--- title: Bitvise SSH developer: Bitvise homepage: https://www.bitvise.com/ license: Proprietary first-release: date: 2001 # according to company website #date: 2002-05 # according to Wikipedia latest-release: version: 6.47 date: 2016-04-05 changelog: https://www.bitvise.com/ssh-server-version-history client: yes server: yes platforms: - windows protocols: cipher: - aes256-ctr - aes192-ctr - aes128-ctr - 3des-ctr - aes256-cbc # disabled by default - aes192-cbc # disabled by default - aes128-cbc # disabled by default - 3des-cbc # disabled by default compression: - none - zlib hostkey: - ssh-rsa - ssh-dss - ecdsa-sha2-1.3.132.0.10 # SEC 2 prime curve secp256k1? Not listed in RFC 5656 - ecdsa-sha2-nistp256 - ecdsa-sha2-nistp384 - ecdsa-sha2-nistp521 kex: - ecdh-sha2-1.3.132.0.10 - ecdh-sha2-nistp521 - ecdh-sha2-nistp384 - ecdh-sha2-nistp256 - diffie-hellman-group-exchange-sha256 - diffie-hellman-group-exchange-sha1 - diffie-hellman-group1-sha1 # disabled by default - diffie-hellman-group14-sha1 - gss-group1-sha1-* # disabled by default - gss-group14-sha1-* - gss-gex-sha1-* mac: - hmac-sha2-256 - hmac-sha1 - hmac-md5 # disabled by default - hmac-sha2-256-96 # disabled by default - hmac-sha1-96 # disabled by default - hmac-md5-96 # disabled by default userauth: - publickey - password - keyboard-interactive # only client; there: full support with additional prompts; not just as a version of "password" - gssapi-with-mic # supports Kerberos 5 and NTLM over GSSAPI extension: - elevation - server-sig-algs # The following information was provided by denis bider. # # Some version history: # # - gss-group1, gss-gex, and GSSAPI auth since Server and Client 4.01 # - DH group exchange since Server and Client 4.01 # - CTR mode algorithms since Server 5.00, Client 4.27 # - RSA host keys since Server 5.00 # - SHA-256 (dh-gex-sha256 and hmac-sha-256) since Server 5.50, Client 6.00 # - ECDH and ECDSA since Server 6.04, Client 6.00 # - gss-group14 since Server and Client 6.41 # - SHA256 key fingerprints since Server and Client 6.41 # # For everything else, assume baseline, or too old to make note of: 4.01 # is itself 10 years old. # # Note that our DH group exchange currently has the following shortcomings: # # - The Server does not generate groups. It just gives the client # group14, or else group1 if client’s max size is below group14. # # - The Client cannot reliably digest broken groups generated by most # implementations that actually generate groups on the fly. # # The Client (and Server, but this is not a problem in the Server) uses # a FIPS-compliant crypto provider which performs DH parameter # validation that cannot be disabled. This validation fails on DH # parameters with groups generated by most server implementations # (including but not limited to OpenSSH). It is possible to connect, but # with something like 50% chance of failure. # # Since we cannot disable the DH parameter validation without # compromising the FIPS module, the Client de-prioritizes DH-gex methods # in favor of any other enabled key exchange method (by default ecdh, # dh-group14). # --- * Windows client and server * also known as: Bitvise SSH Server + Client * formerly known as: WinSSHD + Tunnelier * The release data is for the server (not always in sync with client) * [Client version history](https://www.bitvise.com/ssh-client-version-history) * [Server version history](https://www.bitvise.com/ssh-server-version-history) * Both the client and the server are free for use that is both personal and non-commercial. The client is also free for individual use in organizations.