Release notes

1.9.1 (2020-10-12)

  • Support recursive directory creation (mkdir -p)
  • No longer logging packet data in verbose mode

1.9.0 (2020-08-10)

  • Account lockout support
  • Show confirmation dialog when deleting user (WA)
  • Breaking changes:
    • Account lockout now enabled by default

1.8.4 (2020-08-08)

  • Fixed access issue (WA)

1.8.3 (2020-07-29)

1.8.2 (2020-07-27)

  • buru init also checks configuration files

1.8.1 (2020-07-21)

  • Fixed freeze on certain IP filter ranges and logging set to debug

1.8.0 (2020-07-16)

  • Added buru init command for quick non-interactive installation - see buru init
  • Fixed handling of unknown SSH packets received before authentication.
  • Fixed auto-redirection to home page after login (WA)
  • Fixed installation abort when service user not found
  • Workaround for very old OpenSSH 4.x/5.x clients that refuse to accept data packets while SSH renegotiation is in progress.
  • Web administration can now start even without valid configuration file
  • Breaking changes:
    • Changed access log default level to Information (was Warning)
    • Unsupported SSH algorithms will prevent server from starting (before just displayed an error)
    • (users.usernameCaseSensitive) option is no longer supported. Usernames case-insensitive.

1.7.4 (2020-05-26)

  • Minor UI tweaks in web administration (WA)
  • Fixed license check for beta versions

1.7.3 (2020-05-22)

  • Fixed Chacha20-Poly1305 decryption issue

1.7.2 (2020-05-18)

  • Fixed license upgrade page (WA)

1.7.1 (2020-05-05)

  • Support for aes256-gcm@openssh.com and aes128-gcm@openssh.com encryption (enabled by default) - see configuration
  • Support for hmac-sha2-512-etm@openssh.com and hmac-sha2-256-etm@openssh.com MACs (enabled by default) - see configuration

1.7.0 (2020-05-04)

  • Support for two-factor authentication (password + public key) - see buru user add, buru user update
  • Support for chacha20-poly1305@openssh.com encryption (enabled by default) - see configuration
  • Support for curve25519-sha256 key exchange (enabled by default) - see configuration
  • Added support for 'check-file' SFTP extension, making it possible to calculate hashes of remote files
  • Fixed hanging buruwa.exe service after service shutdown
  • Fixed reporting of writable permissions for read-only files

1.6.0 (2020-04-28)

  • New design of web administration UI
  • Changed some configuration defaults:
    • config/config.yaml is now required for the server to start.
    • Default server keys location is now config/keys (was /keys). /keys directory is still used in search when no paths are specified.
  • Configuration file is now generated upon install.
  • Keys are now generated upon install. You can still generate the keys manually - see buru keygen
  • Configuration samples (e.g. config/config-sample.yaml) are renamed to examples (config/config-example.yaml)
  • Added default configuration files (e.g. config/config-default.yaml)
  • Added checking for duplicate port bindings
  • Cannot start server without fully persisted SSH keys
  • Browser should no longer autofill passwords on user administration page
  • Removed invalid warning when hostname was supplied as hostname for web admin binding
  • Obsoleted configuration keys are no longer supported

1.5.0 (2020-03-23)

  • Fixed SFTP/SCP binding deserialization issue
  • FileZilla import (experimental)
  • Upgraded to .NET Core 3.1
  • Removed support for obsoleted enableCrashReporting flag

1.4.3 (2019-08-06)

  • Improved error message when service fails to start
  • Fixed error message when license expired

1.4.2 (2019-06-10)

  • Fixed error message when loading invalid user SSH public key
  • Fixed loading of authorized_keys format of user public keys
  • Fixed log level dropdown (WA)
  • Fixed WA log display (WA)
  • Key manipulation messages are more readable

1.4.1 (2019-05-20)

  • Fixed virtual path validation

1.4.0 (2019-05-10)

  • Added 32-bit Windows version

1.3.2 (2019-04-24)

1.3.1 (2019-04-17)

  • Fixed console log level

1.3.0 (2019-04-03)

  • Access log now also includes IP addresses
  • Fixed 'File not found' issue for virtual paths mounted into existing filesystem
  • Fixed verbose log level when writing to logfile
  • Empty audit file no longer created on startup in logging folder

1.2.0 (2019-03-20)

  • Added virtual path format check (WA, path command)
  • Installer now grants 'Logon as Service' privilege for service user
  • Fixed typos in webconfig configuration documentation
  • Fixed SSH alias execution when user has no path mappings
  • Fixed install process privilege elevation when run from mingw shell
  • Fixed service user lookup for users without domain qualified name

1.1.3 (2019-02-22)

  • Fixed parsing of obsoleted values in config.yaml

1.1.2 (2019-02-21)

1.1.1 (2019-02-19)

  • Added an option to disable username case sensitivity
  • Minor WA user interface enhancements

1.1.0 (2019-02-07)

  • Fixed memory leak (updated internal libraries)
  • Password salt size, algorithm and username regex patterns moved to 'users' section in config.yaml. Old configuration files are still compatible but a warning will be shown.
  • Fixed loading of PKCS#8 public keys
  • WA - Fixed redirection to login page when user session expired
  • WA - Fixed username regex pattern not being properly applied
  • WA - External changes now properly trigger reload of config.yaml configuration file
  • Removed crash reporter (errors are saved to logfiles)

1.0.4 (2018-12-11)

  • Added minLevel and aspNetMinLevel to WA configuration

1.0.3 (2018-11-21)

  • Support for authorized_keys users' public keys
  • Updated internal libraries

1.0.2 (2018-11-08)

  • Added user list command
  • Fixed logging of unhandled exceptions
  • Fixed notification of user public key error (web admin)
  • path list no longer encloses username in double quotes

1.0.1 (2018-10-22)

  • Added support for custom shell host names
  • Added logging section to webadmin server configuration

1.0.0 (2018-10-04)

  • BREAKING: Changed user database format
  • Non-admin accounts can no longer log in to web administration (there was no content available anyway)
  • Removed SSH Tunneling configuration section from web administration (as it was still incomplete)
  • Fixed algorithm selection widget that didn't work properly in Chrome / Edge

0.2.2 (2018-10-03)

  • BREAKING: Logging configuration section revamped
    • Added an option to specify different server and access log locations
    • Can specify minimal level for server log
  • BREAKING: WebAdmin role setting simplified
    • Users can now access web administration by adding --webadmin to user add or user update.
    • Revoking WebAdmin role is done by adding --noadmin to user update
  • Displays warnings when SFTP server service does not have access to user folder or folder does not exist
  • Minor UI tweaks

0.2.1 (2018-09-18)

  • BREAKING: SSH algorithms use __INTERMEDIATE level (previous: __MODERN) for increased compatibility
  • Fixed an issue where SSH algos were not draggable in web administration
  • Fixed SSH key information in web administration
  • Fixed 'buruwa svc' auto-elevation

0.2.0 (2018-09-18)

  • BREAKING: User database no longer contains default user - user must be created manually using buru install or buru user add
  • BREAKING: Using NETWORK SERVICE user as default when installed as Windows Service
  • Install/uninstall scripts with auto-elevation (buru install)
  • Fixed error when startup type was explicitly set for svc install
  • Errors and warnings are shown with an alert in console
  • Minor UI fixes

0.1.12 (2018-07-13)

  • Service startup Windows Eventlog logging support

0.1.11 (2018-07-11)

  • Fixed missing manpage for 'buru user update'
  • Fixed manpage crash when console buffer height was too small
  • Manpage support for msys console
  • Additional SSH public key formats