SFTPPlus Release 5.20.0

Centralized Vault Management

The new vault resource changes how SFTPPlus stores sensitive data. Key updates include:

• Unified Storage: Certificate pairs, SSH private keys, and PGP keys are now stored as vault items.
• Storage Options: Items can be kept in a single external file, separate files, or directly within the main configuration file.
• Key Export: Private vault content can now be exported with optional encryption.
• Automatic Migration: Existing SSH and PGP keys migrate to the vault system automatically during the update.

Protocol and Authentication Updates

• WebDAV: The HTTP server now supports WebDAV Class 1 methods, specifically PROPFIND, MOVE, and COPY.
• LDAP Integration: LDAP authentication now supports role-based administrator access using LDAP attributes.
• Host-Based Auth: The SFTP/SCP servers now support the hostbased authentication method (RFC 4252).
• SSH Logging: Failed SSH authentication attempts now log the SHA256 fingerprint of the key used.

Configuration and Tooling Changes

• Web Manager: Users with read-only permissions can now access the Web Manager interface.
• File Encoding: New destination content actions support conversions between UTF-8, ISO-8859-15, UTF-16, and ASCII.
• Transfer Logic: Transfers now fail at the start if the destination lacks support for required operations like renaming or overwrite detection.
• Removals: Several legacy configuration options, including ssl_key and ssh_private_key_password, have been removed and replaced by the vault system.

Upgrade Information

SFTPPlus 5.20.0 is available for download today. Users should note that several SSL and SSH configuration options have been consolidated into the new vault structure.

We recommend that users review the full release notes for details on deprecated command-line arguments and the new Vault-based configuration structure.

For a complete list of changes, see the release notes here.