instead of 'password'.
- The SFTP window now displays transfer progress on Download, Upload as well as Browse pages.
- The VT100/xterm emulation is improved and now supports a backscroll buffer. A screen buffer size larger than the window can be configured through console window properties. The VT100/xterm emulation should now also work with 'screen'.
- The C2S and S2C tunneling tabs now accept adding a comment for each configured port forwarding rule.
- Running Tunnelier with the -noRegistry parameter now prevents it from making any changes to the Windows registry. This allows Tunnelier to be run from removable media without leaving any traces. User authentication keypairs and recognized host keys can be loaded from a file instead of registry using the -keypairFile and -hostKeyFile options. (Run 'tunnelier -?' for more help)
- Availability and visibility of Tunnelier's GUI features is now customizable to a much higher granularity with the -hide parameter.
- Improvements in graphical SFTP:
- Improvements in the user friendliness of button behavior and placement in SFTP.
- The Download and Upload pages can now auto scroll to follow the current transfer.
- A transfer conflict dialog now pops up providing choices instead of silently logging an error.
- SSH improvements:
- Now uses explicitly the Microsoft Windows Sockets 2 Layered Service Provider (LSP) to avoid compatibility issues with poorly written third-party LSPs. This seems to solve reported compatibility issues with NOD32, PGP version 9 and other software that installs a badly written LSP.
- Improved socket EOF handling in some cases.
- Implemented graceful handling of data received after EOF, for compatibility with old ssh.com and OpenSSH servers.
- To avoid a disconnect, active keep-alives are now not sent during user authentication - passive keep-alives are sent instead.
- Fixed data packet sending to respect the maximum size that the remote party specifies.
- Other improvements:
- Added keyboard shortcuts for improved navigation without a mouse.
- Tunnelier now prompts before disconnecting an active session and also to save profile changes.
- Fixed bvterm behavior when window width is less than 80.