Bitvise SSH Server

[helium]

Bitvise SSH Server 9.32 [ 20 December 2023 ]

• Version information:
  • This version continues the upgrade access amnesty introduced in version 9.25, so it can be used with any license that is valid for a previous SSH Server 9.xx version. The minimum upgrade access expiry date to activate this version is January 1, 2022.
  • You can
    Zaloguj lub Zarejestruj się aby zobaczyć!
    . (
    Zaloguj lub Zarejestruj się aby zobaczyć!
    )
• Security:
  • Terrapin -
    Zaloguj lub Zarejestruj się aby zobaczyć!
    : Researchers have identified an issue where all SSH connections which use the encryption algorithm ChaCha20-Poly1305, or any integrity algorithm of type encrypt-then-MAC, are vulnerable to packet sequence manipulation by an active attacker, if the attacker can intercept the network path. This can be used to sabotage SSH extension negotiation. This affects extensions with security impact, such as server-sig-algs.
    Since the attacker can only remove packets sent before user authentication, this does not seem to fatally break the security of the SSH connection. However, it is a cryptographic weakness to address.
    Bitvise software versions 9.32 and newer support strict key exchange. This is a new SSH protocol feature which mitigates this attack. The SSH client and server must both implement strict key exchange for mitigation to be effective. Other SSH software authors are also releasing new versions to support this.
    If you must interoperate with SSH software which does not support strict key exchange, consider disabling the encryption algorithm ChaCha20-Poly1305, as well as integrity algorithms of type encrypt-then-MAC. These are the newer data integrity protection algorithms whose names contain -etm.
    Bitvise software versions 8.xx and older are not substantially affected because they do not implement algorithms where this issue is practically exploitable. Nevertheless, we suggest updating all SSH software to new versions that support strict key exchange.
    The encryption algorithms aes256-gcm and aes128-gcm are substantially immune from this attack. Users who are committed to older SSH software versions should consider using AES GCM. If this is not possible, the data integrity protection algorithms which are not named -etm are not entirely immune, but are also not believed to be practically exploitable. For compatibility with SSH software which does not support strict key exchange or AES GCM, an algorithm combination such as AES CTR with non-ETM data integrity protection may continue to be acceptable.
• General:
  • If the SSH Server was configured to accept FTPS connections, but no certificate was employed; or if the employed certificate was not usable because it expired; the SSH Server would stop running and refuse to start, even for SSH connections, until the administrator fixed the certificate issue.
    The SSH Server will now start, and continue running, as long as the configuration allows connections to be handled on at least one SSH or FTPS binding.
• SSH:
  • When a user authentication banner is entered directly in SSH Server settings, the SSH Server will no longer strip leading and trailing whitespace. If the banner does not end with a newline, the SSH Server will now append it. This avoids OpenSSH displaying the last line incorrectly.
• Email notifications:
  • Further improved error messages when SMTP sending fails.
• Settings:
  • When a list of address accept rules was imported from CSV using the options Import blocked IPs or Import permitted IPs, IP address ranges were imported incorrectly. Fixed.
• File transfer:
  • When using a mount point of type Another SFTP server, the other SFTP server may support SFTP protocol version 5 or higher, but not SFTP v5+ file locking. In this case, the SSH Server now strips file open block flags sent by the client if the block flags include SSH_FXF_BLOCK_ADVISORY.
    As in previous versions, it is possible to always strip block flags by configuring mount point settings:
    File sharing behavior: Force File sharing for uploads: Read, Write, Delete File sharing for downloads: Read, Write, Delete
  • When using a mount point of type Another SFTP server, and the other server uses SFTP v3, the SSH Server now lets an SFTP v4+ client set a file modification time without having to also include the last access time.
  • The SSH Server now logs most SFTP flags and bits as human-readable strings instead of hexadecimal values.
• FTPS:
  • The SSH Server would replace non-US-ASCII bytes with "." when sending reply lines on the FTP control connection. To improve compatibility with clients, the SSH Server now preserves UTF-8 (which may appear in directory names) in FTP control connection replies.

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Bitvise 9.34​

Security Clarification: [ April 2024 ]

• We are receiving inquiries about whether our software is affected by the recent XZ Utils backdoor described in CVE-2024-3094.
  Bitvise software does not use XZ Utils and is not affected by this issue.

Changes in Bitvise SSH Client 9.34: [ 11 April 2024 ]

• Installation:
  • When installing using command-line parameters, the -autoUpdates parameter could previously be used only to disable automatic updates. It now also supports other values (stronglyRecommended, recommended or allAvailable).
  • The FlowSshNet library, an optional SSH/SFTP scripting feature included with the SSH Client, now uses the Universal C Runtime. This allows the SSH Client to no longer include the outdated Visual C++ 2010 CRT. As a result, FlowSshNet is now installed only on Windows 7 SP1 or newer. (Previously, this feature was compatible with Windows Vista or newer.)
  • SFTP drive:
    • Updated the WinFsp version included with the SSH Client to 2.0.23075.
    • Improved the WinFsp installation process.
• SSH:
  • When connecting through an SSH jump proxy, interactive authentication methods can now be used to authenticate against the jump proxy. Previously, only pre-configured (unattended) authentication could be used.
  • When the SSH Client fails to connect to a server, the error message now contains more detailed information about IP addresses to which the client attempted to connect.
• stermc:
  • In certain versions of Windows, the Windows function ScrollConsoleScreenBufferW fails if the destination coordinate is the same as the origin. This would cause previous stermc versions to exit with an error. Fixed.
• sftpc:
  • The sftpc command-line client now supports new get/put command parameters:
    • -rv: Resume verifiably. Acts like -r for Resume, but does not resume unless the server supports synchronization using block-by-block hashing. This avoids corruption which is possible if heuristic resume detects the file can be resumed, but there are subtle changes in the middle of the file.
    • -noSync: Disables synchronization using block-by-block hashing, even if the server supports it. This can be used with -r to achieve a faster heuristic resume, but corruption is possible if there are subtle changes in the middle of the file.
    • -noBuf[=y|n]: If the server supports the extended SFTP attribute no-buffering@bitvise.com, this allows the user to express a preference whether the server should open the file for unbuffered I/O.
• SFTP:
  • The graphical SFTP interface now remembers its maximization state.
  • The graphical SFTP interface now offers an option to clear recent folder history.
  • When using cut & paste (rather than copy & paste) between Local and Remote panes, files are now moved instead of copied.
  • In both graphical SFTP and sftpc, the Resume and Overwrite options are now once again available separately, even if the server supports synchronization using block-by-block hashing. This allows the user to express a preference to resume a file, but only if the partial destination file is unchanged relative to the source.
  • When uploading, the SSH Client now includes the extended SFTP attribute intended-size@bitvise.com to communicate the final intended size of the file. This can help detect and diagnose incomplete transfers.
  • The mirror feature would incorrectly remove destination files after they were mirrored, if the file names were present in the destination with a different case than in the source. Fixed.
  • The mirror feature now supports a fast skip option which attempts to skip files which are present in both source and destination with the same size and last modification time. This can dramatically improve the speed of large mirror transfers where most files are unchanged, but at the cost of not verifying the content of skipped files.

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Bitvise SSH Server 9.35​

Apr 12, 2024

• File transfer:
• As a result of changes in 9.34, file transfers would fail on some systems. Believed fixed.

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[helium]

Bitvise SSH Server 9.36 [ 17 April 2024 ]

• SFTP:
  • Version 9.34 added logic to ensure SFTP responses are sent in the same order requests are received. Due to an oversight, the SSH Server's file transfer subsystem would hang, most readily if a client sent consecutive SFTP requests with the same request ID. This was observed with WS_FTP (version 12.9) and also with phpseclib. Fixed.
  • The SSH Server now implements the SFTP extended request fsync@openssh.com for files opened with unbuffered I/O.

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[helium]

Bitvise SSH Server 9.37 [ 4 May 2024 ]

• Control Panel and Settings:
  • If the Windows setting Roll the mouse wheel to scroll was set to One screen at a time, the SSH Server Control Panel would exit abruptly when attempting to scroll. Full page mouse wheel scrolling is now supported.
  • On Windows XP and Windows Server 2003, the Custom events interface in Advanced settings and the list on the Statistics tab did not display text for searchable columns. Fixed.
  • When the SSH Server Control Panel was opened displaying the Server tab, it would cause Windows to log repeated audit events about enumerating group membership for the SSH Server's BvSsh_VirtualUsers account. Fixed.
• Logging:
  • Connection disconnect log events now include information about connection duration, so it does not need to be calculated by finding the matching connection accept event.
• SFTP:
  • Version 9.34 introduced an inconsistency in how the SSH Server responds to SSH_FXP_READ requests which attempt to read past end-of-file. When processing a single such request, the SSH Server would send SSH_FXP_STATUS with SSH_FX_EOF; but when responding to consolidated requests, the SSH Server could send SSH_FXP_DATA with empty data. When using SFTP v6, the end-of-file flag would also be set, but this flag is not present in SFTP v3 and v4. This broke file transfers using some clients, specifically the Perl mesh client (based on Net::SFTP).
    The SSH Server again consistently responds to past-end-of-file SSH_FXP_READ requests by sending SSH_FXP_STATUS with SSH_FX_EOF.

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Bitvise SSH Server 9.38​

Jun 7, 2024

• SFTP:
• If the SFTP server does not send an exit code, the OpenSSH SFTP client returns exit code -1 instead of 0. This has become noticeable in newer OpenSSH versions, where scp now uses SFTP by default, and the change in exit code breaks scripts.
• To accommodate this client behavior, the SSH Server now sends an exit code for the SFTP subsystem.

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[helium]

Bitvise SSH Server 9.39 [ 2 August 2024 ]

• General:
  • In a niche situation where the SSH Server cannot initialize the Windows logon session with the user's environment block, the first connection which creates the Windows logon session would still succeed; it falls back to the system environment block. However, if Windows session sharing is enabled, subsequent connections attempting to reuse the Windows logon session would fail, instead of continuing to fall back to the system environment block. Fixed.
• File transfer:
  • If a user was configured with a virtual filesystem layout with more than one mount point, then if permitted by Windows filesystem permissions, the SSH Server would allow the user to rename the mount path of one of the mount points, moving that entire mount point inside another mount point. The SSH Server no longer allows this, even if permitted by Windows filesystem permissions.
  • When renaming a file or directory on a mount point backed by another SFTP server, the SSH Server would translate a standard SSH rename request into a POSIX rename request, which many servers cannot process. Fixed.

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Ircus]

Bitvise SSH Server 9.41

Spoiler

Zaloguj lub Zarejestruj się aby zobaczyć!

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Bitvise SSH Server 9.42​

Dec 9, 2024

• Master/follower synchronization:
• When configured as a master or secondary master, the SSH Server no longer subjects authentication attempts from followers to logon serialization if the provided synchronization password is correct. This avoids some of the followers receiving disconnects, and having to retry, if many followers connect at the same time.
• Control Panel:
• The feature Query settings with PowerShell did not detect that PowerShell is available when installed on Hyper-V Server 2019. Fixed.

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Camel1965]

Bitvise SSH Server 9.43​

Mar 17, 2025

• Control Panel and Settings:
• Manage certificates interface: Improved error messages and handling of TLS certificate import. Improved display of certificates and private keys not supported by current cryptography settings.
• The SSH Server implements an installation path hijack check. This displays a warning if the filesystem permissions or ownership of parent directories could allow a path hijack by a less privileged user.
• This is not a complete check. Permissions on the installation directory itself are not validated, and remain the responsibility of the administrator. The SSH Server checks for path hijack conditions, which can be subtle.
• The BssCfg command-line configuration utility now supports the following commands:
• BssCfg instDirCheck <run|status|enable|disable>
• These can be used to run the installation path check for diagnostics; to see if it is enabled; or to disable it, if the administrator has confidence in the configured filesystem permissions.
• SSH cryptography:
• Starting with 9.43, the latest versions of Bitvise software no longer use OpenSSL:
• OpenSSL no longer supports versions 1.1.1. Our recent software versions used this to support a handful of algorithms not supported by Windows.
• There are new fixes only available in OpenSSL 3.x.
• OpenSSL 3.x promotes opaque interfaces and hides details. This is the opposite of our requirements.
• OpenSSL 3.x is even larger than 1.1.1, and dramatically increases linker bloat. Updating OpenSSL 1.1.1 to 3.4.1 increases the size of CiWinCng64.dll from 3.3 MB to 5.0 MB. Removing OpenSSL reduces the size to 1.4 MB. The difference, 3.6 MB, is a lot of complexity to support some marginal algorithms.
• This change does not affect most algorithms. We support most algorithms using Windows cryptography. Only the following is affected:
• chacha20-poly1305: We now support this algorithm using public domain ChaCha20 implementations from Goll & Gueron (on most CPUs with AVX2), Daniel J. Bernstein (on CPUs without AVX2), and Poly1305 from Andrew Moon (poly1305-donna).
• In new Bitvise software installations, chacha20-poly1305 is disabled by default, because it is the most susceptible to the Terrapin attack if the counterparty does not implement strict key exchange. This algorithm is secure if both parties support strict key exchange. In Bitvise software, strict key exchange is supported in versions 9.32 and newer.
• ECDSA and ECDH over the curve secp256k1: On Windows 10 and newer, and Windows Server 2016 and newer, we continue to support this curve using Windows cryptography. On these Windows versions, there is no change.
• On Windows Vista to 8.1, and Windows Server 2008 to 2012 R2, secp256k1 is now supported using Crypto++ 5.6. This implementation is not constant-time, so in this case, we enable signature timing mitigations. The timing mitigations favor security over performance: a signature is delayed to take e.g. 50 ms instead of 1 ms.
• In SSH, this prime field curve is rarely used. We support it for compatibility with previous versions. We originally added this curve because it is used in Bitcoin, so it is subject to intense scrutiny. However, users who want elliptic curve cryptography, but doubt the widely used NIST curves, have usually chosen Curve25519 and Ed25519.
• If FIPS 140-2 cryptography is enabled in Windows, there is no change. If FIPS mode is enabled, Bitvise software already restricts itself only to algorithms supported by Windows. In this case, chacha20-poly1305 is not available, and secp256k1 is available only on Windows versions 10 and newer, which support it.
• Bitvise software versions 9.xx remain compatible with Windows XP and Windows Server 2003. To support SSH cryptography on these platforms, our installers include DLL files CiCpFips32/64.dll and CryptoPP530Fips32/64.dll. These DLLs are not used on Windows Vista and newer, but were previously installed on all Windows versions. They are now no longer installed on Windows versions where they are not used.
• SMTP email sending:
• In previous versions, when the SSH Server initialized Schannel to negotiate TLS for outgoing SMTP connections, it would specify acceptable key exchange algorithms as RSA, DHE, and ECDHE. If the administrator has used a utility such as IISCrypto to disable Diffie-Hellman key exchange using the Windows registry, this would cause the Windows function AcquireCredentialsHandle to fail with error code 0x80090331 (SEC_E_ALGORITHM_MISMATCH). This would abort the SMTP connection and prevent email sending.
• The SSH Server now avoids this by not expressing a preference with regard to TLS algorithms. This leaves the choice of TLS cipher suites to the Windows administrator.

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Ircus]

Bitvise SSH Server 9.44​

Spoiler

Zaloguj lub Zarejestruj się aby zobaczyć!

Zaloguj lub Zarejestruj się aby zobaczyć!