github sshnet/SSH.NET 2020.0.0


Target framework support

This release of SSH.NET adds support for .NET Standard 2.0.
This brings the full list of the supported target frameworks to:

  • .NET Framework 3.5
  • .NET Framework 4.0 (and higher)
  • .NET Standard 1.3
  • .NET Standard 2.0
  • Silverlight 4
  • Silverlight 5
  • Windows Phone 7.1
  • Windows Phone 8.0
  • Universal Windows Platform 10

Fixes issue #357, #436 and #474.

Key exchange algorithms

SSH.NET now supports the following additional key exchange algorithms:

  • curve25519-sha256
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521
  • diffie-hellman-group14-sha256
  • diffie-hellman-group16-sha512

Fixes issue #53, #406 and #504.

Host key algorithms

The following additional host key algorithms are now supported:

  • ssh-ed25519
  • ecdsa-sha2-nistp256
  • ecdsa-sha2-nistp384
  • ecdsa-sha2-nistp521

Public key authentication

SSH.NET now supports the following private key formats:

  • RSA in OpenSSL PEM and format
  • DSA in OpenSSL PEM and format
  • ECDSA 256/384/521 in OpenSSL PEM format
  • ED25519 in OpenSSH key format

Fixes issue #485.


Until now any issue related to Protocol Version Exchange would be reported using a single message:

Server response does not contain SSH protocol identification.

As of this release, we identify - and report - three distinct issues:

  • The server immediately closed the connections upon reception of our SSH identification string.
  The server response does not contain an SSH identification string.
  The connection to the remote server was closed before any data was received.
  More information on the Protocol Version Exchange is available here:
  • The identification string of the server contains a null character (which is prohibited).
  The server response contains a null character at position 0x00000005:

  00000000  ED 95 9C 21 00                                   ...!.

  A server must not send a null character before the Protocol Version Exchange is complete.

  More information is available here:
  • The server response does not contain an SSH identification string.
  The server response does not contain an SSH identification string:
    00000000  48 54 54 50 2F 31 2E 30 20 32 30 30 20 4F 4B 0D  HTTP/1.0 200 OK.
    00000010  0A 43 6F 6E 74 65 6E 74 2D 4C 65 6E 67 74 68 3A  .Content-Length:
    00000020  20 31 30 0D 0A 43 6F 6E 74 65 6E 74 2D 54 79 70   10..Content-Typ
    00000030  65 3A 20 61 70 70 6C 69 63 61 74 69 6F 6E 2F 6F  e: application/o
    00000040  63 74 65 74 2D 73 74 72 65 61 6D 0D 0A           ctet-stream..
  More information on the Protocol Version Exchange is available here:

Channel close timeout

A ChannelCloseTimeout property has been introduced on ConnectionInfo that controls the timeout to apply when waiting for a server to acknowledge closing a channel. The default value is 1 second.

If a server does not report to our SSH_MSG_CHANNEL_CLOSE message with a SSH_MSG_CHANNEL_CLOSE message before the specified timeout elapses, we'll stop waiting and consider the channel to be closed.

Fixes issue #335.


  • SftpClient now implements ISftpClient to allow for each testing (issue #193).

Breaking changes


CVE-2018-20685 caused OpenSSH to implement more strict validation of file paths. ScpClient was updated to correctly deal with these changes.

In case of a recursive directory upload, ScpClient cannot fully absorb the impact of these changes and as such Upload(DirectoryInfo directoryInfo, string path) now fails if path does not exist on the remote host. For the same reason, the mode and modification/access time will also no longer be set on path.

The mode and modification/access time continue to be set on any files or subdirectories that are uploaded.



  • Use big endian byte order for port number in SOCKS request (issue #125 and #447).
  • Connect() times out when server rejects initializing subsystem (issue #308).
  • Keep-alives are not activated if connection is already opened (issue #334).
  • Connection cannot be re-established when subsystem cannot be executed (issue #338).
  • Closed event on Channel is not deterministic (issue #319).
  • Disconnect() and Dispose() may block indefinitely on .NET Core (issue #355 and #686).
  • EAP implementation does not correctly deal with a socket operation that is completed synchronously (issue #377 and #571).
  • Identification string is not immediately sent when connection is established (issue #689 and #505).
  • Minor protocol version parsing bug (issue #749).


  • Fix UTC time handling in case of DST shifts (issue #356)


Target framework support

While our list of supported target frameworks is impressive, it does come with a cost. Some of these target frameworks are no longer supported by Microsoft and even required software that is no longer available for download.

We'd like to gather feedback from our users through this issue to learn how important it is to continue supporting all these target frameworks.


Do you want to keep track of general progress and annoucements for SSH.NET? You can now follow us on Twitter.

Supporting SSH.NET

Do you or your company rely on SSH.NET in your projects? If you want to encourage us to keep on going and show us that you appreciate our work, please consider becoming a sponsor through GitHub Sponsors.


This release wouldn't have been possible without contributions from:
@darinkes, @AtosNicoS, @dancret, @menees, @ericbrumfield

Special thanks for @Filini producing our new logo assets!

latest release: 2020.0.1
9 months ago