Release notes

2.3.0 (2021-05-06)

  • SSH renegotiation is now configurable using maximum data transferred or time period threshold or can be disabled altogether
  • Users can now connect using SFTP even when they have no path mappings defined (empty read-only directory is shown)
  • user add no longer requires the process user to be able to query service definition user

2.2.0 (2021-03-16)

  • Major performance improvement for Chacha20/Poly1305 encryption
  • Added burusftp svc restart and burusftpwa svc restart commands
  • WA Improvements
    • Added [Restart] button to service management page
    • Detailed error message when service fails to start
    • Faster feedback on service management page
    • SSH host key widget on server configuration page improved

2.1.1 (2021-03-11)

  • Fixed library loading issue for custom logging

2.1.0 (2021-02-05)

  • Users can be added with password hash only (e.g. when importing from existing user database) - see burusftp user add
  • Fixed log highlighting issues.
  • Updated color scheme and layout (WA)
  • Home page dashboard (WA)
  • Breaking changes:
    • No longer looking for free license in application's root path
    • SSH session ID now added to most log entries, where relevant.
    • User password hashes are rehashed on successful login to specified algorithm - see configuration

2.0.1 (2021-01-28)

  • Fixed installer UI scaling issues

2.0.0 (2021-01-25)

  • New major features
    • Windows installer is now available for download
    • Windows authentication and impersonation support in Pro edition
    • Support for custom logging configuration file - see configuration
    • Config folder is now searched for in the following paths:
      • [INSTALLATION_PATH]\config
      • %PROGRAMDATA%\Rebex\BuruSftp (this path is used by installer by default)
  • Breaking changes:
    • Re-installation is needed when upgrading to version 2.x - see the upgrade guide.
    • SSH server will now shutdown when license expires
    • Command line changes:
      • We plan to release more Buru applications in addition to the SFTP server, and hence buru.exe is renamed to burusftp.exe, buruwa.exe to burusftpwa.exe.
      • Password and public key authentication are now required by default when set
      • Password and public key can no longer be setup as enabled or required without password or public key, respectively
      • init, install and run commands now perform more extensive environment checks which might include patching the user database to new version.
      • burusftp user list -v now lists locked users with L prefix
      • Some options were renamed, e.g. --keyAuth to --key-auth. In most cases a temporary fallback is available allowing you to use previous option names with a warning.
    • Services and their display names were renamed

1.9.1 (2020-10-12)

  • Support recursive directory creation (mkdir -p)
  • No longer logging packet data in verbose mode

1.9.0 (2020-08-10)

  • Account lockout support
  • Show confirmation dialog when deleting user (WA)
  • Breaking changes:
    • Account lockout now enabled by default

1.8.4 (2020-08-08)

  • Fixed access issue (WA)

1.8.3 (2020-07-29)

1.8.2 (2020-07-27)

  • burusftp init also checks configuration files

1.8.1 (2020-07-21)

  • Fixed freeze on certain IP filter ranges and logging set to debug

1.8.0 (2020-07-16)

  • Added burusftp init command for quick non-interactive installation - see burusftp init
  • Fixed handling of unknown SSH packets received before authentication.
  • Fixed auto-redirection to home page after login (WA)
  • Fixed installation abort when service user not found
  • Workaround for very old OpenSSH 4.x/5.x clients that refuse to accept data packets while SSH renegotiation is in progress.
  • Web administration can now start even without valid configuration file
  • Breaking changes:
    • Changed access log default level to Information (was Warning)
    • Unsupported SSH algorithms will prevent server from starting (before just displayed an error)
    • (users.usernameCaseSensitive) option is no longer supported. Usernames case-insensitive.

1.7.4 (2020-05-26)

  • Minor UI tweaks in web administration (WA)
  • Fixed license check for beta versions

1.7.3 (2020-05-22)

  • Fixed Chacha20-Poly1305 decryption issue

1.7.2 (2020-05-18)

  • Fixed license upgrade page (WA)

1.7.1 (2020-05-05)

  • Support for aes256-gcm@openssh.com and aes128-gcm@openssh.com encryption (enabled by default) - see configuration
  • Support for hmac-sha2-512-etm@openssh.com and hmac-sha2-256-etm@openssh.com MACs (enabled by default) - see configuration

1.7.0 (2020-05-04)

  • Support for two-factor authentication (password + public key) - see burusftp user add, burusftp user update
  • Support for chacha20-poly1305@openssh.com encryption (enabled by default) - see configuration
  • Support for curve25519-sha256 key exchange (enabled by default) - see configuration
  • Added support for 'check-file' SFTP extension, making it possible to calculate hashes of remote files
  • Fixed hanging burusftpwa.exe service after service shutdown
  • Fixed reporting of writable permissions for read-only files

1.6.0 (2020-04-28)

  • New design of web administration UI
  • Changed some configuration defaults:
    • config/config.yaml is now required for the server to start.
    • Default server keys location is now config/keys (was /keys). /keys directory is still used in search when no paths are specified.
  • Configuration file is now generated upon install.
  • Keys are now generated upon install. You can still generate the keys manually - see burusftp keygen
  • Configuration samples (e.g. config/config-sample.yaml) are renamed to examples (config/config-example.yaml)
  • Added default configuration files (e.g. config/config-default.yaml)
  • Added checking for duplicate port bindings
  • Cannot start server without fully persisted SSH keys
  • Browser should no longer autofill passwords on user administration page
  • Removed invalid warning when hostname was supplied as hostname for web admin binding
  • Obsoleted configuration keys are no longer supported

1.5.0 (2020-03-23)

  • Fixed SFTP/SCP binding deserialization issue
  • FileZilla import (experimental)
  • Upgraded to .NET Core 3.1
  • Removed support for obsoleted enableCrashReporting flag

1.4.3 (2019-08-06)

  • Improved error message when service fails to start
  • Fixed error message when license expired

1.4.2 (2019-06-10)

  • Fixed error message when loading invalid user SSH public key
  • Fixed loading of authorized_keys format of user public keys
  • Fixed log level dropdown (WA)
  • Fixed WA log display (WA)
  • Key manipulation messages are more readable

1.4.1 (2019-05-20)

  • Fixed virtual path validation

1.4.0 (2019-05-10)

  • Added 32-bit Windows version

1.3.2 (2019-04-24)

1.3.1 (2019-04-17)

  • Fixed console log level

1.3.0 (2019-04-03)

  • Access log now also includes IP addresses
  • Fixed 'File not found' issue for virtual paths mounted into existing filesystem
  • Fixed verbose log level when writing to logfile
  • Empty audit file no longer created on startup in logging folder

1.2.0 (2019-03-20)

  • Added virtual path format check (WA, path command)
  • Installer now grants 'Logon as Service' privilege for service user
  • Fixed typos in webconfig configuration documentation
  • Fixed SSH alias execution when user has no path mappings
  • Fixed install process privilege elevation when run from mingw shell
  • Fixed service user lookup for users without domain qualified name

1.1.3 (2019-02-22)

  • Fixed parsing of obsoleted values in config.yaml

1.1.2 (2019-02-21)

1.1.1 (2019-02-19)

  • Added an option to disable username case sensitivity
  • Minor WA user interface enhancements

1.1.0 (2019-02-07)

  • Fixed memory leak (updated internal libraries)
  • Password salt size, algorithm and username regex patterns moved to 'users' section in config.yaml. Old configuration files are still compatible but a warning will be shown.
  • Fixed loading of PKCS#8 public keys
  • WA - Fixed redirection to login page when user session expired
  • WA - Fixed username regex pattern not being properly applied
  • WA - External changes now properly trigger reload of config.yaml configuration file
  • Removed crash reporter (errors are saved to logfiles)

1.0.4 (2018-12-11)

  • Added minLevel and aspNetMinLevel to WA configuration

1.0.3 (2018-11-21)

  • Support for authorized_keys users' public keys
  • Updated internal libraries

1.0.2 (2018-11-08)

  • Added user list command
  • Fixed logging of unhandled exceptions
  • Fixed notification of user public key error (web admin)
  • path list no longer encloses username in double quotes

1.0.1 (2018-10-22)

  • Added support for custom shell host names
  • Added logging section to webadmin server configuration

1.0.0 (2018-10-04)

  • BREAKING: Changed user database format
  • Non-admin accounts can no longer log in to web administration (there was no content available anyway)
  • Removed SSH Tunneling configuration section from web administration (as it was still incomplete)
  • Fixed algorithm selection widget that didn't work properly in Chrome / Edge

0.2.2 (2018-10-03)

  • BREAKING: Logging configuration section revamped
    • Added an option to specify different server and access log locations
    • Can specify minimal level for server log
  • BREAKING: WebAdmin role setting simplified
    • Users can now access web administration by adding --webadmin to user add or user update.
    • Revoking WebAdmin role is done by adding --noadmin to user update
  • Displays warnings when SFTP server service does not have access to user folder or folder does not exist
  • Minor UI tweaks

0.2.1 (2018-09-18)

  • BREAKING: SSH algorithms use __INTERMEDIATE level (previous: __MODERN) for increased compatibility
  • Fixed an issue where SSH algos were not draggable in web administration
  • Fixed SSH key information in web administration
  • Fixed 'burusftpwa svc' auto-elevation

0.2.0 (2018-09-18)

  • BREAKING: User database no longer contains default user - user must be created manually using burusftp install or burusftp user add
  • BREAKING: Using NETWORK SERVICE user as default when installed as Windows Service
  • Install/uninstall scripts with auto-elevation (burusftp install)
  • Fixed error when startup type was explicitly set for svc install
  • Errors and warnings are shown with an alert in console
  • Minor UI fixes

0.1.12 (2018-07-13)

  • Service startup Windows Eventlog logging support

0.1.11 (2018-07-11)

  • Fixed missing manpage for 'burusftp user update'
  • Fixed manpage crash when console buffer height was too small
  • Manpage support for msys console
  • Additional SSH public key formats