Bitvise ssh client lỗi the ssh2 session terminated năm 2024

You are viewing version history for outdated Bitvise software versions. These versions contain known issues which are resolved in newer releases. These versions will not receive updates, whereas the most recent versions will.

• We recommend all users to use Bitvise software versions not older than one year, or newer in case of recent security fixes.
• It is one of our top priorities that users should experience as few problems as possible when updating to the latest versions of our software. If an upgrade causes you trouble, let us know.
• The main outlier in ease of upgrading is the SSH Server's scriptable configuration language. If you rely on this feature, upgrades to new SSH Server feature releases require adjustments to scripts.

Security Clarification:

• We are receiving occasional inquiries about whether our software is affected by the libssh vulnerability CVE-2018-10933, where a client can bypass authentication by sending an SSH_MSG_USERAUTH_SUCCESS message to the server. Bitvise software does not share common code with libssh. Our understanding is that the libssh issue arises due to commingling of authentication state for server-side and client-side purposes. In Bitvise software, authentication state is managed in separate client-side and server-side components. The server-side authentication component is not affected by this issue and will ignore any SSH_MSG_USERAUTH_SUCCESS message sent by the client.

Changes in Bitvise SSH Server 7.46: [ 14 October 2018 ]

• This version changes the way errors are handled when decoding a user authentication request to avoid username enumeration. OpenSSH recently fixed a username enumeration vulnerability due to how errors were handled when decoding a user authentication request. Bitvise SSH Server does not share the same code base, but past versions are affected by conceptually the same issue, which we coincidentally discovered around the same time.
• After the SSH session has been terminated by receiving EOF or sending SSH_MSG_DISCONNECT, FlowSsh will now discard any further outgoing SSH packets. This helps avoid a stall in processing and further improves the odds that all previously received data - in particular, SFTP requests - will be processed.
• File transfer: Improved handling of symbolic link creation failures.
• BvShell will now clear Windows console attributes on startup to improve experience on terminals where the default background color is not black.
• If the BvLsa authentication package could not be loaded into LSASS, this is now appropriately logged as a warning instead of an information message.
• As a maintenance release, this version continues an upgrade amnesty. Any Bitvise SSH Server activation code that could activate a previous 7.xx version will also activate this version.
• You can currently download this version here. [Alternative]

Changes in Bitvise SSH Server 7.45: [ 11 August 2018 ]

• Bitvise SSH Server, SSH Client, and FlowSsh previously did not implement strict size limits or sanitization of content before displaying or logging strings received from a remote party. Much stricter size limits and sanitization are now implemented.
• Version 7.21 introduced settings to configure minimum and maximum sizes of DH groups to be considered for Diffie Hellman key exchange methods with group exchange. These settings did not work correctly in many circumstances. This would allow clients to request 1024-bit DH parameters where this was meant to be prohibited. Fixed.
• Bitvise SSH Server, SSH Client, and FlowSsh now report the size of the Diffie Hellman group actually used in DH key exchange. This is useful with key exchange methods that use DH group exchange, where there was previously no straightforward way to know what size group was used.

Changes in Bitvise SSH Server 7.44: [ 1 July 2018 ]

• Cryptography: Implemented support for changes in Windows internal cryptographic structures in Windows Insider Preview Build 17704. This build was released to Windows Insiders in the Fast ring on June 27, 2018. Users who need to use earlier versions of our software on new Windows builds that change internal structures can work around compatibility issues by using the following key exchange algorithms: Curve25519, ECDH over nistp256k1. These key exchange methods do not rely on Windows cryptography; however, our software does not provide them if FIPS mode is enabled in Windows. Other key exchange methods require upgrading our software to a version that supports the new Windows build.

Changes in Bitvise SSH Server 7.43: [ 19 June 2018 ]

• File transfer: Fixed issues in past Bitvise software versions that resulted in incorrect file times when using subsecond times with SFTP protocol versions 4 and 6. This would result in incorrect last modified times after a file transfer which affected, on average, about one in several hundred files. Affected files would receive a last modified timestamp incorrect by up to 7+ minutes.
• Authentication: Since version 7.32, the SSH Server would send additional information to the client if authentication failed due to a Windows account restriction. This information was sent under the assumption that Windows checks the provided password and returns information about the restriction only if the password is correct. Our investigation shows that for a number of restrictions, if the restriction prevents login, Windows reports the restriction without checking the password. We found this was previously reported e.g. in 2007 under CVE-2007-2999, and remains unaddressed. The presence of this issue allows a remote unauthenticated party to check for the existence of Windows accounts that cannot login due to a restriction, without requiring knowledge of those accounts' passwords. To avoid this issue, Bitvise SSH Server now no longer sends information about Windows account restrictions, except where our testing indicates that Windows checks the password before reporting the restriction. At present, our testing indicates that only ERROR_LOGON_TYPE_NOT_GRANTED, and the alias ERROR_LOGON_NOT_GRANTED, are safe to report to the client. Other restrictions may or may not check the password depending on whether the account is domain or local.
• Settings: For virtual accounts and groups, the default file transfer home directory is now "/" instead of "/%HOME%". This makes more sense for virtual accounts which usually have restricted virtual filesystem access. For Windows accounts, the default file transfer home directory remains "/%HOME%".
• Installation: Updated installer and uninstaller manifests to reduce the likelihood that Windows will incorrectly run the Program Compatibility Assistant during or after installation. This mainly affects older Windows versions such as Windows 7.

Security Notification: [ 18 May 2018 ]

• We have been informed of, and have taken steps to address:
  1. A security issue in common functionality used by Bitvise software.
  2. An initialization issue in a compression library used by Bitvise software.
• Issue 1:

  This issue consists of an invalid memory access. At this time, we believe this memory access is always invalid and cannot be used for remote code execution. This issue has the following impact on Bitvise SSH Server and Client:

  • High severity: When an affected Bitvise SSH Server version is installed on a 32-bit version of Windows, a remote unauthenticated attacker can cause the SSH Server's main service to stop abruptly. This high severity impact is not present on 64-bit versions of Windows. The following other impacts are present on all versions of Windows.
  • Lower severity: An authenticated user connected to Bitvise SSH Server who is permitted to use the SFTP subsystem can cause the SFTP subsystem to stop abruptly. This can have an effect on what actions are logged. For example, an error might be logged instead of the last actions taken by the user.
  • Lower severity: A server to which a user connects using Bitvise SSH Client can cause the SSH Client to stop abruptly. Due to the limited effects, this would not be an interesting attack in most usage scenarios.
  • Low severity: If a user or administrator imports a specially crafted file when using either the local Bitvise SSH Server Control Panel; the remote Bitvise SSH Server Control Panel; or Bitvise SSH Client; then the process being used to import the file can stop abruptly. Due to the limited effects, this would not be an interesting attack in most usage scenarios. In addition, this issue has the following impact on applications using FlowSsh:
  • If an application using the 32-bit version of FlowSsh connects to a server which sends a specially crafted packet that should cause FlowSsh to disconnect, the application will instead stop abruptly. The severity of this impact depends on the characteristics of the application.
  • At this time, we believe applications using the 64-bit version of FlowSsh are unaffected. The following versions of our software are affected by issue 1:
  • Bitvise SSH Server 6.xx, but not version 6.51 and future versions.
  • Bitvise SSH Server 7.xx, but not versions 7.41 and higher.
  • Bitvise SSH Client 6.xx and 7.xx, but not versions 7.41 and higher.
  • FlowSsh 5.xx and 7.xx, but not version 7.41 and future versions. We have addressed issue 1 in Bitvise SSH Server, Client, and FlowSsh versions 7.41 and higher. In addition, we have addressed issue 1 for Bitvise SSH Server 6.xx versions due to the high severity impact on 32-bit versions of Windows. At this time, the limited impact does not seem to warrant applying this change to 6.xx versions of Bitvise SSH Client and FlowSsh. We encourage users of Bitvise SSH Client to upgrade to the latest versions free of charge. Users of FlowSsh 5.xx will need to have upgrade access to a 7.xx version to upgrade.
• Issue 2:

  Issue 2 consists of incorrect delayed initialization in a compression library used by Bitvise software. We believe this could be used by one SSH session that uses compression to corrupt decompressed data in another simultaneous session that uses compression. However, for this to be likely, there must not have been another session that used compression since application startup. Therefore, the attack would have to occur at the same time as when the first legitimate session that uses compression begins after Bitvise SSH Server or an application using FlowSsh has started. The following versions of our software are affected by issue 2:

  • All older versions of Bitvise SSH Server, but not versions 7.41 and higher.
  • All older versions of FlowSsh, but not version 7.41 and future versions. Bitvise SSH Client only ever establishes one SSH session per process instance, so the issue cannot be exploited. A FlowSsh application could be affected if it simultaneously starts multiple concurrent SSH sessions after launching.
• Mitigation:

  We recommend that all users of affected Bitvise SSH Server, Client, and FlowSsh versions upgrade to the newest current versions, which can be downloaded from our website:

  • The latest version of Bitvise SSH Server – for example, 7.42 or newer.
  • The latest version of Bitvise SSH Client – for example, 7.42 or newer.
  • The latest version of FlowSsh – for example, 7.41 or newer. In addition, users of Bitvise SSH Server versions 6.xx who do not wish to upgrade can download version 6.51, which also fixes issue 1, but not issue 2.

Changes in Bitvise SSH Server 7.42: [ 11 May 2018 ]

• The End User License Agreement has been updated to try to bring it closer to the requirements of states and their contractors. Terms are otherwise unchanged. Situations in which licenses can be transferred are now laid out so that no permission will be needed in most cases.
• Fixed an issue which would cause the SSH Server's scriptable configuration COM object, BssCfgManip, to become unregistered after uninstalling one of multiple concurrent SSH Server instances that use the same BssCfgManip version.

Changes in Bitvise SSH Server 7.41: [ 29 April 2018 ]

• This is not a new feature release, but a successor to 7.39 with continued maintenance updates. [We skip over versions containing zeros to avoid ambiguities. For example, 7.04 and 7.40 might both be referred to as "7.4".]
• SSH:
  • Fixed an issue in zlib compression provided by the Crypto++ library. There existed a race condition which could cause data to be decompressed incorrectly in specific circumstances. For this to happen, the first SSH session to use compression, and the second SSH session to use compression, would have to connect at the exact same time after the SSH Server is started.
  • Fixed a denial of service attack vector described in the associated .
• Authentication:
  • Improved handling of disjoint namespaces in domain environments where the domain name is of the form region.example.com, but the computer is in a disjoint DNS suffix such as country.region.example.com. Previously, if the Windows function GetComputerNameEx failed with Windows error 1788 ["The trust relationship between the primary domain and the trusted domain failed"], the SSH Server would use LsaQueryInformationPolicy as backup. Now, the SSH Server will perform this fallback if GetComputerNameEx fails with other error codes, as well.
• Terminal:
  • In Windows 10 builds 17133 and 17134 - the 1803 Spring Creators Update - Windows console functionality changed in such a way as to break console host version detection in previous SSH Server versions. Users of Windows 10 will need to upgrade to this SSH Server version or newer for terminal access to work.
• File transfer:
  • Some SFTP clients, including Bitvise SSH Client up to and including version 7.39, may send a fire-and-forget SSH_FXP_CLOSE message followed by immediately closing the SFTP channel and the SSH session. Depending on circumstances such as network latency, Bitvise SSH Server could fail to process the SSH_FXP_CLOSE request and incorrectly log that the final transfer may not have completed as intended. The SSH Server now takes steps to complete processing of any final requests sent by an SFTP client just before it disconnects.
• Control Panel:
  • Fixed an issue which would cause the SSH Server Control Panel [the user interface; not the main SSH Server service] to crash after receiving more than 5,000 Activity tab entries while the last entry was not being shown.
• Scriptable configuration:
  • The SetSite method of the BssCfgManip scriptable configuration COM object would previously fail to work for instances whose full name does not match the normalized instance name. This prevented using scriptable configuration for such instances. Fixed.

Changes in Bitvise SSH Server 7.39: [ 20 January 2018 ]

• On Windows Vista and Windows Server 2008 - but not on Windows 7, Windows Server 2008 R2, and later versions of Windows - the SSH Server's file transfer subsystem would hang indefinitely if a client attempted to use SFTP v6 check-file file hashing extensions. The SSH Server would have to be restarted to disconnect sessions. Fixed.

Changes in Bitvise SSH Server 7.38: [ 6 January 2018 ]

• In version 7.36, we implemented an adjustment in the SSH Server's terminal subsystem when running on Windows 10. This was necessary to support changes in the Windows 10 console subsystem that happen with new OS builds. With this change, BvShell would not launch on Windows 10 unless a Windows profile was loaded . For example, a profile would be loaded, and BvShell would work, if Load profile for SCP and SFTP was enabled in the account or group settings entry in Advanced SSH Server settings. The user's Windows profile will now automatically be loaded for BvShell on Windows 10 or newer, without having to take steps to enable profile loading. On previous Windows versions, the SSH Server will continue to not load the Windows profile for BvShell unless enabled by a setting.

Security Clarification: [ 5 January 2018 ]

• We have received inquiries about whether our software is affected by the Meltdown and Spectre vulnerabilities. Meltdown and Spectre are fundamentally CPU vulnerabilities which require the attacker to be able to execute carefully selected code, in many cases with high-resolution timers. These vulnerabilities are generally not exploitable in situations where the attacker cannot run such code. If you are using Bitvise software for SFTP or SCP file transfer, port forwarding, Git access, or limited terminal access using the BvShell terminal shell, these types of access do not present an opportunity to exploit these vulnerabilities. If you are using Bitvise SSH Server to provide terminal shell access to non-administrator users, then if these non-administrator users can run arbitrary programs, they can also run programs that could take advantage of Meltdown to gain administrative access. In this case, we recommend that you apply a Windows patch that attempts to mitigate the CPU vulnerabilities that enable Meltdown.

Changes in Bitvise SSH Server 7.36: [ 27 November 2017 ]

• Development, licensing, and US export control:
  • This is the first version of Bitvise SSH Server, SSH Client, and FlowSsh published from the United States.
  • All assets, operations, relationships, and agreements related to Bitvise software development and licensing; including license agreements for use of Bitvise software by users; have been transferred from Bitvise Limited incorporated in Gibraltar, to Bitvise Limited now incorporated in Texas.
  • Final builds are now performed in Texas. Our software development continues in Slovenia, Germany, and Hungary, and may include developers elsewhere in the future.
  • This move is an administrative change. Our development, ownership, pricing, support, terms and policies and relationship to customers generally remain the same.
  • For the purpose of export from the United States, our SSH Server, SSH Client and FlowSsh are self-classified as Mass-Market products using the ECCN 5D992, with the encryption authorization type identifier MMKT. These denote eligibility under License Exception ENC § 740.17[b][1] of the Export Administration Regulations [EAR].
  • The SSH Server now implements a limit of at most 2498 simultaneous authenticated sessions. This is to avoid any doubt as to whether the SSH Server could be used in a way that could prevent self-classification for the purposes of US export control.
  • Bitvise SSH Server, SSH Client, and FlowSsh now come with new license agreements. Users must review the new EULAs, even though the terms remain substantially the same. We apologize for this inconvenience, and have attempted to draft the agreements in a way that this might not be necessary very often.
• Personal Edition:
  • The SSH Server's Personal Edition is licensed only for use that is both personal AND non-commercial, but is often found used in violation of its license restrictions. In an attempt to limit unlicensed use, while avoiding negative impact on intended users, the Personal Edition will now handle at most 15 concurrent connections.
• Control Panel and Settings:
  • Corrected spelling of the configuration file name containing instance-type settings. An incorrectly spelled filename created by a previous version will be renamed automatically on upgrade.
  • The list of Client version rules would allow coexistence of multiple Match all entries if the hidden Pattern field was different. Fixed.
• Service:
  • If the setting Automatically configure router is enabled, the SSH Server will now search for gateways of type WANPPPConnection in addition to WANIPConnection. We expect this will extend the number of UPnP routers under which the SSH Server is able to automatically configure ports.
• SSH:
  • Windows 10 version 1709, OS build 17046.1000, changed internal Windows structures in a way that prevented Bitvise SSH Server, SSH Client, and FlowSsh from obtaining the agreed value in DH or ECDH key exchange. This prevented successful SSH connections using this new Windows build. Fixed.
  • There exist OpenSSH-based clients which send signatures that claim to be of a new type [rsa-sha2-256 or rsa-sha2-512], but are in fact of the older type [ssh-rsa]. Previous SSH Server versions would reject such logon attempts with the message "Signature verification failed." The SSH Server will now tolerate this type of signature as long as the ssh-rsa signature algorithm is enabled in Advanced settings.
  • There exist SSH implementations based on WeOnlyDo which might not send failure description and language tag fields when sending an SSH_MSG_CHANNEL_OPEN_FAILURE message. Bitvise SSH Server, SSH Client and FlowSsh will now behave as though these fields were sent as empty strings, instead of disconnecting due to an unexpected packet format.
• Command line:
  • Fixed an issue in command line parsing – most relevant for the bvRun utility, in addition to Bitvise SSH Client – where parameters of the form -name=value would be assigned the last value provided anywhere in the command line; including in the trailing part that may contain one or more commands to run, which is a part from which parameters should not be parsed. Users who use scripts to construct command lines automatically, in a way that incorporates parts from untrusted sources – e.g. environment variable expansion or filename insertion where the source information may not be trusted – are suggested to upgrade. We also call attention to other ways such scripts can be vulnerable if they do not thoroughly validate inputs – for example, by exploiting the & operator if executed using the Command Prompt shell.
• Terminal:
  • The latest builds of Windows 10 may ignore the per-process registry setting which the SSH Server sets to open the legacy terminal console. Current SSH Server versions require the legacy console instead of the Windows 10 console, which has new and currently unsupported behaviors. If Windows 10 ignores the per-process setting, the SSH Server will now detect this and fall back to a global setting.

Changes in Bitvise SSH Server 7.35: [ 16 September 2017 ]

• File transfer:
  • When using SFTP version 6, the SSH Server would previously advertise extensions check-file-name and check-file-handle, whereas the SFTP extensions draft calls for advertising check-file. The SSH Server will now advertise check-file as well.
  • When using SFTP version 6, the SSH Server now additionally advertises a check-file-blocks extension. We have identified two server implementations that support the check-file extensions, but either do not support block-by-block hashing [current versions of VShell] or disconnect if a larger file is hashed block-by-block [current versions mod_sftp for ProFTPD]. This prevents the functioning of file content synchronization in recent versions of Bitvise SSH Client and FlowSsh.

    We suggest that future servers advertise support for check-file-blocks if all of the following are true:

    • The server supports block-by-block file hashing.
    • Any reasonable block size requested by the client is supported.
    • A file can be hashed block-by-block starting from an arbitrary offset.
• SSH Server Control Panel: Fixed an issue which would cause the SSH Server Control Panel to not start automatically the next time the user logs in if the user starts another instance of the SSH Server Control Panel while a previous one is already running.
• Fixed an issue which would prevent settings import directly from WinSSHD versions older than 4.10.
• The SSH Server now relaxes some sanity checks for programs run under the terminal subsystem. Some versions of wtee that previously did not run because of an invalid field in the executable can now run anyway.

Changes in Bitvise SSH Server 7.34: [ 1 August 2017 ]

• Fixed a memory leak introduced in version 7.31.
• If a user was granted Git access, but had no other permission which would allow opening a channel of type "session", the user could not open a channel for Git access. Fixed.

Changes in Bitvise SSH Server 7.33: [ 11 July 2017 ]

• In Easy settings, dialog buttons would disappear if the settings window was opened already maximized. Fixed.
• When multiple concurrent SSH Server instances were installed using different names of equal length; and more than one of them had the Open Windows firewall setting set to a value other than Do not change Windows firewall settings; the concurrent installations would override each other's firewall exceptions. Fixed.

Changes in Bitvise SSH Server 7.32: [ 9 June 2017 ]

• Authentication:
  • Changed handling of password change so that an informative message is now sent, and another password change is requested, if the requested new password does not meet complexity requirements. In previous versions, such requests would fail without additional clarification, leading to user confusion.
• File transfer:
  • Improved compatibility with SFTP clients that are provided by their users with Windows paths of the form C:\Directory\File.txt. When changing directories or opening files, SFTP clients given such paths will interpret them as relative paths, and will try to use them in the form /C/Dir/C:\Other\File.txt. In previous versions, the SSH Server would treat such concatenated paths as malformed. Now, they will be translated to a virtual path reflecting what the user most likely intends; for example, /C/Other/File.txt.
  • Fixed an issue introduced in version 7.21 which caused the createdNewFile and resizedFile parameters to not be properly logged in the I_SFS_TRANSFER_FILE event. This also affected the on-upload command, which incorrectly would not execute for empty files created by a client.
  • Improved handling of the SSH_FXP_SETSTAT request to avoid requiring access that is not needed for the exact action requested by the client. This fixes a compatibility issue with SFTP Net Drive introduced with SSH Server version 7.21.

Changes in Bitvise SSH Server 7.31: [ 3 May 2017 ]

• This is not a new feature release, but a successor to 7.29 with continued maintenance updates. [We skip over versions containing zeros to avoid ambiguities. For example, 7.03 and 7.30 might both be referred to as "7.3".]
• Small changes in key places improve CPU efficiency on the order of 30% [impact may depend on the system]. This improves transfer speeds where CPU is the bottleneck – or maintaining same performance, allows for a greater number of simultaneous connections. Users who were previously maxing out a single core and seeing transfer speeds of e.g. 150 MB/s, may now see e.g. 200 MB/s.
• Versions 7.xx introduced encryption of SSH Server settings using a machine-specific encryption key stored in the Windows registry. Past versions stored this encryption key without a trailing null, and did not properly handle a trailing null if it was added by another application [e.g. when manually importing the registry value]. The encryption key is now stored with a trailing null when first generated, and any trailing null is stripped when reading the encryption key.

Changes in Bitvise SSH Server 7.29: [ 31 March 2017 ]

A usage pattern for Bitvise SSH Server is to provide an SFTP blind drop. This is a virtual filesystem mount point that removes permissions such as Permit List and Permit Read Existing, and allows only Permit Read/Write/Delete New.

In recent versions, a blind drop configuration has worked with command line clients. However, the SSH Server was interpreting permissions strictly, causing problems for graphical clients, including Bitvise SSH Client and WinSCP.

This version slightly relaxes permissions required for SFTP operations such as SSH_FXP_REALPATH and SSH_FXP_STAT, so that graphical clients can be effective in this scenario.

An effect of this change is that it is now possible to probe for a file's existence using the SSH_FXP_STAT request. However, in current versions, our SSH Server does not support transparently renaming files uploaded into a blind drop. It is therefore possible to probe for a file's existence in any case, by attempting to upload the file.