We are happy to announce the latest release of SFTPPlus, version 4.0.0.

For this major release, we focused on increasing services security by introducing two-factor authentication, PGP/OpenPGP handling, and an SHA512-based scheme password upgrade, among others.

The web-based administrative interface was improved by reorganizing the menu, implementing PGP key generation and CSR creation, to name a few novelties. New tools were added, like the admin-shell command line interface.

For client transfers, there is now a single transfer type and you can change the copy or move type at any time. There are also advanced options for recursive transfers, including creating remote recursing directories and archiving files in a recursive directory structure.

Since this is a major release, some previous functionalities are no longer available. AIX, HP-UX, and Solaris are no longer among the supported operating systems. MySQL databases are no longer supported. Before proceeding with an upgrade, we recommend reviewing the "Deprecations and Removals" section below and following the upgrade instructions.

New Features

  • There is now an admin-shell command line interface that can be used to manage and configure the SFTPPlus process from the command line. It is the CLI equivalent of the Local Manager web-based GUI console. [#1158]
  • The openpgp event handler was added for encrypting and decrypting files using OpenPGP. [#1177]
  • You can now use SSL/TLS certificates to authenticate users against the HTTPS file transfer service. [server-side] [#143]
  • You can now send credentials for an account via email. [#1468]
  • You can now create PGP keys from the Local Manager web interface or the command line administrative tool. [#1591]
  • SFTPPlus administration accounts now support multi-factor authentication based on the TOTP standard. [#2000]
  • Two-factor authentication can be enabled for user accounts defined inside the SFTPPlus configuration. [#2401]
  • Logged date and time can now be formatted using ISO-8601 UTC, ISO 6501 UTC with fractional seconds, or ISO-8601 with local time. [#2919]
  • The OpenPGP event handler can now encrypt/decrypt files using asymmetric PGP keys. [#3797]
  • It is now possible to create a new Certificate Signing Request (CSR) using an existing private key. [local-manager] [#3806]
  • The Python extension event handlers can now be set up with a custom JSON-based configuration string. [#3921]
  • You can now disable the overwriting rule for a transfer destination. In this way, the file is uploaded right away, without doing any extra requests on the server. [client-side] [#4054-1]
  • Details of files transferred in the past (name, size, modified timestamp) can now be recorded to prevent transferring the exact same file more than once. [client-side] [#4369]
  • The extract-archive event handler now also supports extracting TAR, TAR.GZ, and TAR.BZ2 archives. [#495]
  • You can now configure the application authentication method to only accept members of selected groups. [server-side] [#4963]
  • Recursive transfers can now automatically create destination folders. [client-side] [#5004]
  • The SFTPPlus initialization command now also asks for initializing a custom administration password. With this change, Local Manager is now accessible by default for any IP source. [#5193]
  • Product version is no longer advertised during protocol handshake for FTP, SSH and HTTP. [#5222]
  • There is now a dedicated documentation page for macOS installations. [#5297]
  • SFTPPlus now uses by default the SHA-512 function for hashing passwords. The hash function is now configurable, following options are available: SHA-256, SHA-512, PBKDF2 SHA-256, PBKDF2 SHA-512. In previous versions, only SHA-256 was used. [server-side] [#5322]
  • Accounts names, administrator names, and passwords longer than 150 characters are no longer allowed. Passwords longer than 128 characters are no longer generated. [server-side] [#5333]
  • The extract-archive event handler now supports extracting ZIP files. [#5346]
  • For the monitor service, you can now configure the type of file operations for which to emit events. [#5347-1]
  • The local filesystem monitor service now has a new configuration option named file_age_notification. This was introduced to replace the warn_non_modified_files_interval configuration. [#5347-2]
  • The monitor service can now automatically delete old files. [#5347]
  • A new option, delete_source_on_success. is available for a transfer to configure if the file should be removed from the source directory after a successful transfer. [client-side] [#5393]
  • You can now archive files using a recursive folder structure. [client-side] [#5394]
  • The process-monitor resource was renamed as the analytics resource. It now monitors date, time, and source IP of successful authentications. [#64]
  • SFTPPlus now provides an embedded self-signed certificate which can be used as a starting point for configuring TLS-based services such as FTPS and HTTPS. This self-signed certificate is automatically used for these services if the ssl_certificate configuration option is empty. [server-side] [#723]
  • An account can now be configured to read authorized public SSH keys from any file found in a specified directory path. [server-side][scp][sftp] [#972]

Defect Fixes

  • On non-Windows systems, the extract-archive event handler can now handle paths with uppercase characters. In previous versions, it was always using lowercase characters for the destination's filename. [#1177]
  • The Windows start menu shortcut to the Local Manager page now works even when the Local Manager is configured for the 0.0.0.0 IP address. [#3030]
  • The PID file created when SFTPPlus starts in service/daemon mode is no longer readable by other system users. [linux][security] [#4402]
  • The SysV and OpenRC init scripts now work when SFTPPlus is started as root. This was a defect introduced in 3.42.0. [#4686]
  • The event with id 60005, emitted when failing to monitor the source path of a transfer, now contains the exact path which triggered the failure. In previous versions, it was only containing the base source path of the transfer. [client-side] [#5004]
  • A dedicated event is emitted when a service has no authenticated method. [server-side] [#5053]
  • The SFTP file transfer service now has improved performance for directory listing when a large number of files are present. [server-side][sftp] [#57]
  • You will now receive an error at service start if the configured SSH RSA or DSA keys are of an invalid type. [server-side][scp][sftp] [#723]
  • There is now a limit of 100kB for the file containing authorized public SSH keys for an account. [security][sftp][scp][server-side] [#972]

Deprecations and Removals

  • Event with ID 20078, used to signal that a service was stopped, was removed and replaced by event with ID 20157, used when any component is stopped. [#1158-1]
  • Event with ID 20045, used to signal that a service failed to stop, was removed and replaced by events with IDs 20159 and 20185, used when any component fails to stop. [#1158-2]
  • Event with ID 20077, used to signal that a service failed to start, was removed and replaced by event with ID 20158, used when any component fails to start. [#1158-3]
  • Event with ID 20076, used to signal that a service was successfully started, was removed and replaced by event with ID 20156, used when any component is successfully started. [#1158]
  • The 'Account activity' event handler now only works with the embedded standard SQLite database. Support for MySQL databases and custom SQLite databases was removed. [#1376]
  • Event with ID 20101, emitted when the configured password is invalid, was removed. It was replaced with event with ID 20142, emitted when authentication fails. [server-side] [#2000]
  • ./bin/admin-command.sh --start is no longer supported. Use ./bin/admin-command.sh start instead. [linux][macos] [#2783]
  • The address, port, and path configuration options were removed from the Syslog event handler. They are replaced by the single url configuration option. [#2914]
  • Default format used to store log entries was changed to show date and time first. Upgrading existing installations will not automatically switch to the new logging format. [#2919]
  • Event with ID 20089, raised when trying to delete the default group, was removed and replaced with the generic event 20108, raised when trying to delete a component which is already in use. [#316-1]
  • Only one email client resource is now supported. This is the resource with UUID DEFAULT-EMAIL-CLIENT. Any other email client resource is ignored. [#316-2]
  • The email_client_resource configuration option was removed from the email-sender event handler. Emails are now sent using the default email client. [#316-3]
  • Event with ID 20063, raised when the default group is missing, was removed as SFTPPlus will automatically create the default group if missing. [#316-4]
  • Event with ID 50020, raised when SFTPPlus Local Manager failed to start a database, was removed and replaced by ID 20112. [#316-5]
  • The Past Activity page in the Local Manager web console was renamed to Activity log. [#316-6]
  • Event with ID 20163, emitted by SFTPPlus when failing to record the date and time when an account was successfully authenticated, was removed and replaced with the generic ID 20174. [#316-7]
  • Event with ID 20116, raised when failing to create a DB table database, was removed and replaced by ID 20112. [#316-8]
  • The database event handlers no longer use a separate database configuration. Each database event handler has now its own database file. [#3168-1]
  • SFTPPlus no longer supports MySQL databases. If you need to send events to a MySQL database, please get in touch with our support. [#3168-2]
  • Events with IDs 20161, 20162, 20164 were removed and replaced by ID 20112, used for all database errors. [#3168-3]
  • Events with ID 20112 and 20117, emitted when a DB operation fails, were removed. They were replaced with specific event ID errors for each SFTPPlus component using the DB. [#3168-4]
  • Events with IDs 50019, 50021, 50022, 50025, emitted when a Local Manager DB operation fails, were removed. They were replaced with specific event ID errors for each Local Manager operation using the DB. [#3168-5]
  • Support for the MySQL database event handler was removed. [#3168]
  • Event with ID 20160 was removed and replaced with the generic event 20165 raised when a component fails. [db] [#316]
  • The %(event_id)s variable for the email_subject configuration was removed, after being deprecated in 3.16.0. It should be replaced by the {id} variable. [#3655]
  • The amend-content event handler was removed and replaced by the python:chevah.server.extension.amend_content.RemoveLastLine extension event handler. [#3921]
  • The digital-signature-validation event handler was removed and replaced by the python:chevah.server.extension.digital_signature.ValidateCSV_RSASSA_PSS extension event handler. [#3956]
  • The rotate_each configuration option from the local-file event handler was removed and replaced with rotate_on. Existing rotate_each configuration are interpreted as rotate_on: 00:00 time-of-day. [#4351]
  • TEST_DELAY_EXECUTION is no longer supported. [server-side][sftp] [#4976]
  • Passwords stored in plain text are no longer supported. [security] [#5154]
  • Events with IDs 10029, 10058, 10060, 10067, emitted by the FTP server, were removed. They were replaced with generic events. [server-side][ftp][ftps] [#5155]
  • The configuration/ssh-service.moduli file is no longer used by the SFTP and SCP services. SFTPPlus now has an embedded list of SSH moduli, refreshed every release. [server-side][sftp][scp] [#5222]
  • Red Hat Enterprise Linux 6 (RHEL 6) is no longer supported in SFTPPlus version 4.0.0. You can continue to use latest SFTPPlus 3.x.x version with RHEL 6. [#5261-1]
  • Ubuntu Server 16.04 is no longer supported in SFTPPlus version 4.0.0. You can continue to use latest SFTPPlus version 3.x.x with this version of Ubuntu Server. [#5261-2]
  • Apple OS X 10.8 and newer Mac OS X versions up to and including macOS 10.12 are no longer supported in SFTPPlus version 4.0.0. You can continue to use latest SFTPPlus version 3.x.x for these systems. Only macOS 10.13 and newer versions are supported in SFTPPlus version 4.0.0. [#5261-4]
  • The following Unix operating systems are no longer supported starting with SFTPPlus version 4.0.0: AIX, HP-UX, Solaris. You can continue to use SFTPPlus version 3.x.x on these operating systems. [#5261]
  • The permission configuration option for an account will now have inherit as the default value. In previous versions, it was set to allow-full-control. The default configuration for a group is still allow-full-control. [server-side][security] [#5339]
  • warn_non_modified_files_interval configuration option of the monitor service was removed and replaced with a new configuration option named file_age_notification. For backward compatibility, SFTPPlus can still read the configuration stored in warn_non_modified_files_interval, but it rewrites it as file_age_notification. [#5347]
  • The type configuration option for transfers was removed. It was replaced by the delete_source_on_success option. [#5393]
  • The execute_at_startup configuration option and functionality was removed. You can use the external-executable event handler to execute external scripts. Event with ID 20181 is emitted each time the SFTPPlus process starts. [#5413]
  • The account-activity event handler was removed. It was replaced by the process-monitor resource. [#64]
  • Event with ID 20182, emitted when an account is authenticated, was removed. Only the event with ID 20137 is now emitted on successful authentication. [#888-1]
  • Event with ID 20023, emitted when failing to read the file containing the authorized SSH keys for an account, was removed. It was replaced by the generic event with ID 20142. [#888-2]
  • Event with ID 50007, emitted when an administrator was successfully authenticated, was removed. It is replaced by the generic event with ID 20137. [#888]

You can check the full release notes here.