Bitvise SSH Server Version History
For issues that might arise using the latest SSH Server versions, see Known issues.
Changes in Bitvise SSH Server 9.41: [ 20 November 2024 ]
Version information:
This is not a new feature release, but a successor to 9.39 with continued maintenance updates.
We skip versions containing zeros to avoid ambiguity. For example, 9.04 and 9.40 might both be called "9.4".
Installation:
Windows Server 2025 ships with Windows Terminal 1.18. This contains an issue where, if a console application enlarges the screen buffer height, Windows Terminal later crashes due to division by zero.
In previous Bitvise software versions, the installer would enlarge the screen buffer height if it is small. If the installer is run with Windows Terminal as the console application, and Windows Terminal has not yet updated to a more recent version, this would cause a later installation step to fail with error code 0xC0000142. The issue does not occur if Windows Terminal has already updated.
To improve compatibility with Windows Terminal, Bitvise installers no longer increase the screen buffer height if the console reports it as equal to the window height.
Authentication:
In previous versions, if the SSH authentication methods password and password over keyboard-interactive were both disabled, either globally or for the current connection due to Client version rules, the SSH Server would ignore the Password authentication setting which applies to the account, even if the setting was set to Required. The user would be able to log in without password authentication if another permitted authentication method succeeds. This could be unintuitive and less secure than the administrator intended.
The SSH Server now ignores the Password authentication setting only if both password authentication methods are disabled globally, in Advanced settings > Access control. If password authentication is disabled for the current connection only due to Client version rules, but the Password authentication setting which applies to the user is set to Required, the SSH Server will now prevent the user from logging in.
File transfer:
The SSH Server now sends the vendor-id extension to SFTP clients in its SSH_FXP_VERSION. This contains the same information as the SSH version string. If the setting Omit server version is enabled in Advanced settings > Connections, the version number is not sent.
Since version 9.34, the SSH Server opens files which are being uploaded to non-local storage (e.g. uploads to file shares) using unbuffered I/O. This can noticeably improve upload performance. We received a report where the filesystem does not update the file size when closing such files, leaving extra 0 bytes after where the file should end. The SSH Server now calls FlushFileBuffers to try to ensure the correct file size.
Automatic updates:
In previous versions, if the administrator tried to update to a new version which requires a new activation code, the SSH Server Control Panel would warn, but allow the administrator to update anyway. If the administrator updated, the new SSH Server version would enter evaluation mode. This resulted in loss of function if no new activation code was applied within the 30-day evaluation period.
To avoid this, the SSH Server Control Panel no longer allows ignoring an activation code issue when updating. This applies only for updates from 9.41+ to future versions. The behavior in previous versions can only be changed by updating them.
In all cases, the administrator can still update manually, by downloading and running the latest version installer.
If an existing activation code is applied, but it is not valid for the currently installed SSH Server version, the About tab in the SSH Server Control Panel now provides a way to view the outdated licensing information.
Changes in Bitvise SSH Server 9.39: [ 2 August 2024 ]
File transfer:
If a user was configured with a virtual filesystem layout with more than one mount point, then if permitted by Windows filesystem permissions, the SSH Server would allow the user to rename the mount path of one of the mount points, moving that entire mount point inside another mount point. The SSH Server no longer allows this, even if permitted by Windows filesystem permissions.
This issue can have a security impact. For more information, see security notification.
When renaming a file or directory on a mount point backed by another SFTP server, the SSH Server would translate a standard SSH rename request into a POSIX rename request, which many servers cannot process. Fixed.
General:
In a niche situation where the SSH Server cannot initialize the Windows logon session with the user's environment block, the first connection which creates the Windows logon session would still succeed; it falls back to the system environment block. However, if Windows session sharing is enabled, subsequent connections attempting to reuse the Windows logon session would fail, instead of continuing to fall back to the system environment block. Fixed.
Security Clarification: [ July 2024 ]
We are receiving inquiries whether our software is affected by the recent regreSSHion issue described in CVE-2024-6387.
Bitvise software is not based on OpenSSH and is not affected by this issue.
Changes in Bitvise SSH Server 9.38: [ 6 June 2024 ]
SFTP:
If the SFTP server does not send an exit code, the OpenSSH SFTP client returns exit code -1 instead of 0. This has become noticeable in newer OpenSSH versions, where scp now uses SFTP by default, and the change in exit code breaks scripts.
To accommodate this client behavior, the SSH Server now sends an exit code for the SFTP subsystem.
Changes in Bitvise SSH Server 9.37: [ 4 May 2024 ]
Control Panel and Settings:
If the Windows setting Roll the mouse wheel to scroll was set to One screen at a time, the SSH Server Control Panel would exit abruptly when attempting to scroll. Full page mouse wheel scrolling is now supported.
On Windows XP and Windows Server 2003, the Custom events interface in Advanced settings and the list on the Statistics tab did not display text for searchable columns. Fixed.
When the SSH Server Control Panel was opened displaying the Server tab, it would cause Windows to log repeated audit events about enumerating group membership for the SSH Server's BvSsh_VirtualUsers account. Fixed.
Logging:
Connection disconnect log events now include information about connection duration, so it does not need to be calculated by finding the matching connection accept event.
SFTP:
Version 9.34 introduced an inconsistency in how the SSH Server responds to SSH_FXP_READ requests which attempt to read past end-of-file. When processing a single such request, the SSH Server would send SSH_FXP_STATUS with SSH_FX_EOF; but when responding to consolidated requests, the SSH Server could send SSH_FXP_DATA with empty data. When using SFTP v6, the end-of-file flag would also be set, but this flag is not present in SFTP v3 and v4. This broke file transfers using some clients, specifically the Perl mesh client (based on Net::SFTP).
The SSH Server again consistently responds to past-end-of-file SSH_FXP_READ requests by sending SSH_FXP_STATUS with SSH_FX_EOF.
Security Clarification: [ April 2024 ]
We are receiving inquiries about whether our software is affected by the recent PuTTY ECDSA/nistp521 private key compromise due to signature nonce generation described in CVE-2024-31497.
Bitvise software implements ECDSA/nistp521 using Windows cryptography on all recent versions of Windows, or using Crypto++ on Windows XP and Windows Server 2003. These are different cryptographic implementations than PuTTY and are not known to be affected by this issue.
Security Clarification: [ April 2024 ]
We are receiving inquiries about whether our software is affected by the recent XZ Utils backdoor described in CVE-2024-3094.
Bitvise software does not use XZ Utils and is not affected by this issue.
Changes in Bitvise SSH Server 9.36: [ 17 April 2024 ]
SFTP:
Version 9.34 added logic to ensure SFTP responses are sent in the same order requests are received. Due to an oversight, the SSH Server's file transfer subsystem would hang, most readily if a client sent consecutive SFTP requests with the same request ID. This was observed with WS_FTP (version 12.9) and also with phpseclib. Fixed.
The SSH Server now implements the SFTP extended request fsync@openssh.com for files opened with unbuffered I/O.
Changes in Bitvise SSH Server 9.35: [ 12 April 2024 ]
File transfer:
As a result of changes in 9.34, file transfers would fail on some systems. Fixed.
Changes in Bitvise SSH Server 9.34: [ 11 April 2024 ]
Control Panel and Settings:
When sending a test email, the email queue window now opens automatically instead of requiring the administrator to find it.
If the administrator edited the Comment field for a client public key or server host key immediately after importing the key, the SSH Server Control Panel would crash. Fixed.
Setting focus on any input field would cause the Unsaved settings banner to appear, even if the setting was not modified. Fixed.
To avoid login errors and delays that can be challenging to diagnose, newly created Windows group settings entries now disable the setting Map remembered shares by default. The setting can still be enabled in Advanced settings, both in account and group settings entries.
SSH:
A client which identifies itself as SSH OpenVMS V5.5 VMS_sftp_version 3 sends an SSH_MSG_IGNORE message at the start of the SSH connection. This behavior is indistinguishable from the packet sequence manipulation technique used in the Terrapin attack. This makes this client incompatible with Terrapin attack mitigations introduced in SSH Server version 9.32.
The SSH Server now implements relaxed checking to accommodate this type of client. Clients which do not support strict key exchange are allowed to send SSH_MSG_IGNORE during the first key exchange, as long as the connection does not negotiate an encryption or data integrity algorithm which is vulnerable to Terrapin.
FTPS:
The FTPS protocol does not allow for broken session detection. If the administrator did not configure the Connection timeout setting in Advanced settings, under Connections, FTPS connections could disconnect silently in a way not detectable by the SSH Server, until they were disconnected manually by the administrator.
The SSH Server now implements an FTP connection timeout which is set to at most 45 minutes, or shorter if the SSH connection timeout setting is stricter. The next feature release which changes the configuration format will add a setting to configure the FTP connection timeout separately.
File transfer:
For mount points backed by the Windows file system, the SSH Server now implements optimizations which may improve performance for clients that send small SFTP read/write requests, in particular for uploads to non-local storage (Windows file shares):
When uploading files which are detected to reside on non-local storage (Windows file shares), the SSH Server now opens the files for unbuffered I/O (the Windows flag FILE_FLAG_NO_BUFFERING). This has been observed to improve performance for some types of network shares.
A client may now use the extended SFTP attribute no-buffering@bitvise.com to express a preference whether the server should use unbuffered I/O.
When the client pipelines non-overlapping read/write requests, mount points which use the Windows file system now process these I/O requests asynchronously. Responses are still sent in the order requests were received.
When the client pipelines non-overlapping read/write requests, the SSH Server is now able to merge I/O for two or more consecutive read/write requests. The client still receives separate responses.
A client may now use the extended SFTP attribute intended-size@bitvise.com to indicate the size of an intended upload. This can help detect and diagnose incomplete transfers.
Changes in Bitvise SSH Server 9.32: [ 20 December 2023 ]
Version information:
This version continues the upgrade access amnesty introduced in version 9.25, so it can be used with any license that is valid for a previous SSH Server 9.xx version. The minimum upgrade access expiry date to activate this version is January 1, 2022.
You can download this version here. (Alternative)
Compatibility:
The Terrapin mitigation implemented in SSH Server 9.32 is compatible with most software, but is incompatible with a specific client which identifies itself as SSH OpenVMS V5.5 VMS_sftp_version 3. This client software sends an SSH_MSG_IGNORE message at the start of the SSH connection. This is indistinguishable from the packet sequence manipulation technique used in the Terrapin attack. If your SSH Server must handle connections from this software, SSH Server version 9.34 implements relaxed checking to accommodate this client.
Security:
Terrapin - CVE-2023-48795: Researchers have identified an issue where all SSH connections which use the encryption algorithm ChaCha20-Poly1305, or any integrity algorithm of type encrypt-then-MAC, are vulnerable to packet sequence manipulation by an active attacker, if the attacker can intercept the network path. This can be used to sabotage SSH extension negotiation. This affects extensions with security impact, such as server-sig-algs.
Since the attacker can only remove packets sent before user authentication, this does not seem to fatally break the security of the SSH connection. However, it is a cryptographic weakness to address.
Bitvise software versions 9.32 and newer support strict key exchange. This is a new SSH protocol feature which mitigates this attack. The SSH client and server must both implement strict key exchange for mitigation to be effective. Other SSH software authors are also releasing new versions to support this.
If you must interoperate with SSH software which does not support strict key exchange, consider disabling the encryption algorithm ChaCha20-Poly1305, as well as integrity algorithms of type encrypt-then-MAC. These are the newer data integrity protection algorithms whose names contain -etm.
Bitvise software versions 8.xx and older are not substantially affected because they do not implement algorithms where this issue is practically exploitable. Nevertheless, we suggest updating all SSH software to new versions that support strict key exchange.
The encryption algorithms aes256-gcm and aes128-gcm are substantially immune from this attack. Users who are committed to older SSH software versions should consider using AES GCM. If this is not possible, the data integrity protection algorithms which are not named -etm are not entirely immune, but are also not believed to be practically exploitable. For compatibility with SSH software which does not support strict key exchange or AES GCM, an algorithm combination such as AES CTR with non-ETM data integrity protection may continue to be acceptable.
General:
If the SSH Server was configured to accept FTPS connections, but no certificate was employed; or if the employed certificate was not usable because it expired; the SSH Server would stop running and refuse to start, even for SSH connections, until the administrator fixed the certificate issue.
The SSH Server will now start, and continue running, as long as the configuration allows connections to be handled on at least one SSH or FTPS binding.
SSH:
When a user authentication banner is entered directly in SSH Server settings, the SSH Server will no longer strip leading and trailing whitespace. If the banner does not end with a newline, the SSH Server will now append it. This avoids OpenSSH displaying the last line incorrectly.
Email notifications:
Further improved error messages when SMTP sending fails.
Settings:
When a list of address accept rules was imported from CSV using the options Import blocked IPs or Import permitted IPs, IP address ranges were imported incorrectly. Fixed.
File transfer:
When using a mount point of type Another SFTP server, the other SFTP server may support SFTP protocol version 5 or higher, but not SFTP v5+ file locking. In this case, the SSH Server now strips file open block flags sent by the client if the block flags include SSH_FXF_BLOCK_ADVISORY.
As in previous versions, it is possible to always strip block flags by configuring mount point settings:
File sharing behavior: Force File sharing for uploads: Read, Write, Delete File sharing for downloads: Read, Write, Delete
When using a mount point of type Another SFTP server, and the other server uses SFTP v3, the SSH Server now lets an SFTP v4+ client set a file modification time without having to also include the last access time.
The SSH Server now logs most SFTP flags and bits as human-readable strings instead of hexadecimal values.
FTPS:
The SSH Server would replace non-US-ASCII bytes with "." when sending reply lines on the FTP control connection. To improve compatibility with clients, the SSH Server now preserves UTF-8 (which may appear in directory names) in FTP control connection replies.
Changes in Bitvise SSH Server 9.31: [ 24 September 2023 ]
Version information:
This is not a new feature release, but a successor to 9.29 with continued maintenance updates.
We skip versions containing zeros to avoid misunderstandings. For example, 9.03 and 9.30 might both be called "9.3".
Settings:
If you last saved settings using SSH Server version 6.31 or older; and then updated to, or imported such settings into, an SSH Server version from 9.12 to 9.29; then these SSH Server 9.xx versions would upgrade terminal shell settings incorrectly. Other settings would be preserved, but terminal shell settings for accounts and groups would be reset to default 6.xx values.
Version 9.31 again correctly imports terminal shell settings last saved by versions 6.31 and older.
If you never used SSH Server version 6.31 or older, you are not affected by this issue.
If you used SSH Server version 6.31 or older; then updated to any version from 6.41 to 8.49; you are not affected by this issue.
You are affected by this issue if you previously used SSH Server version 6.31 or older, so that your settings were last saved by this version; then updated to, or imported settings into, any version from 9.12 to 9.29. In this case:
- Shell access type for Windows groups would be reset to Command Prompt.
- Shell access type for virtual groups would be reset to No shell access.
- Shell access type for Windows and virtual accounts would be reset to Use group default.
This is a security issue if you have Windows accounts which should not have terminal shell access. It is a functional issue if you have accounts which should have shell access, but this issue caused the terminal shell settings to be changed or disabled.
If you are affected by this issue, you should either:
Use Advanced settings to manually review your Windows group, Windows account, virtual group, and virtual account settings, and ensure that terminal shell access is configured as you intend, for all accounts and groups.
Alternately, you can update to SSH Server version 9.31 or later, and import or restore settings from a previous automatic or manually-saved backup where the terminal shell settings were correct.
Names and strings containing the & character were not properly displayed in lists. Fixed.
Improved display of list entry numbers when editing list settings entries.
The setting Undefined group mount points has been renamed to Excluded group mount points.
Tasks and actions:
When a configured task cannot be run because a Windows logon session could not be obtained, this is now more properly logged as a warning instead of an information event.
Execute command tasks which capture command output now more properly use the OEM code page instead of the ANSI code page. The OEM code page is generally used by Windows command-line programs.
Windows file shares:
For new installations, the default setting for Max total share wait time has been reduced from 20 seconds to 11 seconds. This reduces issues with common client software which times out if the server does not respond to a login attempt within 15 seconds.
File transfer:
If the administrator does not define any mount points for a user, the log message I_CHANNEL_SESSION_SFTP_REJECTED now contains more useful help.
IP blocking:
When using automatic permanent IP blocking, the automatically added Client IP address rule would be incorrectly added after other entries, including after any geographic IP rules. This could make the permanent block ineffective. Automatically added rules are now inserted more correctly at the start.
Changes in Bitvise SSH Server 9.29: [ 23 July 2023 ]
Version information:
This version continues the upgrade access amnesty introduced in version 9.25, so it can be used with any license that is valid for a previous SSH Server 9.xx version. The minimum upgrade access expiry date to activate this version is January 1, 2022.
You can download this version here. (Alternative)
Control Panel and Settings:
In previous SSH Server 9.xx versions, newly created settings would configure the Open Windows Firewall setting to an unintended initial value. When the Windows Firewall service is enabled, the initial value is meant to be Open port(s) to local network (subnet scope, non-Public profiles only). Instead, the initial value was always set to Do not change Windows Firewall settings. Fixed.
Improved default clock leniency for time-based one-time password authentication. For newly created settings, and for newly created group settings entries in existing settings, the default value of Maximum forward time-steps is increased from 0 to 1, and the default value of Maximum backward time-steps is increased from 1 to 2. This does not affect the values in existing settings.
Changes in Bitvise SSH Server 9.28: [ 1 July 2023 ]
General:
The SSH Server would stop if the Stats subdirectory did not yet exist and could not be created. The SSH Server will no longer stop in this circumstance.
SSH:
When the no-flow-control extension is enabled, the SSH connection permits only one SSH channel at a time. In this circumstance, the SSH Server would refuse to open a subsequent SSH channel for a short time after the previous channel was closed. This prevented a client from opening a new channel immediately after closing the previous one. Fixed.
Scriptable settings:
When using BssCfg to generate a new host keypair, the -kpSize parameter did not take effect. Fixed.
When dumping settings in textual format, disabled settings could previously be included. Fixed.
In previous 9.xx versions, settings that accept strings could not be set to an empty string using PowerShell. Fixed.
File transfer:
If the feature to Move completed uploads did not succeed on the first attempt because the file already existed, environment variables were not expanded on subsequent attempts. Fixed.
Email notifications:
Improved diagnostic information when sending a test message.
Changes in Bitvise SSH Server 9.27: [ 14 February 2023 ]
General:
Previous SSH Server 9.xx versions would incorrectly and unnecessarily allocate some thread-local storage indices for each connection, instead of at startup. This would effectively prevent the SSH Server from handling more than about 500 concurrent connections. Fixed.
Cryptography:
OpenSSL version updated to 1.1.1t. Bitvise software primarily uses Windows CNG for cryptography. We use OpenSSL for specific cryptographic algorithms not supported by Windows. Currently, these are chacha20-poly1305 and on older Windows versions, the elliptic curve secp256k1. Our software does not use OpenSSL features affected by recent OpenSSL security advisories.
Tasks and email notifications:
If more than one task was triggered by the same event, tasks could be removed from the execution queue which should not be removed, and the task that should have been removed would stay in the queue. Fixed.
The SSH Server would log an error when sending an email notification to multiple addresses that were duplicates of each other. Fixed.
File transfer:
When previous 9.xx versions upgraded settings from versions before 9.xx, the virtual filesystem mount point setting File sharing behavior was upgraded incorrectly. The correct behavior is to map the old Default value to Free, and the old Force value to Force. Instead, upgrading to 9.xx would change the old Default value to Force, and the old Force value to Use global defaults.
This does not affect most users in a significant way since Free and Force behave the same for most clients. However, for users who previously changed mount point settings to force a specific file sharing mode, this oversight reset their custom file sharing settings to the new global defaults.
This version fixes the issue for users who newly upgrade from a version before 9.xx. Users who already upgraded to a previous 9.xx version, and used the Force setting before upgrading, should check the new global file sharing settings in Advanced settings > File transfer to ensure these settings meet their requirements.
Control Panel and Settings:
When using the Log folder viewer to select and delete all log files, the SSH Server Control Panel would crash. Fixed.
Improved validation behavior for a number of field types in settings.
Changes in Bitvise SSH Server 9.26: [ 16 January 2023 ]
EULA:
We updated our EULAs to formalize our existing practices regarding the nature and behavior of our software (it is a product, not a service; the data it handles is not sent to Bitvise; risk tradeoffs with updates) and the way we provide support (via email and our case management system, in written form).
Installation:
In previous versions, an automatic update would fail if the installer encounters an unexpected minor error. The SSH Server installation could be left inoperable, requiring the administrator to perform the update manually, if the installer e.g. could not create a shortcut.
The SSH Server installer now treats specific conditions as warnings and continues if those non-critical conditions occur during an automatic update. Currently, these conditions include exit codes 105 (could not create shortcut) and 115 (could not configure authentication package). These now result in a warning exit code.
Cryptography:
OpenSSL version updated to 1.1.1s. Bitvise software primarily uses Windows CNG for cryptography. We use OpenSSL for specific cryptographic algorithms not supported by Windows. Currently, these are chacha20-poly1305 and on older Windows versions, the elliptic curve secp256k1.
General:
The SSH Server now runs auto-execute commands, such as the On-upload command, without creating a console window for each command. This dramatically increases the number of auto-execute commands that can run simultaneously. In previous versions, auto-execute commands would fail to start if approximately 100 were already running in the same Windows logon session.
If the SSH Server defines the environment variable USERPRINCIPALNAME, it now also adds environment variables USERPN_USERPART and USERPN_DOMAINPART. These contain the separate user and domain parts of USERPRINCIPALNAME.
File transfer:
The SSH Server's file transfer subsystem would exit with an exception, aborting the file transfer session, if the client tries to set a negative file time. If the SSH Server receives such file times, it will now continue the file transfer session, but will treat negative file times as invalid.
Changes in Bitvise SSH Server 9.25: [ 30 October 2022 ]
Security:
SSH Server versions 9.16 - 9.24 contain a flaw where, if settings are imported or upgraded from SSH Server versions 7.xx or 8.xx, some mount point types are not imported correctly. The incorrect import causes those mount points to grant unlimited filesystem access.
The usual way to configure a mount point in SSH Server 7.xx/8.xx versions is to use the provider type FlowSfsWin. This is the default setting. Those mount points are upgraded correctly.
However, it is possible to set mount point Provider type to Custom and configure Provider DLL to "FlowSfsWin". Users could configure this manually, or such a configuration could result after settings were imported from even older SSH Server versions, such as 6.xx.
When SSH Server versions 9.16 - 9.24 import mount points of type Custom:FlowSfsWin from SSH Server versions 7.xx/8.xx, the setting Real root path is incorrectly ignored. This causes those mount points to grant unlimited filesystem access, where the mount point should be limited to a root directory.
This version addresses this issue as follows:
Mount points with Provider type set to Custom now preserve the configured root path when upgraded or imported from SSH Server 7.xx/8.xx settings.
If settings were upgraded and saved by SSH Server versions 9.16 - 9.24, it is not possible to know if mount points of type Custom:FlowSfsWin that have an empty Custom root path were configured with unlimited access on purpose, or were upgraded incorrectly. Therefore, mount points of type Custom:FlowSfsWin with an empty Custom root path will now fail to initialize.
We provide a PowerShell script which you can run to identify mount points which require administrator attention.
The script searches group and account settings entries in SSH Server settings. It displays mount points of type Custom:FlowSfsWin that have an empty Custom root path. If such mount points are found, then if you want the mount point to grant unlimited access, change Mount type to Unlimited access. Otherwise, change Mount type to Specific directory and configure a Real root path.
This script can be run with any SSH Server 9.16+ version. It does not require updating to 9.25. If affected mount points are found, you can fix them without updating. This will address the issue, unless you import settings containing such mount points from 7.xx/8.xx versions again. Updating to 9.25 or newer will ensure any future import works correctly.
Control Panel and Settings:
The Statistics tab now shows filtered text with a highlight.
Changes in Bitvise SSH Server 9.24: [ 9 October 2022 ]
General:
Previous SSH Server 9.xx versions did not run on older Windows versions, such as Windows Server 2008 R2, unless KB 2533623 was installed. This version implements a workaround for this dependency, so that KB 2533623 is again not required.
Email:
The maximum length of the local part of an email address is now raised from 64 bytes to 128.
BvShell:
Improved inconsistent Tab auto-complete behavior.
The cd command now displays a warning when more than one parameter is passed. (In most shells, supplying more than one parameter to cd is invalid.)
Master/follower synchronization:
Fixed multiple issues associated with activation code synchronization.
The user interface in the follower now displays more clearly when the activation code could not be synchronized because master settings do not permit it.
Control Panel and Settings:
Settings entries, such as virtual groups and connect profiles, whose names are referenced by other settings entries, can now be renamed, so that references are automatically updated.
When editing an account settings entry in Easy settings, mount point settings (including permissions) would be reset on mount points, even if the mount points were not changed. Fixed.
Mount point permissions can now be configured in Easy settings.
CSV import for settings entries that contain nested lists would incorrectly fail to clear these lists when importing. Most significantly, importing a Windows account from CSV would fail to clear or overwrite a default "/" mount point inherited from the Everyone Windows group in Advanced settings. Fixed.
When starting a CSV import on a list that already contains entries, the interface now asks whether to clear existing entries before importing.
The Custom events interface can now display events filtered by name or description.
In SSH Server settings, a single press of the Alt key would block Alt+Tab and the Windows Key from working until the user switched windows using the mouse. Fixed.
Additional improvements to the behavior of the pop-up menu for the SSH Server Control Panel icon in the system notification area.
Changes in Bitvise SSH Server 9.23: [ 5 June 2022 ]
Authentication:
On installations where all of the following is true:
Windows accounts can log in using password authentication.
Virtual accounts are in use and are backed by the automatically managed Windows account.
An account lockout policy is configured in Windows.
In such configurations, it was possible for a remote attacker to lock out the automatically managed Windows account (usually BvSsh_VirtualUsers) by attempting password authentication against it. This would cause connections from virtual accounts to fail. If the SSH Server's automatic IP blocking is stricter than the Windows account lockout policy, the attacker could connect from multiple IP addresses to successfully lock the account.
The automatically managed Windows account could also get locked out accidentally if its password expired, followed by many simultaneous connections from one or more virtual accounts. For example, this could occur with password expiry followed by 100 login attempts in the same second.
The SSH Server now unlocks the automatically managed Windows account if it is locked out. If the password expires, the SSH Server now also takes steps to prevent a lockout due to other simultaneous logins.
Version 9.19 introduced the issue where passwordless authentication required a Windows restart in order to fully function after updating from a previous SSH Server version. Version 9.21 fixed this for updates from previous 9.xx versions, but this was not effective after updating from versions 8.xx. Fixed.
Updating from versions older than 7.21 still always requires a Windows restart for passwordless authentication to fully function.
Email notifications:
When sending email through an outgoing SMTP server, the SSH Server now supports the SMTP authentication method AUTH LOGIN. This allows compatibility with servers such as smtp.office365.com.
Changes in Bitvise SSH Server 9.22: [ 31 May 2022 ]
In versions 9.19 and 9.21, it was not possible to create directories through virtual filesystem mount points that provide unlimited access. Fixed.
Changes in Bitvise SSH Server 9.21: [ 30 May 2022 ]
Fixed an issue in version 9.19 where passwordless authentication required a Windows restart, or uninstallation and reinstallation followed by restart, in order to work after updating from a previous SSH Server version.
Changes in Bitvise SSH Server 9.19: [ 28 May 2022 ]
Health monitoring:
On some systems, the Windows function GetSystemTimes can return inconsistent values. In this case, previous SSH Server 9.xx versions would stop due to an unexpected condition if the setting Health monitoring > Monitor CPU usage was enabled. Fixed.
In general, the SSH Server will no longer stop if one of the health monitoring features encounters an error, but will instead only log the error.
Control Panel and Settings:
Double-clicking the system tray icon for the SSH Server Control Panel would put the window into the foreground if it was hidden, but not if it was minimized, or behind other applications' windows. Fixed.
In the Custom events interface under Advanced settings > Logging, events are now sorted by default according to name, rather than number. Events can still easily be sorted by any column.
Email notifications:
In previous 9.xx versions, DKIM signing did not work. Fixed.
File transfer:
When the Real root path for a mount point did not exist, and the setting Create root path was disabled, the SSH Server would still create the directory if the client sent a "create directory" request. The SSH Server will no longer create the mount point root path in this circumstance.
For newly created mount points, the default value of the setting File sharing for uploads is now Delete instead of the previous value, Read, Delete. This is to prevent files from being read or copied in an inconsistent state by another application or connection while they are being uploaded.
Logging:
Further improvements to diagnostic logging for SFTP jump server mount points.
When logging the flags attribute for an auto-execute command, the Windows job object setting would be logged incorrectly. Fixed.
Changes in Bitvise SSH Server 9.18: [ 5 May 2022 ]
Installation and update:
Improved reliability of creating temporary directories which could previously cause installation to fail.
Control Panel:
Fixed behavior of the pop-up menu when clicking the notification area icon.
Added support for Ctrl+A and Ctrl+Backspace key combinations in a variety of user interface elements that did not previously support them.
Addressed support for Esc and Tab keys in the Manage certificates dialog.
Fixed issue when deleting log files in the Log folder viewer.
In Easy settings, the Back and Next buttons were incorrectly swapped. Fixed.
Connections:
In previous 9.xx versions, the Connection timeout feature did not work. Fixed.
Tasks:
Configuring an On-logon command for an Execute command task would result in an error when running the task. Fixed.
Improved elevation handling for Windows sessions created for tasks.
SFTP jump server mount points:
Greatly improved diagnostic logging for connection issues when configuring Another SFTP server mount points.
Fixed an issue which would cause the SSH Server to emit an invalid SFTP packet when using Another SFTP server mount points. This would cause repeated connects and disconnects.
Changes in Bitvise SSH Server 9.17: [ 12 March 2022 ]
Installation and update:
Due to a bug in the log utility included with SSH Server version 9.12, using built-in update functionality to update from version 9.12 to versions 9.14 and 9.16 would fail. Now, when updating from version 9.12, the first attempt will still fail, but will replace the log utility so that a second attempt succeeds.
Running the new version installer directly to update manually works for all versions and does not trigger this issue.
When an SSH Server update was started automatically, but uninstallation of the existing version failed, the SSH Server would not automatically restart. When updating to future versions from version 9.17 or higher, if uninstallation fails but rollback succeeds, the main SSH Server service will now be restarted.
Settings:
When pasting from clipboard, password fields would accept ASCII control characters, including newline characters that are included by Excel when copy & pasting a selected cell. Password fields will now filter out control characters when pasting, including the Tab character.
SSH:
Improved detection of misconfigured obfuscation settings.
File transfer:
In previous versions including 8.xx, if an SCP client interrupted a download – such as by disconnecting – the SSH Server's SCP subsystem would still completely read the file and record a complete download in the I_SFS_TRANSFER_FILE event. Interrupted SCP downloads are now correctly logged as incomplete.
Changes in Bitvise SSH Server 9.16: [ 14 February 2022 ]
Upgrade:
A major new feature in SSH Server 9.xx versions is the Windows session cache. This is enabled by default for new installations. When enabled, settings such as the On-logon command have a different effect than in previous SSH Server versions.
To preserve behavior, the Windows session cache is now disabled when upgrading existing settings from versions 8.xx and earlier. This feature can be enabled or disabled in Advanced settings, under Sessions > Windows session sharing.
In versions 8.xx and earlier, it was possible to configure settings in subtly inconsistent ways. For example, it was possible to remove or rename a Connect profile so that the port forwarding settings in a group settings entry referenced a Connect profile which no longer exists.
In previous 9.xx versions, the settings interface would not open after upgrading an installation which had settings configured this way. Fixed.
Control Panel and Settings:
When configuring an encrypted volume in Advanced settings, the setting Full path to data file now won't display an overwrite prompt when selecting an existing file.
Default settings in Tasks and actions now include straightforward examples for email notifications for uploads and downloads. These examples won't appear when updating from previous 9.xx versions unless the task list is reset to apply the new defaults.
The Log folder viewer now once again supports the Enter key to open the selected file.
Connections:
In previous 9.xx versions, the Connection on-logon command was broken and did not work. Fixed.
File transfer:
The Encrypted volume and Other SFTP server filesystem providers can now be configured to limit access to a subdirectory of the encrypted volume or remote SFTP filesystem.
Bitvise SSH Server provides access to filesystems which do not support POSIX permissions. In versions 8.xx and older, the SSH Server would respond to attempts to set POSIX permissions, such as using chmod, by simulating success. In previous 9.xx versions, the SSH Server would respond with failure if a client attempted to set only POSIX permissions, but not any supported attributes. This is a problem for scripts that assume chmod to succeed. The SSH Server will now once again simulate success for such requests.
If the feature Move completed uploads was configured in an account settings entry, as opposed to a group settings entry, the account would not be able to log in. Fixed.
The correct filesystem provider is now logged when an SFTP client attempts to use an invalid handle.
Changes in Bitvise SSH Server 9.14: [ 23 January 2022 ]
Upgrade:
When upgrading from versions before 9.xx, the automatic log archival task is now disabled. This is to avoid interfering with any log maintenance the administrator has already set up.
If settings before 9.xx configured no limit to the number of simultaneous connections, such settings would be upgraded incorrectly to apply a lower limit. Fixed.
FTPS:
If the FTPS protocol is enabled, the SSH Server now supports TLS 1.3 on Windows versions where it is available. Currently, this requires Windows 11 or Windows Server 2022.
Tasks:
Log maintenance and command execution tasks now log an Info-level log event when they start.
Task triggers now support endsWith and contains as operators that work on strings. The contains operator also continues to work on structures, as it did previously.
Control Panel and Settings:
When configuring an encrypted volume in Advanced settings, the setting Full path to data file would have a misleading browse interface which did not allow selecting a filename which does not yet exist. Instead, a full path to a nonexistent file had to be entered manually. The browse interface now supports configuring a file which does not yet exist.
The Log Folder Viewer was not showing file icons in version 9.12. Fixed.
In the Statistics CSV export dialog, suggested filenames could include invalid characters. Fixed.
In account and group lists, reduced the number of columns for improved clarity and performance.
Command-line utilities:
The log utility did not work at all in version 9.12. Fixed.
New features in Bitvise SSH Server 9.12: [ 1 January 2022 ]
Windows session cache: Multiple connections for the same user, either concurrent or consecutive, can now use the same Windows session. This can greatly improve reliability for clients that make frequent connections that access network shares.
Network share control: Settings now provide additional control over how network share connections are established where such connections could time out or occasionally fail.
Encrypted volumes: Clients can now access files which are encrypted at rest by the SSH Server. Concurrent users can access virtual filesystem mount points backed by one or more encrypted volumes. A volume is encrypted with a key configured in SSH Server settings.
SFTP jump server: Users can now access virtual filesystem mount points backed by a remote SFTP server to which the SSH Server connects on the user's behalf.
Tasks: The SSH Server can now run commands periodically, or triggered by configurable conditions based on recorded log events.
Email notifications: The SSH Server can now send email notifications triggered by configurable conditions based on recorded log events.
Log file maintenance: Automatic log file archival or deletion can now be configured as a scheduled task, without resorting to the Windows Task Scheduler.
Cryptography: New cryptographic algorithms include chacha20-poly1305 and encrypt-then-MAC hashing.
Improvements:
BvShell now supports the passwd command. This allows virtual accounts to change their password using a terminal shell that respects the SSH Server's virtual filesystem.
The SSH Server now consumes much less memory when using large settings that contain many accounts.
Known issues
Windows XP: All versions of our software that we recommend using are built using Visual Studio 2015. The C++ run-time library used by this Visual Studio version has a known issue where 1-2 kB of memory are leaked each time a new thread is created. This issue does not occur on later Windows versions; it does not occur e.g. on Windows Server 2003. Microsoft has stated they do not intend to fix this issue. Bitvise's view is that the impacts on our SSH Client and FlowSsh are manageable; whereas our SSH Server is rarely used on Windows XP. We therefore do not plan to work around this; but we warn that this can be a potential denial of service vector on Windows XP.
Older versions
Bitvise SSH Server 8.xx Version History
Bitvise SSH Server 7.xx Version History
Bitvise SSH Server 6.xx Version History