Bitvise SSH Client 9.5x Version History  

For issues that might arise using the latest SSH Client versions, see Known issues.

Changes in Bitvise SSH Client 9.51:     [ 12 December 2025 ]

• Automatic updates:

  • Separate proxy settings can now be configured for automatic updates. This allows checks for updates, and downloads of new version installers, to use a different proxy than the one configured in Windows.

• SSH:

  • Bitvise SSH Server, SSH Client and FlowSsh now support hybrid post-quantum and classical key exchange using the key exchange methods mlkem1024nistp384-sha384 and mlkem768x25519-sha256. These key exchange methods use algorithms outside of Windows cryptography. They are only available when FIPS 140 cryptography mode is not enabled in Windows. The new algorithms require Windows Vista or newer.

  • The SSH Client can now be configured to Require strict key exchange. Strict key exchange is a recent SSH protocol feature supported since Bitvise software versions 9.32. It mitigates the Terrapin vulnerability in SSH implementations prior to December 2023 (CVE-2023-48795). If the SSH connection does not use strict key exchange, the encryption algorithm chacha20-poly1305 is particularly vulnerable.

• Graphical SSH Client:

  • The SSH Client now supports dark mode. This can be enabled using the main SSH Client window > App settings.

  • When selecting a client authentication keypair, the SSH Client now displays a truncated comment. This makes it easier to tell which key is which.

  • App settings (previously, Window behavior) can now be controlled using command-line parameters. This is of particular interest for users who use -noRegistry.

  • Settings for pop-up notifications can now be configured using App settings, in addition to the icon menu in the system notification area.

  • The SSH Client now detects when another SSH Client instance is already connected to the same server, using the same username. This is to help users notice when they have an existing SSH Client instance hidden in the system notification area.

  • When importing a client authentication keypair, the SSH Client now more thoroughly detects duplicates.

• Graphical SFTP:

  • Local and Remote SFTP settings are now configurable in separate dialogs. These settings can now be edited via the SFTP window.

  • Settings are now supported to express a preference whether the server should use unbuffered I/O. The preference is effective when connecting to Bitvise SSH Server 9.34 or newer, if server-side settings permit.

    The sftpc command-line client supports the equivalent -noBuf switch for get and put commands since version 9.34.

  • When the remote directory contains symbolic links, the SSH Client must resolve them to know if an entry is a file or a directory. This requires an SFTP request for each symbolic link. For directories that contain many symbolic links which cannot be resolved, the SSH Client now gives up if it encounters 10 failures without any successes.

  • The feature to Open or Edit remote files uses a temporary local directory. If something removes this directory, the SSH Client now tries to re-create it.

• Terminal window:

  • Font ligatures are now rendered, when using fonts that support them.

• Command-line clients:

  • sftpc no longer reports an error if the server disconnects during the quit or exit command.

  • The sexec and stermc command-line clients now support consecutive execution of multiple commands using -cmdFile=... or using multiple -cmd=... parameters.

  • The sexec command-line client now supports an -inputEOL=... parameter to control how input newlines should be sent to the remote process. Default behavior remains to perform no conversion.

  • The sexec command-line client now supports a -conInMode=... parameter to control how input should be read from the console (when input is not redirected from a pipe or file). Default behavior is now to read individual keystrokes and send them promptly, without local echo.

  • The retry utility now supports -m=0 for infinite retries.

• Port forwarding:

  • Bitvise SSH Client, stnlc and FlowSsh now support port forwarding (connection tunneling) to and from server-side Unix sockets. To use a Unix socket as the forwarding source or destination, enter the socket path (starting with "/") and leave the port empty.

    This requires a server running on Linux or Unix. Only server-side Unix sockets are supported. The client side of the port forwarding must still use TCP/IP.

Known issues

• Windows XP: All versions of our software that we recommend using are built using Visual Studio 2015. The C++ run-time library used by this Visual Studio version has a known issue where 1-2 kB of memory are leaked each time a new thread is created. This issue does not occur on later Windows versions; it does not occur e.g. on Windows Server 2003. Microsoft has stated they do not intend to fix this issue. Bitvise's view is that the impacts on our SSH Client and FlowSsh are manageable; whereas our SSH Server is rarely used on Windows XP. We therefore do not plan to work around this; but we warn that this can be a potential denial of service vector on Windows XP.

Older versions

Bitvise SSH Client 9.1x Version History

Bitvise SSH Client 8.xx Version History

Bitvise SSH Client 7.xx Version History

Bitvise SSH Client 6.xx Version History

Bitvise SSH Client 4.xx Version History

Tunnelier 3.xx Version History

Notifications

Subscribe to be notified of new versions as they are released. It is easy to unsubscribe, and we will not share addresses with third parties.

About SSH

What is SSH?

Screenshots

Security

Try our SSH Server!

Our advanced SSH Server for Windows provides secure remote access, file transfer, and tunneling. Supports public key and two-factor authentication, SCP, SFTP, FTPS. Its advantages include speed, security, reliability, ease of use, configurability, and the best terminal console on Windows. Try it free for up to 30 days!